Trojaner-Board - Trojaner Pup.Blabbers

Sorry,hier is der neue Log.

Code:

OTL logfile created on: 20.07.2012 17:46:35 - Run 1

OTL by OldTimer - Version 3.2.54.0     Folder = C:\Users\Chris\Desktop

Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.19088)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,99 Gb Total Physical Memory | 1,57 Gb Available Physical Memory | 52,59% Memory free

9,47 Gb Paging File | 8,12 Gb Available in Paging File | 85,68% Paging File free

Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 0 0 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 144,04 Gb Total Space | 22,16 Gb Free Space | 15,38% Space Free | Partition Type: NTFS

Drive D: | 144,04 Gb Total Space | 92,42 Gb Free Space | 64,16% Space Free | Partition Type: NTFS

 

Computer Name: CHRIS-PC | User Name: Chris | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.07.20 06:51:22 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Desktop\otl(1).exe

PRC - [2012.03.28 01:14:06 | 000,138,232 | R--- | M] (Symantec Corporation) -- C:\Programme\Norton Internet Security\Engine\19.7.1.5\ccsvchst.exe

PRC - [2009.10.25 14:17:24 | 001,251,720 | ---- | M] () -- C:\Programme\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- D:\Neuer Ordner\Spybot - Search & Destroy\TeaTimer.exe

PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- D:\Neuer Ordner\Spybot - Search & Destroy\SDWinSec.exe

PRC - [2009.01.09 19:46:32 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin

PRC - [2009.01.09 19:45:26 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe

PRC - [2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2008.09.12 11:43:25 | 000,091,440 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

PRC - [2008.07.24 18:27:57 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Chris\AppData\Local\Temp\RtkBtMnt.exe

PRC - [2008.07.03 19:06:52 | 003,772,136 | ---- | M] () -- C:\Programme\Acer\Acer Bio Protection\PwdBank.exe

PRC - [2008.07.03 19:06:48 | 003,294,720 | ---- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Programme\Acer\Acer Bio Protection\CompPtcVUI.exe

PRC - [2008.07.03 19:06:40 | 003,471,360 | ---- | M] () -- C:\Programme\Acer\Acer Bio Protection\BASVC.exe

PRC - [2008.07.03 19:06:33 | 003,607,040 | ---- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Programme\Acer\Acer Bio Protection\PdtWzd.exe

PRC - [2008.05.21 14:00:22 | 000,821,768 | ---- | M] (Dritek System Inc.) -- C:\Programme\Launch Manager\QtZgAcer.EXE

PRC - [2008.05.12 22:11:04 | 000,167,936 | ---- | M] (CyberLink) -- C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe

PRC - [2008.05.12 22:10:54 | 000,147,456 | ---- | M] (CyberLink Corp.) -- C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe

PRC - [2008.05.12 17:28:04 | 000,167,936 | ---- | M] (Acer Corp.) -- C:\Programme\Acer Arcade Deluxe\PlayMovie\PMVService.exe

PRC - [2008.05.02 02:44:08 | 000,805,392 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech\SetPoint\SetPoint.exe

PRC - [2008.05.02 02:40:56 | 000,076,304 | ---- | M] (Logitech, Inc.) -- C:\Programme\Common Files\Logishrd\KHAL2\KHALMNPR.exe

PRC - [2008.04.28 09:35:36 | 006,111,232 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe

PRC - [2008.04.23 15:58:54 | 000,397,312 | ---- | M] (Acer Inc.) -- C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe

PRC - [2008.04.15 17:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe

PRC - [2008.04.15 17:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe

PRC - [2008.03.21 13:22:52 | 000,024,576 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe

PRC - [2008.03.18 05:27:12 | 000,013,312 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe

PRC - [2008.03.04 23:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe

PRC - [2008.03.04 23:38:28 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe

PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe

PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe

PRC - [2008.01.21 04:23:29 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe

PRC - [2008.01.16 18:35:02 | 000,081,504 | ---- | M] () -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe

PRC - [2007.12.06 16:15:28 | 000,110,592 | ---- | M] () -- C:\ACER\Mobility Center\MobilityService.exe

PRC - [2007.10.23 10:56:18 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe

PRC - [2007.09.26 10:53:56 | 000,554,352 | ---- | M] (Symantec Corporation) -- C:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe

PRC - [2007.09.06 16:30:18 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Programme\Common Files\Symantec Shared\ccApp.exe

PRC - [2007.09.06 16:29:46 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Programme\Common Files\Symantec Shared\ccSvcHst.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2011.06.29 06:29:37 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c933fd5d1d27f268331890d7ddba8fec\System.ServiceProcess.ni.dll

MOD - [2011.06.29 06:29:25 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1ba19f8efcff8ad7f972aa38ab9a15f5\System.Runtime.Remoting.ni.dll

MOD - [2011.06.29 06:18:00 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll

MOD - [2011.06.29 06:17:52 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll

MOD - [2011.06.29 06:16:52 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll

MOD - [2011.06.29 06:16:41 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll

MOD - [2008.09.12 11:43:19 | 000,064,664 | ---- | M] () -- C:\Programme\Logitech\Desktop Messenger\8876480\8.1.1.87-8876480SL\Program\clntutil.dll

MOD - [2008.07.29 13:55:14 | 000,969,728 | ---- | M] () -- C:\Programme\OpenOffice.org 3\program\libxml2.dll

MOD - [2008.07.03 19:06:52 | 003,772,136 | ---- | M] () -- C:\Programme\Acer\Acer Bio Protection\PwdBank.exe

MOD - [2008.05.12 22:11:06 | 000,753,664 | ---- | M] () -- C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll

MOD - [2008.05.12 22:11:02 | 000,007,680 | ---- | M] () -- C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll

MOD - [2008.04.23 15:58:20 | 000,204,800 | ---- | M] () -- C:\Windows\System32\SysHook.dll

MOD - [2008.04.18 10:52:43 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3006.0__4df5dcab8860d239\Framework.Utility.dll

MOD - [2008.04.18 10:52:42 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3006.0__3036420f80dd6947\Framework.Library.dll

MOD - [2008.04.18 10:52:42 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3006.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll

MOD - [2008.04.04 03:00:58 | 000,003,072 | ---- | M] () -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll

MOD - [2008.03.04 23:38:16 | 000,227,888 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll

MOD - [2007.10.23 10:56:18 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - File not found [Auto | Running] -- D:\Neuer Ordner\Spybot -- (SBSDWSCService)

SRV - [2012.07.11 21:24:12 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012.06.15 00:17:46 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012.03.28 01:14:06 | 000,138,232 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe -- (NIS)

SRV - [2011.09.25 16:57:53 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2009.10.25 14:17:24 | 001,251,720 | ---- | M] () [On_Demand | Running] -- C:\Programme\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)

SRV - [2008.07.03 19:06:40 | 003,471,360 | ---- | M] () [Auto | Running] -- C:\Programme\Acer\Acer Bio Protection\BASVC.exe -- (IGBASVC)

SRV - [2008.05.02 02:42:06 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)

SRV - [2008.04.15 17:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)

SRV - [2008.03.21 13:22:52 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe -- (ETService)

SRV - [2008.03.18 05:27:12 | 000,013,312 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)

SRV - [2008.03.04 23:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)

SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)

SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2008.01.16 18:35:02 | 000,081,504 | ---- | M] () [Auto | Running] -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)

SRV - [2007.12.06 16:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\ACER\Mobility Center\MobilityService.exe -- (MobilityService)

SRV - [2007.09.26 10:53:56 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)

SRV - [2007.09.26 10:53:56 | 000,554,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatisches LiveUpdate - Scheduler)

SRV - [2007.09.06 16:29:46 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)

SRV - [2007.09.06 16:29:46 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)

SRV - [2007.09.06 16:29:46 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)

SRV - [2007.05.31 10:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)

SRV - [2007.05.31 10:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)

DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\avfsfilter.sys -- (AVFSFilter)

DRV - [2012.07.04 09:18:21 | 001,589,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20120719.035\NAVEX15.SYS -- (NAVEX15)

DRV - [2012.07.04 09:18:21 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Programme\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)

DRV - [2012.07.04 09:18:21 | 000,087,928 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20120719.035\NAVENG.SYS -- (NAVENG)

DRV - [2012.06.19 02:01:14 | 000,821,920 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20120711.002\BHDrvx86.sys -- (BHDrvx86)

DRV - [2012.06.14 20:39:26 | 000,382,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20120719.002\IDSvix86.sys -- (IDSVix86)

DRV - [2012.05.31 07:57:23 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Programme\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)

DRV - [2012.03.29 08:28:37 | 000,345,208 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1307010.005\symtdiv.sys -- (SYMTDIv)

DRV - [2012.03.29 08:28:30 | 000,905,336 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NIS\1307010.005\symefa.sys -- (SymEFA)

DRV - [2012.03.29 08:06:25 | 000,149,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1307010.005\ironx86.sys -- (SymIRON)

DRV - [2012.03.29 08:03:27 | 000,574,072 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\NIS\1307010.005\srtsp.sys -- (SRTSP)

DRV - [2012.03.29 08:03:27 | 000,032,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1307010.005\srtspx.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)

DRV - [2012.03.26 22:03:24 | 000,141,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)

DRV - [2011.11.30 00:44:14 | 000,132,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1307010.005\ccsetx86.sys -- (ccSet_NIS)

DRV - [2011.08.16 00:51:40 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NIS\1307010.005\symds.sys -- (SymDS)

DRV - [2009.01.30 10:12:00 | 007,544,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2008.12.22 14:47:38 | 000,051,232 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)

DRV - [2008.07.03 19:06:36 | 000,043,184 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AlfaFF.sys -- (AlfaFF)

DRV - [2008.05.09 12:03:58 | 000,061,424 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Programme\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})

DRV - [2008.04.28 00:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)

DRV - [2008.04.25 10:31:26 | 000,146,688 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)

DRV - [2008.04.21 05:07:00 | 000,081,296 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)

DRV - [2008.04.15 04:20:48 | 000,025,856 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVerA310USB.sys -- (A310)

DRV - [2008.04.15 04:20:38 | 000,042,880 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVerA310Cap.sys -- (BDASwCap)

DRV - [2008.02.29 23:56:44 | 000,108,424 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zebrmdmc.sys -- (zebrmdmc) Sony Ericsson mRouter Port (WDM)

DRV - [2008.02.29 23:56:44 | 000,108,296 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zebrmdm.sys -- (zebrmdm) Sony Ericsson Port (WDM)

DRV - [2008.02.29 23:56:44 | 000,083,080 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zebrbus.sys -- (zebrbus)

DRV - [2008.02.29 23:56:44 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zebrmdfl.sys -- (zebrmdfl)

DRV - [2008.02.29 09:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)

DRV - [2008.02.29 03:13:46 | 000,028,944 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)

DRV - [2008.02.29 03:13:24 | 000,036,880 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)

DRV - [2008.02.29 03:13:16 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)

DRV - [2008.01.21 04:23:26 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)

DRV - [2008.01.16 18:35:08 | 000,122,368 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys -- (NTIPPKernel)

DRV - [2007.07.31 04:17:26 | 000,418,864 | ---- | M] (Symantec Corporation) [Kernel | Disabled | Stopped] -- C:\Programme\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)

DRV - [2007.03.28 07:51:40 | 000,043,008 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winbondcir.sys -- (winbondcir)

DRV - [2007.01.26 08:32:18 | 000,069,632 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.intl.acer.yahoo.com

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-691566535-1831531465-2982929279-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]

IE - HKU\S-1-5-21-691566535-1831531465-2982929279-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie

IE - HKU\S-1-5-21-691566535-1831531465-2982929279-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com

IE - HKU\S-1-5-21-691566535-1831531465-2982929279-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com

IE - HKU\S-1-5-21-691566535-1831531465-2982929279-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKU\S-1-5-21-691566535-1831531465-2982929279-1000\..\URLSearchHook:  - No CLSID value found

IE - HKU\S-1-5-21-691566535-1831531465-2982929279-1000\..\SearchScopes,DefaultScope = {084CB353-AE71-4C92-8375-5DD43F4DF8CE}

IE - HKU\S-1-5-21-691566535-1831531465-2982929279-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC

IE - HKU\S-1-5-21-691566535-1831531465-2982929279-1000\..\SearchScopes\{084CB353-AE71-4C92-8375-5DD43F4DF8CE}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_de

IE - HKU\S-1-5-21-691566535-1831531465-2982929279-1000\..\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}: "URL" = hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms}

IE - HKU\S-1-5-21-691566535-1831531465-2982929279-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=sm

IE - HKU\S-1-5-21-691566535-1831531465-2982929279-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADBS

IE - HKU\S-1-5-21-691566535-1831531465-2982929279-1000\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = hxxp://int.search-results.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=NIS&chn=retail&geo=DE&ver=18

IE - HKU\S-1-5-21-691566535-1831531465-2982929279-1000\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-acer

IE - HKU\S-1-5-21-691566535-1831531465-2982929279-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: ""

FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/"

FF - user.js - File not found

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Chris\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn\ [2012.07.14 14:40:18 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\ [2012.07.20 14:05:05 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.14 15:01:56 | 000,000,000 | ---D | M]

 

[2012.02.04 21:29:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Extensions

[2012.07.19 21:00:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\1ajxtb94.default\extensions

[2012.03.28 09:36:13 | 000,002,449 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\1ajxtb94.default\searchplugins\safesearch.xml

[2012.07.14 15:01:56 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

[2012.07.14 14:40:18 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPLGN

[2012.06.15 00:19:07 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2012.06.15 00:46:57 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012.06.15 00:46:56 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2012.06.15 00:46:57 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml

[2012.06.15 00:46:57 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml

[2012.06.15 00:46:57 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml

[2012.06.15 00:46:56 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

 
 ========== Chrome  ==========

 

CHR - default_search_provider:  (Enabled)

CHR - default_search_provider: search_url = 

CHR - default_search_provider: suggest_url = 

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll

CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: YouTube = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: YouTube = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\

CHR - Extension: Google-Suche = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\

CHR - Extension: Google-Suche = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: Norton Identity Protection = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.4.6_0\

 

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: ::1             localhost

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton Internet Security\Engine\19.7.1.5\coieplg.dll (Symantec Corporation)

O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton Internet Security\Engine\19.7.1.5\ips\ipsbho.dll (Symantec Corporation)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.

O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Engine\19.7.1.5\coieplg.dll (Symantec Corporation)

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O3 - HKU\S-1-5-21-691566535-1831531465-2982929279-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)

O3 - HKU\S-1-5-21-691566535-1831531465-2982929279-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Engine\19.7.1.5\coieplg.dll (Symantec Corporation)

O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)

O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)

O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)

O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)

O4 - HKLM..\Run: [eDataSecurity Loader] C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)

O4 - HKLM..\Run: [ePower_DMC] C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)

O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)

O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)

O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)

O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)

O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()

O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [WarReg_PopUp] C:\Programme\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)

O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-21-691566535-1831531465-2982929279-1000..\Run: [SpybotSD TeaTimer] D:\Neuer Ordner\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)

O4 - HKU\S-1-5-21-691566535-1831531465-2982929279-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)

O4 - Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()

O4 - Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk =  File not found

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Security present

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing present

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\ZOOM present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Security present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\ZOOM present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Security present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\ZOOM present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Security present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\ZOOM present

O7 - HKU\S-1-5-21-691566535-1831531465-2982929279-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-691566535-1831531465-2982929279-1000\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-21-691566535-1831531465-2982929279-1000\Software\Policies\Microsoft\Internet Explorer\Security present

O7 - HKU\S-1-5-21-691566535-1831531465-2982929279-1000\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing present

O7 - HKU\S-1-5-21-691566535-1831531465-2982929279-1000\Software\Policies\Microsoft\Internet Explorer\ZOOM present

O7 - HKU\S-1-5-21-691566535-1831531465-2982929279-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\S-1-5-21-691566535-1831531465-2982929279-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0

O7 - HKU\S-1-5-21-691566535-1831531465-2982929279-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255

O7 - HKU\S-1-5-21-691566535-1831531465-2982929279-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1

O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found

O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)

O9 - Extra Button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks Basic Edition\Norton Cleanup\WCQuick.lnk ()

O9 - Extra 'Tools' menuitem : Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks Basic Edition\Norton Cleanup\WCQuick.lnk ()

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)

O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{130DF8FB-FE1A-4F58-BA74-52C5BE598997}: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6A250EB2-C942-40C9-8010-CEC49AE5F15E}: DhcpNameServer = 192.168.2.1

O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)

O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Common Files\microsoft shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - (C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll) - C:\Programme\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)

O24 - Desktop WallPaper: D:\Simons Hochzeit\Simons Hochzeit 03.09.11\P1050047.JPG

O24 - Desktop BackupWallPaper: D:\Simons Hochzeit\Simons Hochzeit 03.09.11\P1050047.JPG

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

NetSvcs: FastUserSwitchingCompatibility -  File not found

NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)

NetSvcs: Nla -  File not found

NetSvcs: Ntmssvc -  File not found

NetSvcs: NWCWorkstation -  File not found

NetSvcs: Nwsapagent -  File not found

NetSvcs: SRService -  File not found

NetSvcs: WmdmPmSp -  File not found

NetSvcs: LogonHours -  File not found

NetSvcs: PCAudit -  File not found

NetSvcs: helpsvc -  File not found

NetSvcs: uploadmgr -  File not found

 

 

SafeBootMin: AppMgmt - Service

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: NTDS -  File not found

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet: AppMgmt - Service

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: NTDS -  File not found

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 8.5.1

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0

ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0.3

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0.3

ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework

ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.i420 - i420vfw.dll File not found

Drivers32: VIDC.XFR1 - C:\Windows\System32\xfcodec.dll ()

Drivers32: vidc.yv12 - yv12vfw.dll File not found

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.07.20 06:51:21 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Chris\Desktop\otl(1).exe

[2012.07.18 17:34:26 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2012.07.18 17:30:35 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Chris\Desktop\esetsmartinstaller_enu.exe

[2012.07.14 16:06:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy

[2012.07.14 16:06:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy

[2012.07.14 15:01:57 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service

[2012.07.14 15:01:55 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2012.07.13 22:41:35 | 000,000,000 | ---D | C] -- C:\ProgramData\clp

[2012.07.13 22:41:20 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Fighters

[2012.07.13 22:40:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Common Toolkit Suite

[2012.07.13 22:39:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Fighters

[2012.07.13 21:12:39 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Malwarebytes

[2012.07.13 21:12:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012.07.13 20:55:29 | 000,159,608 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe.93de.deleteme

[2012.07.13 20:54:31 | 000,014,664 | ---- | C] (McAfee, Inc.) -- C:\Windows\stinger.sys

[2012.07.13 20:54:17 | 000,159,608 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe.3da9.deleteme

[2012.07.13 20:52:28 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Messenger_Plus_Live

[2012.07.13 20:52:06 | 000,000,000 | ---D | C] -- C:\Program Files\stinger

[2012.07.11 09:33:32 | 000,000,000 | ---D | C] -- C:\Program Files\Java

[2012.07.09 06:28:53 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\Alex

[2012.07.05 17:32:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peter Games

[2012.07.05 17:32:38 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Peter Games

[2012.07.03 18:38:01 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents\Steuer

[2012.07.03 18:07:46 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Buhl Data Service

[2012.07.03 18:07:43 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Buhl Data Service

[2012.07.03 18:06:23 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Buhl

[2012.07.03 17:26:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\Visagesoft

[2012.07.03 17:26:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\AIM

[2012.07.03 17:26:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Konz Steuertricks

[2012.07.03 17:25:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer 2011

[2012.07.03 17:22:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Buhl Data Service GmbH

[2012.07.03 17:21:11 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\Steuer 2011

[2012.06.24 10:41:32 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Macromedia

[2008.09.12 11:13:48 | 007,387,792 | ---- | C] (InstallShield Software Corporation) -- C:\Users\Chris\ldm256_logitech.exe

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.07.20 17:45:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.07.20 17:22:59 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.07.20 16:04:48 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2012.07.20 16:04:48 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2012.07.20 14:45:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.07.20 14:12:28 | 000,674,860 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2012.07.20 14:12:28 | 000,634,678 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2012.07.20 14:12:28 | 000,146,512 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2012.07.20 14:12:28 | 000,120,242 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2012.07.20 14:08:50 | 000,031,871 | ---- | M] () -- C:\ProgramData\nvModes.001

[2012.07.20 14:04:59 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml

[2012.07.20 14:04:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.07.20 14:04:33 | 3215,851,520 | -HS- | M] () -- C:\hiberfil.sys

[2012.07.20 07:23:36 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat

[2012.07.20 06:51:22 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Desktop\otl(1).exe

[2012.07.20 06:28:48 | 000,031,871 | ---- | M] () -- C:\ProgramData\nvModes.dat

[2012.07.19 18:10:17 | 000,624,883 | ---- | M] () -- C:\Users\Chris\Desktop\adwcleaner.exe

[2012.07.18 17:30:36 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Chris\Desktop\esetsmartinstaller_enu.exe

[2012.07.18 11:52:11 | 000,002,623 | ---- | M] () -- C:\Users\Chris\Desktop\Microsoft Word.lnk

[2012.07.15 19:58:55 | 000,000,000 | ---- | M] () -- C:\Users\Chris\defogger_reenable

[2012.07.15 19:54:11 | 000,050,477 | ---- | M] () -- C:\Users\Chris\Desktop\Defogger.exe

[2012.07.14 16:06:18 | 000,000,846 | ---- | M] () -- C:\Users\Chris\Desktop\Spybot - Search & Destroy.lnk

[2012.07.14 15:01:58 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2012.07.13 21:18:18 | 000,000,039 | RH-- | M] () -- C:\Users\Chris\Desktop\stinger_10.2.0.693.opt

[2012.07.13 21:07:19 | 000,014,664 | ---- | M] (McAfee, Inc.) -- C:\Windows\stinger.sys

[2012.07.13 20:59:33 | 000,250,368 | ---- | M] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012.07.13 20:55:27 | 000,159,608 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe.93de.deleteme

[2012.07.13 20:54:15 | 000,159,608 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe.3da9.deleteme

[2012.07.13 20:52:27 | 000,002,030 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk

[2012.07.12 06:47:14 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2012.07.06 16:56:49 | 000,000,734 | ---- | M] () -- C:\Windows\wiso.ini

[2012.07.05 17:32:48 | 000,000,628 | ---- | M] () -- C:\Users\Chris\Desktop\Officers.lnk

[2012.07.03 17:26:54 | 000,001,511 | ---- | M] () -- C:\Users\Public\Desktop\Steuer 2011.lnk

[2012.07.03 17:26:11 | 000,001,590 | ---- | M] () -- C:\Users\Public\Desktop\Konz 2012 - 1000 Steuertricks.lnk

 
 ========== Files Created - No Company Name ==========

 

[2012.07.19 18:10:17 | 000,624,883 | ---- | C] () -- C:\Users\Chris\Desktop\adwcleaner.exe

[2012.07.15 19:58:55 | 000,000,000 | ---- | C] () -- C:\Users\Chris\defogger_reenable

[2012.07.15 19:54:01 | 000,050,477 | ---- | C] () -- C:\Users\Chris\Desktop\Defogger.exe

[2012.07.14 16:06:18 | 000,000,846 | ---- | C] () -- C:\Users\Chris\Desktop\Spybot - Search & Destroy.lnk

[2012.07.14 15:01:58 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2012.07.14 15:01:58 | 000,000,850 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2012.07.13 20:52:27 | 000,002,030 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk

[2012.07.13 20:52:24 | 000,000,039 | RH-- | C] () -- C:\Users\Chris\Desktop\stinger_10.2.0.693.opt

[2012.07.05 17:32:47 | 000,000,628 | ---- | C] () -- C:\Users\Chris\Desktop\Officers.lnk

[2012.07.03 18:06:30 | 000,000,734 | ---- | C] () -- C:\Windows\wiso.ini

[2012.07.03 17:26:54 | 000,001,511 | ---- | C] () -- C:\Users\Public\Desktop\Steuer 2011.lnk

[2012.07.03 17:26:40 | 000,000,696 | ---- | C] () -- C:\Windows\System32\jetodbc.rsp

[2012.07.03 17:26:11 | 000,001,590 | ---- | C] () -- C:\Users\Public\Desktop\Konz 2012 - 1000 Steuertricks.lnk

[2010.08.31 13:17:44 | 000,000,204 | ---- | C] () -- C:\Windows\RomeTW.ini

[2009.03.10 17:40:12 | 000,000,916 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\EasyToolz.ini

[2009.03.07 22:32:32 | 000,031,871 | ---- | C] () -- C:\ProgramData\nvModes.001

[2009.03.07 22:32:27 | 000,031,871 | ---- | C] () -- C:\ProgramData\nvModes.dat

[2008.11.26 18:42:42 | 000,024,206 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\UserTile.png

[2008.10.31 14:40:26 | 000,000,114 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\wklnhst.dat

[2008.10.28 16:32:08 | 000,008,268 | ---- | C] () -- C:\Users\Chris\AppData\Local\d3d9caps.dat

[2008.08.21 08:19:12 | 019,153,264 | ---- | C] () -- C:\Users\Chris\aaw2008.exe

[2008.08.20 12:59:51 | 000,022,328 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\PnkBstrK.sys

[2008.07.30 16:59:59 | 000,250,368 | ---- | C] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

 
 ========== LOP Check ==========

 

[2010.12.05 00:54:22 | 000,000,000 | -HSD | M] -- C:\Users\Chris\AppData\Roaming\.#

[2008.04.18 11:11:32 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Acer GameZone Console

[2012.07.03 18:07:46 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Buhl Data Service

[2009.03.10 17:04:29 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\CPUControl

[2008.09.26 09:47:41 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\eSobi

[2012.07.13 22:41:39 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Fighters

[2009.04.01 14:20:58 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\OpenOffice.org

[2009.03.31 21:19:50 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Template

[2011.09.21 16:20:51 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\The Creative Assembly

[2010.12.14 20:37:22 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Tific

[2011.08.16 11:56:07 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Uniblue

[2011.08.06 18:00:09 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Unity

[2011.08.16 11:54:59 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Wise Registry Cleaner

[2012.05.18 08:16:08 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\ZalmanInstaller_otshot

[2008.04.18 11:11:32 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console

[2008.04.18 11:11:32 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console

[2012.07.20 07:23:37 | 000,032,606 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 
 < %ALLUSERSPROFILE%\Application Data\*. >

 
 < %ALLUSERSPROFILE%\Application Data\*.exe /s >

 
 < %APPDATA%\*. >

[2010.12.05 00:54:22 | 000,000,000 | -HSD | M] -- C:\Users\Chris\AppData\Roaming\.#

[2008.04.18 11:11:32 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Acer GameZone Console

[2008.07.26 10:21:41 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Adobe

[2012.07.03 18:07:46 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Buhl Data Service

[2009.03.10 17:04:29 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\CPUControl

[2008.10.31 14:37:43 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\CyberLink

[2008.09.26 09:47:41 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\eSobi

[2012.07.13 22:41:39 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Fighters

[2009.01.19 20:27:57 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Google

[2008.07.24 18:27:37 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Identities

[2008.07.27 11:01:29 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\InstallShield

[2008.09.09 10:02:31 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Logitech

[2008.07.24 18:28:05 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Macromedia

[2012.07.13 21:12:39 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Malwarebytes

[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Media Center Programs

[2012.06.24 10:41:32 | 000,000,000 | --SD | M] -- C:\Users\Chris\AppData\Roaming\Microsoft

[2012.02.04 21:29:51 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Mozilla

[2012.05.18 08:16:44 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\NCH Software

[2009.04.01 14:20:58 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\OpenOffice.org

[2011.02.18 20:39:15 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Real

[2009.10.24 18:57:23 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Symantec

[2009.03.31 21:19:50 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Template

[2011.09.21 16:20:51 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\The Creative Assembly

[2010.12.14 20:37:22 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Tific

[2011.08.16 11:56:07 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Uniblue

[2011.08.06 18:00:09 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Unity

[2009.12.13 20:35:05 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\WinRAR

[2011.08.16 11:54:59 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Wise Registry Cleaner

[2008.08.18 22:28:33 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Xfire

[2008.08.05 15:31:08 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Yahoo!

[2012.05.18 08:16:08 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\ZalmanInstaller_otshot

 
 < %APPDATA%\*.exe /s >

[2008.09.09 10:02:15 | 000,010,134 | R--- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe

[2011.08.16 11:44:18 | 005,592,856 | ---- | M] (Uniblue Systems Ltd                                         ) -- C:\Users\Chris\AppData\Roaming\Uniblue\SpeedUpMyPC\_temp\sump.exe

 
 < %SYSTEMDRIVE%\*.exe >

 
 < MD5 for: AGP440.SYS  >

[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys

[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys

[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys

[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys

[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

 
 < MD5 for: ATAPI.SYS  >

[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys

[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys

[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys

[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys

[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

 
 < MD5 for: CNGAUDIT.DLL  >

[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll

[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

 
 < MD5 for: IASTOR.SYS  >

[2008.04.15 17:54:16 | 000,388,120 | ---- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC91CBD97 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys

[2008.04.15 17:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys

[2008.04.15 17:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\drivers\iaStor.sys

[2008.04.15 17:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_77c04a30\iaStor.sys

 
 < MD5 for: IASTORV.SYS  >

[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys

[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys

[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys

[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

 
 < MD5 for: NETLOGON.DLL  >

[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll

[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll

[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

 
 < MD5 for: NVSTOR.SYS  >

[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys

[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys

[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys

[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

 
 < MD5 for: SCECLI.DLL  >

[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll

[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll

[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll

[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll

[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe

[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

 
 < MD5 for: WININIT.EXE  >

[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe

[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe

[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe

[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys

[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV

[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV

[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV

[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV

[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

 
 < %systemroot%\*. /mp /s >

 
 < %systemroot%\system32\*.dll /lockedfiles >

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:73933431

@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:4F636E25
 

< End of report >

Gruss
Chris

Hier ist dann mal der neue Log.

Code:

17:01:31.0751 23352        TDSS rootkit removing tool 2.7.47.0 Jul 20 2012 20:36:30

17:01:32.0511 23352        ============================================================

17:01:32.0511 23352        Current date / time: 2012/07/23 17:01:32.0511

17:01:32.0511 23352        SystemInfo:

17:01:32.0511 23352        

17:01:32.0511 23352        OS Version: 6.0.6001 ServicePack: 1.0

17:01:32.0511 23352        Product type: Workstation

17:01:32.0511 23352        ComputerName: CHRIS-PC

17:01:32.0512 23352        UserName: Chris

17:01:32.0512 23352        Windows directory: C:\Windows

17:01:32.0512 23352        System windows directory: C:\Windows

17:01:32.0512 23352        Processor architecture: Intel x86

17:01:32.0512 23352        Number of processors: 2

17:01:32.0512 23352        Page size: 0x1000

17:01:32.0512 23352        Boot type: Normal boot

17:01:32.0512 23352        ============================================================

17:01:33.0260 23352        Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

17:01:33.0262 23352        ============================================================

17:01:33.0262 23352        \Device\Harddisk0\DR0:

17:01:33.0263 23352        MBR partitions:

17:01:33.0263 23352        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x12016800

17:01:33.0263 23352        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x13417000, BlocksNum 0x12017000

17:01:33.0263 23352        ============================================================

17:01:33.0325 23352        C: <-> \Device\Harddisk0\DR0\Partition0

17:01:33.0372 23352        D: <-> \Device\Harddisk0\DR0\Partition1

17:01:33.0372 23352        ============================================================

17:01:33.0372 23352        Initialize success

17:01:33.0372 23352        ============================================================

17:02:17.0894 22968        ============================================================

17:02:17.0894 22968        Scan started

17:02:17.0894 22968        Mode: Manual; SigCheck; TDLFS; 

17:02:17.0894 22968        ============================================================

17:02:18.0393 22968        A310            (02e1c46c34f2d2843533c4f223867930) C:\Windows\system32\DRIVERS\AVerA310USB.sys

17:02:18.0526 22968        A310 - ok

17:02:18.0616 22968        ACPI            (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys

17:02:18.0631 22968        ACPI - ok

17:02:18.0729 22968        AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

17:02:18.0743 22968        AdobeFlashPlayerUpdateSvc - ok

17:02:18.0791 22968        adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

17:02:18.0812 22968        adp94xx - ok

17:02:18.0855 22968        adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

17:02:18.0870 22968        adpahci - ok

17:02:18.0896 22968        adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

17:02:18.0908 22968        adpu160m - ok

17:02:18.0935 22968        adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

17:02:18.0946 22968        adpu320 - ok

17:02:18.0969 22968        AeLookupSvc     (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll

17:02:19.0077 22968        AeLookupSvc - ok

17:02:19.0130 22968        AFD             (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys

17:02:19.0197 22968        AFD - ok

17:02:19.0214 22968        AgereModemAudio (efbc44fbd75e4f80bd927aebf6e7eade) C:\Windows\system32\agrsmsvc.exe

17:02:19.0259 22968        AgereModemAudio - ok

17:02:19.0397 22968        AgereSoftModem  (38325c6aa8eae011897d61ce48ec6435) C:\Windows\system32\DRIVERS\AGRSM.sys

17:02:19.0475 22968        AgereSoftModem - ok

17:02:19.0660 22968        agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys

17:02:19.0670 22968        agp440 - ok

17:02:19.0693 22968        aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

17:02:19.0705 22968        aic78xx - ok

17:02:19.0733 22968        AlfaFF          (8d59617a9c3dbf4650aa44f4e9215744) C:\Windows\system32\Drivers\AlfaFF.sys

17:02:19.0770 22968        AlfaFF - ok

17:02:19.0790 22968        ALG             (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe

17:02:19.0933 22968        ALG - ok

17:02:19.0947 22968        aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys

17:02:19.0956 22968        aliide - ok

17:02:19.0971 22968        amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

17:02:19.0981 22968        amdagp - ok

17:02:19.0988 22968        amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys

17:02:19.0997 22968        amdide - ok

17:02:20.0005 22968        AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

17:02:20.0051 22968        AmdK7 - ok

17:02:20.0068 22968        AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys

17:02:20.0111 22968        AmdK8 - ok

17:02:20.0139 22968        Appinfo         (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll

17:02:20.0178 22968        Appinfo - ok

17:02:20.0204 22968        arc             (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

17:02:20.0214 22968        arc - ok

17:02:20.0239 22968        arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

17:02:20.0249 22968        arcsas - ok

17:02:20.0333 22968        aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

17:02:20.0342 22968        aspnet_state - ok

17:02:20.0372 22968        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

17:02:20.0421 22968        AsyncMac - ok

17:02:20.0465 22968        atapi           (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys

17:02:20.0475 22968        atapi - ok

17:02:20.0511 22968        ATSWPDRV        (5e19f7b730c6a32e83174e2d6fee4389) C:\Windows\system32\DRIVERS\ATSwpDrv.sys

17:02:20.0523 22968        ATSWPDRV - ok

17:02:20.0599 22968        AudioEndpointBuilder (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll

17:02:20.0637 22968        AudioEndpointBuilder - ok

17:02:20.0641 22968        Audiosrv        (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll

17:02:20.0668 22968        Audiosrv - ok

17:02:20.0817 22968        Automatisches LiveUpdate - Scheduler (b5d974c1fd078a68c7536c561b031d39) C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

17:02:20.0839 22968        Automatisches LiveUpdate - Scheduler - ok

17:02:20.0876 22968        AVFSFilter - ok

17:02:20.0949 22968        b57nd60x        (7d0f2bfa273831124fa08526af48af18) C:\Windows\system32\DRIVERS\b57nd60x.sys

17:02:20.0990 22968        b57nd60x - ok

17:02:21.0031 22968        BDASwCap        (9347a2ddee501c242a8e21990279d688) C:\Windows\system32\drivers\AVerA310Cap.sys

17:02:21.0042 22968        BDASwCap - ok

17:02:21.0053 22968        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

17:02:21.0099 22968        Beep - ok

17:02:21.0157 22968        BFE             (8582e233c346aefe759833e8a30dd697) C:\Windows\System32\bfe.dll

17:02:21.0204 22968        BFE - ok

17:02:21.0461 22968        BHDrvx86        (a9e111a358ac5f7eba7ac61e43fc6725) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20120711.002\BHDrvx86.sys

17:02:21.0512 22968        BHDrvx86 - ok

17:02:21.0657 22968        BITS            (02ed7b4dbc2a3232a389106da7515c3d) C:\Windows\System32\qmgr.dll

17:02:21.0757 22968        BITS - ok

17:02:21.0813 22968        blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

17:02:21.0853 22968        blbdrive - ok

17:02:21.0890 22968        bowser          (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys

17:02:21.0939 22968        bowser - ok

17:02:21.0959 22968        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

17:02:21.0995 22968        BrFiltLo - ok

17:02:22.0014 22968        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

17:02:22.0061 22968        BrFiltUp - ok

17:02:22.0095 22968        Browser         (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll

17:02:22.0152 22968        Browser - ok

17:02:22.0179 22968        Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

17:02:22.0393 22968        Brserid - ok

17:02:22.0417 22968        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

17:02:22.0466 22968        BrSerWdm - ok

17:02:22.0484 22968        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

17:02:22.0540 22968        BrUsbMdm - ok

17:02:22.0554 22968        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

17:02:22.0601 22968        BrUsbSer - ok

17:02:22.0625 22968        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

17:02:22.0680 22968        BTHMODEM - ok

17:02:22.0714 22968        BthServ         (58ee7f5e68310bc8d4e7cebd8358c12e) C:\Windows\System32\bthserv.dll

17:02:22.0737 22968        BthServ - ok

17:02:22.0814 22968        BUNAgentSvc     (09e6affae6c0e9158bf05c7d08d0107a) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe

17:02:22.0830 22968        BUNAgentSvc ( UnsignedFile.Multi.Generic ) - warning

17:02:22.0831 22968        BUNAgentSvc - detected UnsignedFile.Multi.Generic (1)

17:02:22.0902 22968        ccEvtMgr        (d1c87cd3bd90ee509d1bf3973c7d5b0a) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

17:02:22.0912 22968        ccEvtMgr - ok

17:02:22.0915 22968        ccSetMgr        (d1c87cd3bd90ee509d1bf3973c7d5b0a) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

17:02:22.0923 22968        ccSetMgr - ok

17:02:23.0035 22968        ccSet_NIS       (599e7f6259a127c174c49938d2aa6a60) C:\Windows\system32\drivers\NIS\1307010.005\ccSetx86.sys

17:02:23.0047 22968        ccSet_NIS - ok

17:02:23.0074 22968        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

17:02:23.0107 22968        cdfs - ok

17:02:23.0142 22968        cdrom           (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys

17:02:23.0183 22968        cdrom - ok

17:02:23.0216 22968        CertPropSvc     (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll

17:02:23.0259 22968        CertPropSvc - ok

17:02:23.0285 22968        circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys

17:02:23.0320 22968        circlass - ok

17:02:23.0363 22968        CLFS            (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys

17:02:23.0377 22968        CLFS - ok

17:02:23.0456 22968        CLHNService     (5ca9b1062c0c3e3ae19c23ad9d8a5048) C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe

17:02:23.0471 22968        CLHNService ( UnsignedFile.Multi.Generic ) - warning

17:02:23.0471 22968        CLHNService - detected UnsignedFile.Multi.Generic (1)

17:02:23.0551 22968        clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

17:02:23.0561 22968        clr_optimization_v2.0.50727_32 - ok

17:02:23.0652 22968        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

17:02:23.0665 22968        clr_optimization_v4.0.30319_32 - ok

17:02:23.0737 22968        CLTNetCnService (d1c87cd3bd90ee509d1bf3973c7d5b0a) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

17:02:23.0745 22968        CLTNetCnService - ok

17:02:23.0773 22968        CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

17:02:23.0811 22968        CmBatt - ok

17:02:23.0834 22968        cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys

17:02:23.0844 22968        cmdide - ok

17:02:23.0856 22968        Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

17:02:23.0865 22968        Compbatt - ok

17:02:23.0869 22968        COMSysApp - ok

17:02:23.0875 22968        crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys

17:02:23.0885 22968        crcdisk - ok

17:02:23.0899 22968        Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys

17:02:23.0933 22968        Crusoe - ok

17:02:23.0993 22968        CryptSvc        (6de363f9f99334514c46aec02d3e3678) C:\Windows\system32\cryptsvc.dll

17:02:24.0035 22968        CryptSvc - ok

17:02:24.0101 22968        DcomLaunch      (301ae00e12408650baddc04dbc832830) C:\Windows\system32\rpcss.dll

17:02:24.0179 22968        DcomLaunch - ok

17:02:24.0214 22968        DfsC            (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys

17:02:24.0253 22968        DfsC - ok

17:02:24.0626 22968        DFSR            (fa3463f25f9cc9c3bcf1e7912feff099) C:\Windows\system32\DFSR.exe

17:02:24.0745 22968        DFSR - ok

17:02:25.0016 22968        Dhcp            (43a988a9c10333476cb5fb667cbd629d) C:\Windows\System32\dhcpcsvc.dll

17:02:25.0069 22968        Dhcp - ok

17:02:25.0136 22968        disk            (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys

17:02:25.0146 22968        disk - ok

17:02:25.0168 22968        DKbFltr         (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys

17:02:25.0178 22968        DKbFltr - ok

17:02:25.0385 22968        Dnscache        (4805d9a6d281c7a7defd9094dec6af7d) C:\Windows\System32\dnsrslvr.dll

17:02:25.0434 22968        Dnscache - ok

17:02:25.0473 22968        dot3svc         (5af620a08c614e24206b79e8153cf1a8) C:\Windows\System32\dot3svc.dll

17:02:25.0498 22968        dot3svc - ok

17:02:25.0538 22968        DPS             (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll

17:02:25.0578 22968        DPS - ok

17:02:25.0618 22968        drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

17:02:25.0637 22968        drmkaud - ok

17:02:25.0737 22968        DXGKrnl         (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys

17:02:25.0818 22968        DXGKrnl - ok

17:02:25.0843 22968        E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys

17:02:25.0867 22968        E1G60 - ok

17:02:25.0911 22968        EapHost         (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll

17:02:25.0931 22968        EapHost - ok

17:02:25.0958 22968        Ecache          (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys

17:02:25.0969 22968        Ecache - ok

17:02:26.0067 22968        eDataSecurity Service (b7dc2580425225c320ceda78de55a3d0) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe

17:02:26.0100 22968        eDataSecurity Service - ok

17:02:26.0217 22968        eeCtrl          (fce87ba643d5e9a8b6e0378508d1b22d) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

17:02:26.0238 22968        eeCtrl - ok

17:02:26.0291 22968        ehRecvr         (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe

17:02:26.0327 22968        ehRecvr - ok

17:02:26.0345 22968        ehSched         (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe

17:02:26.0395 22968        ehSched - ok

17:02:26.0410 22968        ehstart         (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll

17:02:26.0434 22968        ehstart - ok

17:02:26.0566 22968        elxstor         (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys

17:02:26.0585 22968        elxstor - ok

17:02:26.0675 22968        EMDMgmt         (70b1a86df0c8ead17d2bc332edae2c7c) C:\Windows\system32\emdmgmt.dll

17:02:26.0738 22968        EMDMgmt - ok

17:02:26.0874 22968        EraserUtilRebootDrv (115dc729465a8c386615207f28875255) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

17:02:26.0884 22968        EraserUtilRebootDrv - ok

17:02:26.0899 22968        ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys

17:02:26.0936 22968        ErrDev - ok

17:02:26.0986 22968        ETService       (a51fd9df23720485991f56741bbefcfb) C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

17:02:27.0003 22968        ETService ( UnsignedFile.Multi.Generic ) - warning

17:02:27.0003 22968        ETService - detected UnsignedFile.Multi.Generic (1)

17:02:27.0070 22968        EventSystem     (3cb3343d720168b575133a0a20dc2465) C:\Windows\system32\es.dll

17:02:27.0108 22968        EventSystem - ok

17:02:27.0154 22968        exfat           (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys

17:02:27.0195 22968        exfat - ok

17:02:27.0226 22968        fastfat         (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys

17:02:27.0261 22968        fastfat - ok

17:02:27.0278 22968        fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys

17:02:27.0313 22968        fdc - ok

17:02:27.0346 22968        fdPHost         (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll

17:02:27.0381 22968        fdPHost - ok

17:02:27.0398 22968        FDResPub        (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll

17:02:27.0457 22968        FDResPub - ok

17:02:27.0474 22968        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

17:02:27.0484 22968        FileInfo - ok

17:02:27.0495 22968        Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

17:02:27.0535 22968        Filetrace - ok

17:02:27.0557 22968        flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

17:02:27.0580 22968        flpydisk - ok

17:02:27.0601 22968        FltMgr          (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys

17:02:27.0613 22968        FltMgr - ok

17:02:27.0700 22968        FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

17:02:27.0710 22968        FontCache3.0.0.0 - ok

17:02:27.0724 22968        Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

17:02:27.0751 22968        Fs_Rec - ok

17:02:27.0772 22968        gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys

17:02:27.0782 22968        gagp30kx - ok

17:02:27.0887 22968        gpsvc           (d9f1113d9401185245573350712f92fc) C:\Windows\System32\gpsvc.dll

17:02:27.0938 22968        gpsvc - ok

17:02:28.0000 22968        gupdate         (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe

17:02:28.0010 22968        gupdate - ok

17:02:28.0014 22968        gupdatem        (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe

17:02:28.0022 22968        gupdatem - ok

17:02:28.0070 22968        gusvc           (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

17:02:28.0080 22968        gusvc - ok

17:02:28.0136 22968        HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

17:02:28.0187 22968        HdAudAddService - ok

17:02:28.0222 22968        HDAudBus        (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys

17:02:28.0257 22968        HDAudBus - ok

17:02:28.0277 22968        HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

17:02:28.0330 22968        HidBth - ok

17:02:28.0335 22968        HidIr           (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys

17:02:28.0367 22968        HidIr - ok

17:02:28.0421 22968        hidserv         (8fa640195279ace21bea91396a0054fc) C:\Windows\system32\hidserv.dll

17:02:28.0462 22968        hidserv - ok

17:02:28.0496 22968        HidUsb          (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys

17:02:28.0520 22968        HidUsb - ok

17:02:28.0543 22968        hkmsvc          (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll

17:02:28.0588 22968        hkmsvc - ok

17:02:28.0610 22968        HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys

17:02:28.0620 22968        HpCISSs - ok

17:02:28.0683 22968        HTTP            (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys

17:02:28.0727 22968        HTTP - ok

17:02:28.0751 22968        i2omp           (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys

17:02:28.0760 22968        i2omp - ok

17:02:28.0787 22968        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

17:02:28.0819 22968        i8042prt - ok

17:02:28.0930 22968        IAANTMON        (cb686f44bf955ea02520710a56874fa4) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

17:02:28.0948 22968        IAANTMON - ok

17:02:28.0986 22968        iaStor          (db0cc620b27a928d968c1a1e9cd9cb87) C:\Windows\system32\DRIVERS\iaStor.sys

17:02:28.0999 22968        iaStor - ok

17:02:29.0039 22968        iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys

17:02:29.0053 22968        iaStorV - ok

17:02:29.0125 22968        IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

17:02:29.0147 22968        IDriverT ( UnsignedFile.Multi.Generic ) - warning

17:02:29.0147 22968        IDriverT - detected UnsignedFile.Multi.Generic (1)

17:02:29.0305 22968        idsvc           (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

17:02:29.0352 22968        idsvc - ok

17:02:29.0550 22968        IDSVix86        (6262c22a913bd255a0795d070b82aa47) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20120720.001\IDSvix86.sys

17:02:29.0580 22968        IDSVix86 - ok

17:02:29.0932 22968        IGBASVC         (60a52c8e2e25c62ec8359c28a4af6e25) C:\Program Files\Acer\Acer Bio Protection\BASVC.exe

17:02:30.0095 22968        IGBASVC ( UnsignedFile.Multi.Generic ) - warning

17:02:30.0095 22968        IGBASVC - detected UnsignedFile.Multi.Generic (1)

17:02:30.0259 22968        iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

17:02:30.0268 22968        iirsp - ok

17:02:30.0343 22968        IKEEXT          (a3bc480a2bf8aa8e4dabd2d5dce0afac) C:\Windows\System32\ikeext.dll

17:02:30.0394 22968        IKEEXT - ok

17:02:30.0422 22968        int15           (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\Windows\system32\drivers\int15.sys

17:02:30.0449 22968        int15 ( UnsignedFile.Multi.Generic ) - warning

17:02:30.0449 22968        int15 - detected UnsignedFile.Multi.Generic (1)

17:02:30.0666 22968        IntcAzAudAddService (3cfa12fefea751dae7b8133a6ef3c0d9) C:\Windows\system32\drivers\RTKVHDA.sys

17:02:30.0759 22968        IntcAzAudAddService - ok

17:02:30.0913 22968        intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

17:02:30.0922 22968        intelide - ok

17:02:30.0952 22968        intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

17:02:30.0992 22968        intelppm - ok

17:02:31.0021 22968        IPBusEnum       (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll

17:02:31.0058 22968        IPBusEnum - ok

17:02:31.0084 22968        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

17:02:31.0119 22968        IpFilterDriver - ok

17:02:31.0166 22968        iphlpsvc        (6a35d233693edc29a12742049bc5e37f) C:\Windows\System32\iphlpsvc.dll

17:02:31.0212 22968        iphlpsvc - ok

17:02:31.0216 22968        IpInIp - ok

17:02:31.0245 22968        IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys

17:02:31.0286 22968        IPMIDRV - ok

17:02:31.0308 22968        IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

17:02:31.0332 22968        IPNAT - ok

17:02:31.0342 22968        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

17:02:31.0365 22968        IRENUM - ok

17:02:31.0382 22968        isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys

17:02:31.0392 22968        isapnp - ok

17:02:31.0437 22968        iScsiPrt        (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys

17:02:31.0448 22968        iScsiPrt - ok

17:02:31.0466 22968        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

17:02:31.0476 22968        iteatapi - ok

17:02:31.0494 22968        iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

17:02:31.0503 22968        iteraid - ok

17:02:31.0522 22968        JMCR            (858c550ebbd243826a2193262c1b54a3) C:\Windows\system32\DRIVERS\jmcr.sys

17:02:31.0562 22968        JMCR - ok

17:02:31.0584 22968        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

17:02:31.0594 22968        kbdclass - ok

17:02:31.0614 22968        kbdhid          (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys

17:02:31.0655 22968        kbdhid - ok

17:02:31.0692 22968        KeyIso          (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe

17:02:31.0739 22968        KeyIso - ok

17:02:31.0810 22968        KSecDD          (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys

17:02:31.0844 22968        KSecDD - ok

17:02:31.0926 22968        KtmRm           (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll

17:02:31.0958 22968        KtmRm - ok

17:02:32.0032 22968        LanmanServer    (1925e63c91cf1610ae41bfd539062079) C:\Windows\system32\srvsvc.dll

17:02:32.0070 22968        LanmanServer - ok

17:02:32.0118 22968        LanmanWorkstation (2ae2e1628c5d3f1c0a46a67c9fa1df15) C:\Windows\System32\wkssvc.dll

17:02:32.0158 22968        LanmanWorkstation - ok

17:02:32.0162 22968        Lbd - ok

17:02:32.0277 22968        LBTServ         (a0f7dc0080e4f97dc97de08b699e231b) C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

17:02:32.0288 22968        LBTServ - ok

17:02:32.0328 22968        LHidFilt        (24e0ddb99aeccf86bb37702611761459) C:\Windows\system32\DRIVERS\LHidFilt.Sys

17:02:32.0336 22968        LHidFilt - ok

17:02:32.0376 22968        LightScribeService (793ff718477345cd5d232c50bed1e452) C:\Program Files\Common Files\LightScribe\LSSrvc.exe

17:02:32.0382 22968        LightScribeService ( UnsignedFile.Multi.Generic ) - warning

17:02:32.0382 22968        LightScribeService - detected UnsignedFile.Multi.Generic (1)

17:02:32.0681 22968        LiveUpdate      (a97eeb81f05bce3d7aa6c81f04ef39a4) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

17:02:32.0795 22968        LiveUpdate - ok

17:02:32.0984 22968        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

17:02:33.0018 22968        lltdio - ok

17:02:33.0057 22968        lltdsvc         (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll

17:02:33.0097 22968        lltdsvc - ok

17:02:33.0113 22968        lmhosts         (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll

17:02:33.0153 22968        lmhosts - ok

17:02:33.0190 22968        LMouFilt        (d58b330d318361a66a9fe60d7c9b4951) C:\Windows\system32\DRIVERS\LMouFilt.Sys

17:02:33.0199 22968        LMouFilt - ok

17:02:33.0222 22968        LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys

17:02:33.0233 22968        LSI_FC - ok

17:02:33.0249 22968        LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys

17:02:33.0259 22968        LSI_SAS - ok

17:02:33.0278 22968        LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys

17:02:33.0288 22968        LSI_SCSI - ok

17:02:33.0308 22968        luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

17:02:33.0332 22968        luafv - ok

17:02:33.0363 22968        LUsbFilt        (144011d14bd35f4e36136ae057b1aadd) C:\Windows\system32\Drivers\LUsbFilt.Sys

17:02:33.0372 22968        LUsbFilt - ok

17:02:33.0383 22968        Mcx2Svc         (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll

17:02:33.0405 22968        Mcx2Svc - ok

17:02:33.0430 22968        megasas         (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys

17:02:33.0440 22968        megasas - ok

17:02:33.0489 22968        MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys

17:02:33.0510 22968        MegaSR - ok

17:02:33.0540 22968        MMCSS           (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll

17:02:33.0574 22968        MMCSS - ok

17:02:33.0617 22968        MobilityService - ok

17:02:33.0646 22968        Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

17:02:33.0677 22968        Modem - ok

17:02:33.0697 22968        monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

17:02:33.0721 22968        monitor - ok

17:02:33.0729 22968        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

17:02:33.0739 22968        mouclass - ok

17:02:33.0749 22968        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

17:02:33.0786 22968        mouhid - ok

17:02:33.0813 22968        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

17:02:33.0823 22968        MountMgr - ok

17:02:33.0896 22968        MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

17:02:33.0907 22968        MozillaMaintenance - ok

17:02:33.0929 22968        mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys

17:02:33.0940 22968        mpio - ok

17:02:33.0958 22968        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

17:02:33.0986 22968        mpsdrv - ok

17:02:34.0069 22968        MpsSvc          (d1639ba315b0d79dec49a4b0e1fb929b) C:\Windows\system32\mpssvc.dll

17:02:34.0120 22968        MpsSvc - ok

17:02:34.0140 22968        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

17:02:34.0149 22968        Mraid35x - ok

17:02:34.0180 22968        MRxDAV          (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys

17:02:34.0226 22968        MRxDAV - ok

17:02:34.0268 22968        mrxsmb          (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys

17:02:34.0309 22968        mrxsmb - ok

17:02:34.0360 22968        mrxsmb10        (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys

17:02:34.0382 22968        mrxsmb10 - ok

17:02:34.0402 22968        mrxsmb20        (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys

17:02:34.0424 22968        mrxsmb20 - ok

17:02:34.0449 22968        msahci          (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys

17:02:34.0458 22968        msahci - ok

17:02:34.0479 22968        msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys

17:02:34.0490 22968        msdsm - ok

17:02:34.0514 22968        MSDTC           (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe

17:02:34.0540 22968        MSDTC - ok

17:02:34.0555 22968        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

17:02:34.0585 22968        Msfs - ok

17:02:34.0598 22968        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

17:02:34.0607 22968        msisadrv - ok

17:02:34.0636 22968        MSiSCSI         (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll

17:02:34.0671 22968        MSiSCSI - ok

17:02:34.0675 22968        msiserver - ok

17:02:34.0691 22968        MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

17:02:34.0732 22968        MSKSSRV - ok

17:02:34.0751 22968        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

17:02:34.0773 22968        MSPCLOCK - ok

17:02:34.0783 22968        MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

17:02:34.0807 22968        MSPQM - ok

17:02:34.0840 22968        MsRPC           (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys

17:02:34.0851 22968        MsRPC - ok

17:02:34.0870 22968        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

17:02:34.0879 22968        mssmbios - ok

17:02:34.0890 22968        MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

17:02:34.0913 22968        MSTEE - ok

17:02:34.0921 22968        Mup             (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys

17:02:34.0931 22968        Mup - ok

17:02:34.0986 22968        napagent        (c43b25863fbd65b6d2a142af3ae320ca) C:\Windows\system32\qagentRT.dll

17:02:35.0016 22968        napagent - ok

17:02:35.0061 22968        NativeWifiP     (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys

17:02:35.0088 22968        NativeWifiP - ok

17:02:35.0234 22968        NAVENG          (f11033730b38260b6892e837c457fb4b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20120722.006\NAVENG.SYS

17:02:35.0245 22968        NAVENG - ok

17:02:35.0412 22968        NAVEX15         (4e4e7c0259d3bb97de24a636c0e06aba) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20120722.006\NAVEX15.SYS

17:02:35.0489 22968        NAVEX15 - ok

17:02:35.0751 22968        NDIS            (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys

17:02:35.0792 22968        NDIS - ok

17:02:35.0854 22968        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

17:02:35.0890 22968        NdisTapi - ok

17:02:35.0928 22968        Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

17:02:35.0952 22968        Ndisuio - ok

17:02:35.0971 22968        NdisWan         (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys

17:02:35.0995 22968        NdisWan - ok

17:02:36.0001 22968        NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

17:02:36.0021 22968        NDProxy - ok

17:02:36.0029 22968        NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

17:02:36.0069 22968        NetBIOS - ok

17:02:36.0090 22968        netbt           (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys

17:02:36.0125 22968        netbt - ok

17:02:36.0161 22968        Netlogon        (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe

17:02:36.0175 22968        Netlogon - ok

17:02:36.0232 22968        Netman          (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll

17:02:36.0278 22968        Netman - ok

17:02:36.0312 22968        netprofm        (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll

17:02:36.0339 22968        netprofm - ok

17:02:36.0423 22968        NetTcpPortSharing (0ad5876ef4e9eb77c8f93eb5b2fff386) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

17:02:36.0432 22968        NetTcpPortSharing - ok

17:02:36.0797 22968        NETw5v32        (e559ea9138c77b5d1fda8c558764a25f) C:\Windows\system32\DRIVERS\NETw5v32.sys

17:02:37.0002 22968        NETw5v32 - ok

17:02:37.0186 22968        nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

17:02:37.0196 22968        nfrd960 - ok

17:02:37.0316 22968        NIS             (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe

17:02:37.0326 22968        NIS - ok

17:02:37.0366 22968        NlaSvc          (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll

17:02:37.0408 22968        NlaSvc - ok

17:02:37.0427 22968        Npfs            (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys

17:02:37.0493 22968        Npfs - ok

17:02:37.0528 22968        nsi             (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll

17:02:37.0553 22968        nsi - ok

17:02:37.0595 22968        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

17:02:37.0631 22968        nsiproxy - ok

17:02:37.0764 22968        Ntfs            (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys

17:02:37.0835 22968        Ntfs - ok

17:02:37.0906 22968        NTIBackupSvc    (cb76f68ba0d57c5d25b538981b1c611c) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

17:02:37.0927 22968        NTIBackupSvc - ok

17:02:38.0106 22968        NTIDrvr         (2757d2ba59aee155209e24942ab127c9) C:\Windows\system32\DRIVERS\NTIDrvr.sys

17:02:38.0114 22968        NTIDrvr - ok

17:02:38.0202 22968        NTIPPKernel     (547bfa3591c70674b0bfc99354ab78b3) C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys

17:02:38.0210 22968        NTIPPKernel ( UnsignedFile.Multi.Generic ) - warning

17:02:38.0210 22968        NTIPPKernel - detected UnsignedFile.Multi.Generic (1)

17:02:38.0246 22968        NTISchedulerSvc (df1c10a75df7e50195fc417f88a33227) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

17:02:38.0253 22968        NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - warning

17:02:38.0253 22968        NTISchedulerSvc - detected UnsignedFile.Multi.Generic (1)

17:02:38.0270 22968        ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

17:02:38.0322 22968        ntrigdigi - ok

17:02:38.0340 22968        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

17:02:38.0364 22968        Null - ok

17:02:38.0404 22968        NVHDA           (590caa306f9e7c303905b738ebdfe2e2) C:\Windows\system32\drivers\nvhda32v.sys

17:02:38.0413 22968        NVHDA - ok

17:02:39.0092 22968        nvlddmkm        (05200c3a9b1370aa2d8c99f1a464168b) C:\Windows\system32\DRIVERS\nvlddmkm.sys

17:02:39.0476 22968        nvlddmkm - ok

17:02:39.0667 22968        nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys

17:02:39.0678 22968        nvraid - ok

17:02:39.0700 22968        nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys

17:02:39.0710 22968        nvstor - ok

17:02:39.0754 22968        nvsvc           (a1da6d6d706ba55348db4ba688f37ca5) C:\Windows\system32\nvvsvc.exe

17:02:39.0767 22968        nvsvc - ok

17:02:39.0787 22968        nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys

17:02:39.0797 22968        nv_agp - ok

17:02:39.0801 22968        NwlnkFlt - ok

17:02:39.0806 22968        NwlnkFwd - ok

17:02:39.0827 22968        ohci1394        (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys

17:02:39.0865 22968        ohci1394 - ok

17:02:39.0960 22968        p2pimsvc        (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll

17:02:40.0043 22968        p2pimsvc - ok

17:02:40.0051 22968        p2psvc          (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll

17:02:40.0111 22968        p2psvc - ok

17:02:40.0158 22968        Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

17:02:40.0244 22968        Parport - ok

17:02:40.0262 22968        partmgr         (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys

17:02:40.0272 22968        partmgr - ok

17:02:40.0285 22968        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

17:02:40.0324 22968        Parvdm - ok

17:02:40.0356 22968        PcaSvc          (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll

17:02:40.0380 22968        PcaSvc - ok

17:02:40.0423 22968        pci             (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys

17:02:40.0435 22968        pci - ok

17:02:40.0450 22968        pciide          (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys

17:02:40.0459 22968        pciide - ok

17:02:40.0489 22968        pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

17:02:40.0502 22968        pcmcia - ok

17:02:40.0603 22968        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

17:02:40.0692 22968        PEAUTH - ok

17:02:40.0877 22968        pla             (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll

17:02:40.0969 22968        pla - ok

17:02:41.0163 22968        PlugPlay        (78f975cb6d18265be6f492edb2d7bc7b) C:\Windows\system32\umpnpmgr.dll

17:02:41.0191 22968        PlugPlay - ok

17:02:41.0232 22968        PnkBstrA        (831883b107684301f48ace752c963984) C:\Windows\system32\PnkBstrA.exe

17:02:41.0243 22968        PnkBstrA - ok

17:02:41.0332 22968        PNRPAutoReg     (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll

17:02:41.0356 22968        PNRPAutoReg - ok

17:02:41.0390 22968        PNRPsvc         (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll

17:02:41.0414 22968        PNRPsvc - ok

17:02:41.0486 22968        PolicyAgent     (47b8f37aa18b74d8c2e1bc1a7a2c8f8a) C:\Windows\System32\ipsecsvc.dll

17:02:41.0551 22968        PolicyAgent - ok

17:02:41.0602 22968        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

17:02:41.0638 22968        PptpMiniport - ok

17:02:41.0669 22968        Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys

17:02:41.0693 22968        Processor - ok

17:02:41.0745 22968        ProfSvc         (b627e4fc8585e8843c5905d4d3587a90) C:\Windows\system32\profsvc.dll

17:02:41.0784 22968        ProfSvc - ok

17:02:41.0802 22968        ProtectedStorage (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe

17:02:41.0816 22968        ProtectedStorage - ok

17:02:41.0861 22968        PSched          (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys

17:02:41.0898 22968        PSched - ok

17:02:41.0914 22968        PSDFilter       (ab94285ff6c6bc5433407d8d182a4bb4) C:\Windows\system32\DRIVERS\psdfilter.sys

17:02:41.0923 22968        PSDFilter - ok

17:02:41.0929 22968        PSDNServ        (2aaf9a5d7a63d26bfaea853c5f2292bc) C:\Windows\system32\DRIVERS\PSDNServ.sys

17:02:41.0938 22968        PSDNServ - ok

17:02:41.0963 22968        psdvdisk        (0eb8cec99855beae5b0d02c2302619ef) C:\Windows\system32\DRIVERS\PSDVdisk.sys

17:02:41.0972 22968        psdvdisk - ok

17:02:42.0115 22968        ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys

17:02:42.0178 22968        ql2300 - ok

17:02:42.0201 22968        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

17:02:42.0212 22968        ql40xx - ok

17:02:42.0256 22968        QWAVE           (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll

17:02:42.0292 22968        QWAVE - ok

17:02:42.0314 22968        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

17:02:42.0327 22968        QWAVEdrv - ok

17:02:42.0399 22968        RapiMgr         (8f97d374ad1857e1eed85a79f29a1d3d) C:\Windows\WindowsMobile\rapimgr.dll

17:02:42.0410 22968        RapiMgr - ok

17:02:42.0424 22968        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

17:02:42.0462 22968        RasAcd - ok

17:02:42.0485 22968        RasAuto         (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll

17:02:42.0528 22968        RasAuto - ok

17:02:42.0558 22968        Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

17:02:42.0597 22968        Rasl2tp - ok

17:02:42.0646 22968        RasMan          (6e7c284fc5c4ec07ad164d93810385a6) C:\Windows\System32\rasmans.dll

17:02:42.0676 22968        RasMan - ok

17:02:42.0696 22968        RasPppoe        (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys

17:02:42.0728 22968        RasPppoe - ok

17:02:42.0754 22968        RasSstp         (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys

17:02:42.0778 22968        RasSstp - ok

17:02:42.0808 22968        rdbss           (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys

17:02:42.0833 22968        rdbss - ok

17:02:42.0843 22968        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

17:02:42.0884 22968        RDPCDD - ok

17:02:42.0924 22968        rdpdr           (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys

17:02:42.0951 22968        rdpdr - ok

17:02:42.0956 22968        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

17:02:42.0987 22968        RDPENCDD - ok

17:02:43.0016 22968        RDPWD           (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys

17:02:43.0041 22968        RDPWD - ok

17:02:43.0079 22968        RemoteAccess    (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll

17:02:43.0124 22968        RemoteAccess - ok

17:02:43.0172 22968        RemoteRegistry  (cc4e32400f3c7253400cf8f3f3a0b676) C:\Windows\system32\regsvc.dll

17:02:43.0200 22968        RemoteRegistry - ok

17:02:43.0231 22968        RpcLocator      (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe

17:02:43.0280 22968        RpcLocator - ok

17:02:43.0358 22968        RpcSs           (301ae00e12408650baddc04dbc832830) C:\Windows\system32\rpcss.dll

17:02:43.0381 22968        RpcSs - ok

17:02:43.0415 22968        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

17:02:43.0439 22968        rspndr - ok

17:02:43.0458 22968        SamSs           (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe

17:02:43.0473 22968        SamSs - ok

17:02:43.0493 22968        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

17:02:43.0503 22968        sbp2port - ok

17:02:43.0679 22968        SBSDWSCService  (794d4b48dfb6e999537c7c3947863463) D:\Neuer Ordner\Spybot - Search & Destroy\SDWinSec.exe

17:02:43.0761 22968        SBSDWSCService - ok

17:02:43.0791 22968        SCardSvr        (11387e32642269c7e62e8b52c060b3c6) C:\Windows\System32\SCardSvr.dll

17:02:43.0842 22968        SCardSvr - ok

17:02:43.0925 22968        Schedule        (7b587b8a6d4a99f79d2902d0385f29bd) C:\Windows\system32\schedsvc.dll

17:02:43.0986 22968        Schedule - ok

17:02:44.0018 22968        SCPolicySvc     (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll

17:02:44.0042 22968        SCPolicySvc - ok

17:02:44.0060 22968        sdbus           (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys

17:02:44.0084 22968        sdbus - ok

17:02:44.0095 22968        SDRSVC          (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll

17:02:44.0144 22968        SDRSVC - ok

17:02:44.0164 22968        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

17:02:44.0211 22968        secdrv - ok

17:02:44.0232 22968        seclogon        (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll

17:02:44.0258 22968        seclogon - ok

17:02:44.0267 22968        SENS            (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll

17:02:44.0305 22968        SENS - ok

17:02:44.0328 22968        Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

17:02:44.0366 22968        Serenum - ok

17:02:44.0386 22968        Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

17:02:44.0439 22968        Serial - ok

17:02:44.0461 22968        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

17:02:44.0483 22968        sermouse - ok

17:02:44.0511 22968        SessionEnv      (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll

17:02:44.0539 22968        SessionEnv - ok

17:02:44.0551 22968        sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys

17:02:44.0569 22968        sffdisk - ok

17:02:44.0577 22968        sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys

17:02:44.0611 22968        sffp_mmc - ok

17:02:44.0633 22968        sffp_sd         (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys

17:02:44.0666 22968        sffp_sd - ok

17:02:44.0687 22968        sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

17:02:44.0726 22968        sfloppy - ok

17:02:44.0793 22968        SharedAccess    (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll

17:02:44.0822 22968        SharedAccess - ok

17:02:44.0875 22968        ShellHWDetection (1e3fdb80e40a3ce645f229dfbdfb7694) C:\Windows\System32\shsvcs.dll

17:02:44.0914 22968        ShellHWDetection - ok

17:02:44.0953 22968        sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys

17:02:44.0963 22968        sisagp - ok

17:02:44.0969 22968        SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys

17:02:44.0978 22968        SiSRaid2 - ok

17:02:44.0998 22968        SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys

17:02:45.0010 22968        SiSRaid4 - ok

17:02:45.0312 22968        slsvc           (0ba91e1358ad25236863039bb2609a2e) C:\Windows\system32\SLsvc.exe

17:02:45.0449 22968        slsvc - ok

17:02:45.0613 22968        SLUINotify      (7c6dc44ca0bfa6291629ab764200d1d4) C:\Windows\system32\SLUINotify.dll

17:02:45.0656 22968        SLUINotify - ok

17:02:45.0711 22968        Smb             (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys

17:02:45.0750 22968        Smb - ok

17:02:45.0782 22968        SNMPTRAP        (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe

17:02:45.0814 22968        SNMPTRAP - ok

17:02:45.0952 22968        SPBBCDrv        (cb5a4e90451d80d415f0a6dbb86d1d9f) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys

17:02:45.0972 22968        SPBBCDrv - ok

17:02:45.0978 22968        spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

17:02:45.0988 22968        spldr - ok

17:02:46.0029 22968        Spooler         (3665f79026a3f91fbca63f2c65a09b19) C:\Windows\System32\spoolsv.exe

17:02:46.0070 22968        Spooler - ok

17:02:46.0194 22968        SRTSP           (9dd258ee034afd36259cb7357e19d0b1) C:\Windows\System32\Drivers\NIS\1307010.005\SRTSP.SYS

17:02:46.0226 22968        SRTSP - ok

17:02:46.0255 22968        SRTSPX          (0cc3a10f363436c7b478419eb73f8d91) C:\Windows\system32\drivers\NIS\1307010.005\SRTSPX.SYS

17:02:46.0264 22968        SRTSPX - ok

17:02:46.0323 22968        srv             (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys

17:02:46.0350 22968        srv - ok

17:02:46.0394 22968        srv2            (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys

17:02:46.0430 22968        srv2 - ok

17:02:46.0468 22968        srvnet          (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys

17:02:46.0491 22968        srvnet - ok

17:02:46.0533 22968        SSDPSRV         (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll

17:02:46.0573 22968        SSDPSRV - ok

17:02:46.0603 22968        SstpSvc         (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll

17:02:46.0636 22968        SstpSvc - ok

17:02:46.0696 22968        Steam Client Service - ok

17:02:46.0786 22968        stisvc          (7dd08a597bc56051f320da0baf69e389) C:\Windows\System32\wiaservc.dll

17:02:46.0851 22968        stisvc - ok

17:02:46.0879 22968        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

17:02:46.0889 22968        swenum - ok

17:02:46.0932 22968        swprv           (b36c7cdb86f7f7a8e884479219766950) C:\Windows\System32\swprv.dll

17:02:46.0973 22968        swprv - ok

17:02:47.0161 22968        Symantec Core LC (fa2f6a8849219b16460bf44f9d1f3aa7) C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

17:02:47.0236 22968        Symantec Core LC - ok

17:02:47.0442 22968        Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

17:02:47.0452 22968        Symc8xx - ok

17:02:47.0562 22968        SymDS           (690fa0e61b90084c4d9a721bd4f3d779) C:\Windows\system32\drivers\NIS\1307010.005\SYMDS.SYS

17:02:47.0576 22968        SymDS - ok

17:02:47.0700 22968        SymEFA          (4e55148a2e044d02245cbcdbb266b98c) C:\Windows\system32\drivers\NIS\1307010.005\SYMEFA.SYS

17:02:47.0748 22968        SymEFA - ok

17:02:47.0814 22968        SymEvent        (555fb450fe6908600310e990738b41d6) C:\Windows\system32\Drivers\SYMEVENT.SYS

17:02:47.0825 22968        SymEvent - ok

17:02:47.0888 22968        SymIRON         (2c356cca706505cf63cbe39d532b9236) C:\Windows\system32\drivers\NIS\1307010.005\Ironx86.SYS

17:02:47.0900 22968        SymIRON - ok

17:02:47.0944 22968        SYMTDIv         (40c6e6417c8b7d7fcf82cfbe71525795) C:\Windows\System32\Drivers\NIS\1307010.005\SYMTDIV.SYS

17:02:47.0963 22968        SYMTDIv - ok

17:02:47.0991 22968        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

17:02:48.0001 22968        Sym_hi - ok

17:02:48.0015 22968        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

17:02:48.0025 22968        Sym_u3 - ok

17:02:48.0056 22968        SynTP           (bf7aa84d5af0faa0978c840e63b17dbf) C:\Windows\system32\DRIVERS\SynTP.sys

17:02:48.0068 22968        SynTP - ok

17:02:48.0168 22968        SysMain         (8710a92d0024b03b5fb9540df1f71f1d) C:\Windows\system32\sysmain.dll

17:02:48.0214 22968        SysMain - ok

17:02:48.0258 22968        TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll

17:02:48.0310 22968        TabletInputService - ok

17:02:48.0362 22968        TapiSrv         (680916bb09ee0f3a6aca7c274b0d633f) C:\Windows\System32\tapisrv.dll

17:02:48.0391 22968        TapiSrv - ok

17:02:48.0422 22968        TBS             (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll

17:02:48.0458 22968        TBS - ok

17:02:48.0574 22968        Tcpip           (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys

17:02:48.0644 22968        Tcpip - ok

17:02:48.0654 22968        Tcpip6          (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys

17:02:48.0713 22968        Tcpip6 - ok

17:02:48.0744 22968        tcpipreg        (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys

17:02:48.0776 22968        tcpipreg - ok

17:02:48.0808 22968        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

17:02:48.0831 22968        TDPIPE - ok

17:02:48.0844 22968        TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

17:02:48.0867 22968        TDTCP - ok

17:02:48.0884 22968        tdx             (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys

17:02:48.0921 22968        tdx - ok

17:02:48.0953 22968        TermDD          (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys

17:02:48.0963 22968        TermDD - ok

17:02:49.0054 22968        TermService     (d605031e225aaccbceb5b76a4f1603a6) C:\Windows\System32\termsrv.dll

17:02:49.0095 22968        TermService - ok

17:02:49.0156 22968        Themes          (1e3fdb80e40a3ce645f229dfbdfb7694) C:\Windows\system32\shsvcs.dll

17:02:49.0175 22968        Themes - ok

17:02:49.0205 22968        THREADORDER     (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll

17:02:49.0230 22968        THREADORDER - ok

17:02:49.0249 22968        TrkWks          (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll

17:02:49.0276 22968        TrkWks - ok

17:02:49.0339 22968        TrustedInstaller (16613a1bad034d4ecf957af18b7c2ff5) C:\Windows\servicing\TrustedInstaller.exe

17:02:49.0372 22968        TrustedInstaller - ok

17:02:49.0401 22968        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

17:02:49.0424 22968        tssecsrv - ok

17:02:49.0443 22968        tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

17:02:49.0460 22968        tunmp - ok

17:02:49.0480 22968        tunnel          (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys

17:02:49.0494 22968        tunnel - ok

17:02:49.0515 22968        uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys

17:02:49.0525 22968        uagp35 - ok

17:02:49.0541 22968        UBHelper        (f763e070843ee2803de1395002b42938) C:\Windows\system32\drivers\UBHelper.sys

17:02:49.0549 22968        UBHelper - ok

17:02:49.0581 22968        udfs            (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys

17:02:49.0606 22968        udfs - ok

17:02:49.0640 22968        UI0Detect       (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe

17:02:49.0677 22968        UI0Detect - ok

17:02:49.0699 22968        uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys

17:02:49.0709 22968        uliagpkx - ok

17:02:49.0747 22968        uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys

17:02:49.0761 22968        uliahci - ok

17:02:49.0777 22968        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

17:02:49.0789 22968        UlSata - ok

17:02:49.0815 22968        ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

17:02:49.0827 22968        ulsata2 - ok

17:02:49.0847 22968        umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

17:02:49.0879 22968        umbus - ok

17:02:49.0917 22968        upnphost        (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll

17:02:49.0947 22968        upnphost - ok

17:02:49.0983 22968        usbccgp         (a7cd5b4adea26765cab06bdab7b07b13) C:\Windows\system32\DRIVERS\usbccgp.sys

17:02:50.0009 22968        usbccgp - ok

17:02:50.0030 22968        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

17:02:50.0070 22968        usbcir - ok

17:02:50.0106 22968        usbehci         (686d4188ae36254c3008b71fedacadf3) C:\Windows\system32\DRIVERS\usbehci.sys

17:02:50.0118 22968        usbehci - ok

17:02:50.0164 22968        usbhub          (4e42f665a658f08d153f7fffe7c83806) C:\Windows\system32\DRIVERS\usbhub.sys

17:02:50.0198 22968        usbhub - ok

17:02:50.0215 22968        usbohci         (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

17:02:50.0254 22968        usbohci - ok

17:02:50.0267 22968        usbprint        (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys

17:02:50.0305 22968        usbprint - ok

17:02:50.0326 22968        USBSTOR         (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS

17:02:50.0368 22968        USBSTOR - ok

17:02:50.0402 22968        usbuhci         (40f95a3d6d50d82f947f1d167c2ec39d) C:\Windows\system32\DRIVERS\usbuhci.sys

17:02:50.0415 22968        usbuhci - ok

17:02:50.0432 22968        usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys

17:02:50.0465 22968        usbvideo - ok

17:02:50.0481 22968        usb_rndisx      (ee181a08e09db23cf4a49b46a1e66bb8) C:\Windows\system32\DRIVERS\usb8023x.sys

17:02:50.0504 22968        usb_rndisx - ok

17:02:50.0554 22968        UxSms           (032a0acc3909ae7215d524e29d536797) C:\Windows\System32\uxsms.dll

17:02:50.0591 22968        UxSms - ok

17:02:50.0642 22968        vds             (b13bc395b9d6116628f5af47e0802ac4) C:\Windows\System32\vds.exe

17:02:50.0676 22968        vds - ok

17:02:50.0697 22968        vga             (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

17:02:50.0739 22968        vga - ok

17:02:50.0744 22968        VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

17:02:50.0767 22968        VgaSave - ok

17:02:50.0784 22968        viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys

17:02:50.0794 22968        viaagp - ok

17:02:50.0807 22968        ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys

17:02:50.0830 22968        ViaC7 - ok

17:02:50.0838 22968        viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys

17:02:50.0848 22968        viaide - ok

17:02:50.0867 22968        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

17:02:50.0877 22968        volmgr - ok

17:02:50.0908 22968        volmgrx         (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys

17:02:50.0922 22968        volmgrx - ok

17:02:50.0963 22968        volsnap         (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys

17:02:50.0975 22968        volsnap - ok

17:02:51.0000 22968        vsmraid         (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys

17:02:51.0012 22968        vsmraid - ok

17:02:51.0159 22968        VSS             (d5fb73d19c46ade183f968e13f186b23) C:\Windows\system32\vssvc.exe

17:02:51.0234 22968        VSS - ok

17:02:51.0277 22968        W32Time         (1cf9206966a8458cda9a8b20df8ab7d3) C:\Windows\system32\w32time.dll

17:02:51.0319 22968        W32Time - ok

17:02:51.0374 22968        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

17:02:51.0422 22968        WacomPen - ok

17:02:51.0443 22968        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

17:02:51.0474 22968        Wanarp - ok

17:02:51.0477 22968        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

17:02:51.0497 22968        Wanarpv6 - ok

17:02:51.0584 22968        WcesComm        (59e19bd13c3bdb857646b9e436ba27f7) C:\Windows\WindowsMobile\wcescomm.dll

17:02:51.0602 22968        WcesComm - ok

17:02:51.0653 22968        wcncsvc         (f3a5c2e1a6533192b070d06ecf6be796) C:\Windows\System32\wcncsvc.dll

17:02:51.0679 22968        wcncsvc - ok

17:02:51.0699 22968        WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll

17:02:51.0737 22968        WcsPlugInService - ok

17:02:51.0760 22968        Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

17:02:51.0769 22968        Wd - ok

17:02:51.0822 22968        Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

17:02:51.0858 22968        Wdf01000 - ok

17:02:51.0895 22968        WdiServiceHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll

17:02:51.0935 22968        WdiServiceHost - ok

17:02:51.0947 22968        WdiSystemHost   (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll

17:02:51.0974 22968        WdiSystemHost - ok

17:02:52.0032 22968        WebClient       (cf9a5f41789b642db967021de06a2713) C:\Windows\System32\webclnt.dll

17:02:52.0062 22968        WebClient - ok

17:02:52.0106 22968        Wecsvc          (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll

17:02:52.0147 22968        Wecsvc - ok

17:02:52.0176 22968        wercplsupport   (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll

17:02:52.0198 22968        wercplsupport - ok

17:02:52.0233 22968        WerSvc          (fd1965aaa112c6818a30ab02742d0461) C:\Windows\System32\WerSvc.dll

17:02:52.0268 22968        WerSvc - ok

17:02:52.0290 22968        winbondcir      (3fa87d56769838aac82fafc3e78fc732) C:\Windows\system32\DRIVERS\winbondcir.sys

17:02:52.0335 22968        winbondcir - ok

17:02:52.0420 22968        WinDefend       (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll

17:02:52.0434 22968        WinDefend - ok

17:02:52.0439 22968        WinHttpAutoProxySvc - ok

17:02:52.0511 22968        Winmgmt         (00b79a7c984678f24cf052e5beb3a2f5) C:\Windows\system32\wbem\WMIsvc.dll

17:02:52.0549 22968        Winmgmt - ok

17:02:52.0696 22968        WinRM           (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll

17:02:52.0771 22968        WinRM - ok

17:02:52.0845 22968        WINUSB          (f03110711b17ad31271cb2baf0dbb2b1) C:\Windows\system32\DRIVERS\WinUSB.SYS

17:02:52.0882 22968        WINUSB - ok

17:02:52.0960 22968        Wlansvc         (275f4346e569df56cfb95243bd6f6ff0) C:\Windows\System32\wlansvc.dll

17:02:53.0050 22968        Wlansvc - ok

17:02:53.0073 22968        WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys

17:02:53.0108 22968        WmiAcpi - ok

17:02:53.0199 22968        wmiApSrv        (aba4cf9f856d9a3a25f4ddd7690a6e9d) C:\Windows\system32\wbem\WmiApSrv.exe

17:02:53.0235 22968        wmiApSrv - ok

17:02:53.0405 22968        WMPNetworkSvc   (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe

17:02:53.0474 22968        WMPNetworkSvc - ok

17:02:53.0511 22968        WPCSvc          (5d94cd167751294962ba238d82dd1bb8) C:\Windows\System32\wpcsvc.dll

17:02:53.0543 22968        WPCSvc - ok

17:02:53.0564 22968        WPDBusEnum      (396d406292b0cd26e3504ffe82784702) C:\Windows\system32\wpdbusenum.dll

17:02:53.0610 22968        WPDBusEnum - ok

17:02:53.0819 22968        WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

17:02:53.0862 22968        WPFFontCache_v0400 - ok

17:02:53.0922 22968        ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

17:02:53.0945 22968        ws2ifsl - ok

17:02:54.0011 22968        wscsvc          (683dd16b590372f2c9661d277f35e49c) C:\Windows\System32\wscsvc.dll

17:02:54.0028 22968        wscsvc - ok

17:02:54.0031 22968        WSearch - ok

17:02:54.0244 22968        wuauserv        (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll

17:02:54.0345 22968        wuauserv - ok

17:02:54.0534 22968        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

17:02:54.0559 22968        WUDFRd - ok

17:02:54.0588 22968        wudfsvc         (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll

17:02:54.0632 22968        wudfsvc - ok

17:02:54.0682 22968        zebrbus         (c95dd99e29e2d5ae7c1aac26b02a111c) C:\Windows\system32\DRIVERS\zebrbus.sys

17:02:54.0693 22968        zebrbus - ok

17:02:54.0710 22968        zebrmdfl        (78f045074b1a6ad699e76e573b5ea82a) C:\Windows\system32\DRIVERS\zebrmdfl.sys

17:02:54.0720 22968        zebrmdfl - ok

17:02:54.0745 22968        zebrmdm         (636df12276af9ee94a34ded15f620714) C:\Windows\system32\DRIVERS\zebrmdm.sys

17:02:54.0755 22968        zebrmdm - ok

17:02:54.0774 22968        zebrmdmc        (4fd7eb4d3c7bd3550c2e15f0a25fc52f) C:\Windows\system32\DRIVERS\zebrmdmc.sys

17:02:54.0784 22968        zebrmdmc - ok

17:02:54.0875 22968        {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (4d840c6af3c020ed3a35efba9025cf4a) C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl

17:02:54.0885 22968        {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok

17:02:54.0909 22968        MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

17:02:55.0504 22968        \Device\Harddisk0\DR0 - ok

17:02:55.0507 22968        Boot (0x1200)   (13967c48220510faeec4479ea76643ee) \Device\Harddisk0\DR0\Partition0

17:02:55.0508 22968        \Device\Harddisk0\DR0\Partition0 - ok

17:02:55.0536 22968        Boot (0x1200)   (f465bca5e6222842840b311130b9eb34) \Device\Harddisk0\DR0\Partition1

17:02:55.0539 22968        \Device\Harddisk0\DR0\Partition1 - ok

17:02:55.0539 22968        ============================================================

17:02:55.0539 22968        Scan finished

17:02:55.0539 22968        ============================================================

17:02:55.0548 21924        Detected object count: 9

17:02:55.0548 21924        Actual detected object count: 9

17:03:28.0730 21924        BUNAgentSvc ( UnsignedFile.Multi.Generic ) - skipped by user

17:03:28.0730 21924        BUNAgentSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:03:28.0732 21924        CLHNService ( UnsignedFile.Multi.Generic ) - skipped by user

17:03:28.0732 21924        CLHNService ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:03:28.0733 21924        ETService ( UnsignedFile.Multi.Generic ) - skipped by user

17:03:28.0734 21924        ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:03:28.0735 21924        IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

17:03:28.0735 21924        IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:03:28.0737 21924        IGBASVC ( UnsignedFile.Multi.Generic ) - skipped by user

17:03:28.0737 21924        IGBASVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:03:28.0738 21924        int15 ( UnsignedFile.Multi.Generic ) - skipped by user

17:03:28.0738 21924        int15 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:03:28.0740 21924        LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user

17:03:28.0740 21924        LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:03:28.0741 21924        NTIPPKernel ( UnsignedFile.Multi.Generic ) - skipped by user

17:03:28.0742 21924        NTIPPKernel ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:03:28.0743 21924        NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - skipped by user

17:03:28.0743 21924        NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:04:54.0002 19304        Deinitialize success

Gruss Chris