Trojaner-Board - Internetprobleme. Ein Schädling oder falsche Einstellungen?

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Internetprobleme. Ein Schädling oder falsche Einstellungen? (https://www.trojaner-board.de/123678-internetprobleme-schaedling-falsche-einstellungen.html)

Internetprobleme. Ein Schädling oder falsche Einstellungen?

Hallo,

Ich habe ein Internetproblem. Denn es funktioniert sogut wie garnicht mehr. Cache ist gelöscht. Bei anderen Browser besteht das gleiche Problem. Die Ladezeiten sind sehr lang. Meist kommt dann...."Die Website kann nicht angezeigt werden". Manchmal läd es die Seiten nicht richtig, wobei dann nicht alles angezeigt wird. Kaltstart hilft auch nicht.
Meine Freundin geht ebenfalls über gleichen Router ins Internet. Da besteht das Problem nicht. Manchmal habe ich die Möglichkeit, den Router zurückzusetzen. Das funktioniert dann. Das kommt immer dann, wenn "Die Website kann nicht angeziegt werden". Dann klicke ich auf "Problem suchen" und bekomme die Meldung, das es mit den Netzwerkadapter oder Modem ein Problem gibt. Und unten stehen dann verschiedene Auswahlmöglichkeiten. Da klicke ich immer auf "LAN- Verbindung" zurücksetzen".
Was ist denn da schon wieder los?!
Vielen Dank im voraus.

hi
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die
OTL.exe
.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt in die http://larusso.trojaner-board.de/Images/otlfix.jpg
Textbox.

Code:

activex

netsvcs

msconfig

%SYSTEMDRIVE%\*.

%PROGRAMFILES%\*.exe

%LOCALAPPDATA%\*.exe

%systemroot%\*. /mp /s

C:\Windows\system32\*.tsp

/md5start

userinit.exe

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

ws2ifsl.sys

sceclt.dll

ntelogon.dll

winlogon.exe

logevent.dll

user32.DLL

explorer.exe

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

/md5stop

%systemroot%\system32\drivers\*.sys /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\system32\*.dll /lockedfiles

%USERPROFILE%\*.*

%USERPROFILE%\Local Settings\Temp\*.exe

%USERPROFILE%\Local Settings\Temp\*.dll

%USERPROFILE%\Application Data\*.exe

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs

CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Kopiere
nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

Ich hoffe, das ist so korrekt.

OTL.txt

OTL Logfile:

Code:

OTL logfile created on: 07.09.2012 18:34:49 - Run 1

OTL by OldTimer - Version 3.2.61.1     Folder = C:\Users\Melanie\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.19298)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,93 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 62,40% Memory free

6,09 Gb Paging File | 4,82 Gb Available in Paging File | 79,15% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 144,17 Gb Total Space | 22,80 Gb Free Space | 15,81% Space Free | Partition Type: NTFS

Drive D: | 144,15 Gb Total Space | 84,81 Gb Free Space | 58,83% Space Free | Partition Type: NTFS

 

Computer Name: MELANIE-PC | User Name: Melanie | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.09.07 18:31:33 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Users\Melanie\Desktop\OTL.exe

PRC - [2012.08.09 02:38:14 | 003,414,680 | ---- | M] (Electronic Arts) -- C:\Program Files\Origin\Origin.exe

PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2012.05.16 15:44:58 | 001,084,840 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe

PRC - [2012.04.22 13:51:04 | 000,720,936 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

PRC - [2012.04.22 13:50:44 | 000,174,120 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

PRC - [2012.04.22 13:50:36 | 000,126,504 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

PRC - [2012.04.22 13:50:32 | 000,148,520 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe

PRC - [2012.02.02 19:41:44 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Melanie\AppData\Local\Temp\RtkBtMnt.exe

PRC - [2011.12.24 18:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2011.06.09 14:06:06 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe

PRC - [2010.08.25 20:03:02 | 002,424,560 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

PRC - [2010.08.10 16:10:58 | 002,349,776 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2008.07.25 05:40:24 | 000,809,480 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe

PRC - [2008.05.14 17:05:30 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe

PRC - [2008.05.14 17:05:22 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe

PRC - [2008.05.08 02:19:26 | 006,139,904 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe

PRC - [2008.04.30 19:02:40 | 000,397,312 | ---- | M] (Acer Inc.) -- C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe

PRC - [2008.03.21 13:22:52 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

PRC - [2008.03.18 21:27:12 | 000,013,312 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe

PRC - [2008.03.05 11:56:30 | 001,216,512 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe

PRC - [2008.01.10 17:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe

PRC - [2007.12.06 16:15:28 | 000,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe

PRC - [2007.03.27 12:00:32 | 000,196,608 | ---- | M] (Acer Inc.) -- C:\Program Files\Acer\Acer VCM\acp2HID.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2012.09.07 17:30:58 | 000,052,736 | ---- | M] () -- C:\Users\Melanie\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll

MOD - [2012.09.01 11:01:42 | 000,063,488 | ---- | M] () -- C:\Users\Melanie\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll

MOD - [2012.06.16 06:59:48 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8bbcd31ecc8edc7d1f9cdd83ef2bb2d3\System.ServiceProcess.ni.dll

MOD - [2012.06.15 17:02:27 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll

MOD - [2012.06.15 17:02:03 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll

MOD - [2012.05.16 15:45:56 | 000,276,392 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\phonon4.dll

MOD - [2012.05.16 15:45:40 | 002,652,584 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll

MOD - [2012.05.16 15:45:40 | 000,363,944 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXml4.dll

MOD - [2012.05.16 15:45:38 | 011,166,120 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll

MOD - [2012.05.16 15:45:36 | 001,346,472 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtScript4.dll

MOD - [2012.05.16 15:45:36 | 000,205,736 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtSql4.dll

MOD - [2012.05.16 15:45:34 | 001,013,672 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll

MOD - [2012.05.16 15:45:34 | 000,720,296 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll

MOD - [2012.05.16 15:45:32 | 008,506,280 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtGui4.dll

MOD - [2012.05.16 15:45:32 | 000,520,104 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll

MOD - [2012.05.16 15:45:30 | 002,480,552 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll

MOD - [2012.05.16 15:45:30 | 002,353,576 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtCore4.dll

MOD - [2012.05.16 15:45:28 | 000,445,864 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll

MOD - [2012.05.16 15:45:22 | 000,206,760 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qjpeg4.dll

MOD - [2012.05.16 15:45:22 | 000,035,240 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qico4.dll

MOD - [2012.05.16 15:45:20 | 000,032,680 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qgif4.dll

MOD - [2012.05.16 15:44:54 | 000,437,672 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\NService.dll

MOD - [2012.05.16 15:44:16 | 000,604,072 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll

MOD - [2012.05.16 13:46:28 | 000,391,056 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\ssoengine.dll

MOD - [2012.05.16 13:46:28 | 000,059,280 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\securestorage.dll

MOD - [2012.05.16 13:45:30 | 000,110,080 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\mediaservice\dsengine.dll

MOD - [2012.05.13 19:29:31 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll

MOD - [2012.05.13 17:28:58 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll

MOD - [2012.05.13 08:37:42 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll

MOD - [2012.05.13 08:36:54 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\bfdd10e0a0aacf46bac557ffc5d55ba5\System.Data.ni.dll

MOD - [2012.05.13 08:36:01 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll

MOD - [2012.05.13 08:35:39 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll

MOD - [2010.01.22 15:13:30 | 000,323,160 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 3\winSkinD7R.bpl

MOD - [2010.01.22 15:13:16 | 000,045,656 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 3\CoolTrayIcon_D6plus.bpl

MOD - [2010.01.22 15:11:36 | 000,150,616 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 3\STFix.dll

MOD - [2010.01.22 15:11:30 | 000,057,432 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 3\NtfsData.dll

MOD - [2009.08.16 18:06:02 | 000,141,312 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll

MOD - [2009.03.30 06:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

MOD - [2009.03.30 06:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll

MOD - [2008.05.14 17:05:10 | 000,227,888 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll

MOD - [2008.05.07 20:06:48 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3006.0__3036420f80dd6947\Framework.Library.dll

MOD - [2008.05.07 20:06:48 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3006.0__4df5dcab8860d239\Framework.Utility.dll

MOD - [2008.05.07 20:06:48 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3006.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll

MOD - [2008.04.30 16:00:02 | 000,204,800 | ---- | M] () -- C:\Windows\System32\SysHook.dll

MOD - [2008.04.04 03:00:58 | 000,003,072 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll

MOD - [2007.09.11 11:12:08 | 000,475,136 | ---- | M] () -- C:\Program Files\Acer\Acer VCM\AcerControl.dll

MOD - [2003.06.07 23:30:08 | 000,057,344 | ---- | M] () -- C:\Program Files\Launch Manager\PowerUtl.dll

 

 
 ========== Services (SafeList) ==========

 

SRV - [2012.08.15 16:42:17 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012.04.22 13:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

SRV - [2011.12.24 18:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2008.05.14 17:05:30 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)

SRV - [2008.03.21 13:22:52 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)

SRV - [2008.03.18 21:27:12 | 000,013,312 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)

SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2008.01.10 17:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)

SRV - [2007.12.06 16:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | Auto | Stopped] -- C:\Users\Melanie\AppData\Local\Temp\5776.sys -- (5776)

DRV - [2012.04.22 13:51:38 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)

DRV - [2012.01.17 20:04:28 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)

DRV - [2012.01.09 17:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)

DRV - [2012.01.09 17:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)

DRV - [2012.01.09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)

DRV - [2012.01.09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)

DRV - [2011.12.10 16:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)

DRV - [2010.05.10 20:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)

DRV - [2010.02.17 20:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)

DRV - [2009.05.07 18:23:00 | 000,110,304 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV09.sys -- (ACEDRV09)

DRV - [2008.10.21 09:22:48 | 000,114,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mdm.sys -- (s0017mdm)

DRV - [2008.10.21 09:22:48 | 000,109,736 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017unic.sys -- (s0017unic)

DRV - [2008.10.21 09:22:48 | 000,108,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mgmt.sys -- (s0017mgmt)

DRV - [2008.10.21 09:22:48 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017obex.sys -- (s0017obex)

DRV - [2008.10.21 09:22:48 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017bus.sys -- (s0017bus)

DRV - [2008.10.21 09:22:48 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017nd5.sys -- (s0017nd5)

DRV - [2008.10.21 09:22:48 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mdfl.sys -- (s0017mdfl)

DRV - [2008.05.16 11:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdfl.sys -- (s0016mdfl)

DRV - [2008.05.16 11:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdm.sys -- (s0016mdm)

DRV - [2008.05.16 11:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016bus.sys -- (s0016bus)

DRV - [2008.03.21 10:48:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)

DRV - [2008.03.01 01:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)

DRV - [2006.11.10 19:23:50 | 000,097,184 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SE2Emdm.sys -- (SE2Emdm)

DRV - [2006.11.10 19:23:48 | 000,009,360 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SE2Emdfl.sys -- (SE2Emdfl)

DRV - [2006.11.10 19:23:42 | 000,061,600 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SE2Ebus.sys -- (SE2Ebus)

DRV - [2002.07.17 17:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 

IE - HKLM\..\URLSearchHook: {548f6736-8fe4-4680-82f2-170d6c07e1d2} - C:\Program Files\TranslatorBar_1.2\tbTran.dll (Conduit Ltd.)

IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)

IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW

IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245

IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 20 68 53 4C 41 CB 01  [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\..\URLSearchHook:  - No CLSID value found

IE - HKCU\..\URLSearchHook: {548f6736-8fe4-4680-82f2-170d6c07e1d2} - C:\Program Files\TranslatorBar_1.2\tbTran.dll (Conduit Ltd.)

IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)

IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{33884283-6AFC-47E6-8E99-97A67428C427}: "URL" = hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}

IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7_____de

IE - HKCU\..\SearchScopes\{9E0543C7-01AB-4629-AADE-14618AE20644}: "URL" = hxxp://de.search.yahoo.com/search?ei=utf-8&fr=chr-greentree_ie&type=937811&p={searchTerms}

IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245

IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: ""

FF - prefs.js..browser.search.defaultthis.engineName: "softonic-de3 Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811"

FF - prefs.js..browser.search.selectedEngine: ""

FF - prefs.js..extensions.enabledAddons: {C9B68337-E93A-44EA-94DC-CB300EC06444}:5.30.4

FF - prefs.js..extensions.enabledAddons: OneClickDownload@OneClickDownload.com:1.0

FF - prefs.js..extensions.enabledAddons: plugin@yontoo.com:1.20.00

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2

FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:3.2.5.2

FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.12.2.100006

FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.736

FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.76

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26

FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&q="

FF - prefs.js..network.proxy.type: 0

 

 

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )

FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Melanie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\webbooster@iminent.com: C:\Program Files\Iminent\webbooster@iminent.com

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.01.20 18:28:02 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.08.15 02:20:22 | 000,000,000 | ---D | M]

 

[2010.08.03 14:40:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Melanie\AppData\Roaming\mozilla\Extensions

[2012.08.03 12:41:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Melanie\AppData\Roaming\mozilla\Firefox\Profiles\uoiz31cn.default\extensions

[2011.02.11 17:02:10 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Melanie\AppData\Roaming\mozilla\Firefox\Profiles\uoiz31cn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2011.04.04 16:48:49 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Melanie\AppData\Roaming\mozilla\Firefox\Profiles\uoiz31cn.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2012.08.03 12:41:41 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\Melanie\AppData\Roaming\mozilla\Firefox\Profiles\uoiz31cn.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}

[2012.01.20 19:33:03 | 000,000,000 | ---D | M] (softonic-de3 Community Toolbar) -- C:\Users\Melanie\AppData\Roaming\mozilla\Firefox\Profiles\uoiz31cn.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}

[2010.12.23 20:27:02 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Melanie\AppData\Roaming\mozilla\Firefox\Profiles\uoiz31cn.default\extensions\engine@conduit.com

[2012.08.03 12:40:27 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\Melanie\AppData\Roaming\mozilla\Firefox\Profiles\uoiz31cn.default\extensions\OneClickDownload@OneClickDownload.com

[2012.08.03 12:40:33 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Melanie\AppData\Roaming\mozilla\Firefox\Profiles\uoiz31cn.default\extensions\plugin@yontoo.com

[2010.12.08 16:47:52 | 000,000,927 | ---- | M] () -- C:\Users\Melanie\AppData\Roaming\mozilla\firefox\profiles\uoiz31cn.default\searchplugins\conduit.xml

[2012.01.20 18:28:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2011.12.21 09:42:29 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2011.11.10 06:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2011.12.21 07:08:50 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml

[2011.12.21 07:02:40 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2011.12.21 07:08:50 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml

[2011.12.21 07:08:50 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml

[2011.12.21 07:08:50 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml

[2011.12.21 07:08:50 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2012.09.01 10:30:07 | 000,000,761 | RHS- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: ::1             localhost

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.

O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)

O2 - BHO: (TranslatorBar 1.2 Toolbar) - {548f6736-8fe4-4680-82f2-170d6c07e1d2} - C:\Program Files\TranslatorBar_1.2\tbTran.dll (Conduit Ltd.)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)

O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)

O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)

O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (TranslatorBar 1.2 Toolbar) - {548f6736-8fe4-4680-82f2-170d6c07e1d2} - C:\Program Files\TranslatorBar_1.2\tbTran.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)

O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)

O3 - HKCU\..\Toolbar\WebBrowser: (TranslatorBar 1.2 Toolbar) - {548F6736-8FE4-4680-82F2-170D6C07E1D2} - C:\Program Files\TranslatorBar_1.2\tbTran.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)

O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)

O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)

O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)

O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)

O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)

O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: Free YouTube Download - C:\Users\Melanie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Melanie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4E811D30-5B9D-459A-9418-1DAB9B194607}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C83C2E58-E41D-4A49-AB9B-A0B62AE8C939}: DhcpNameServer = 192.168.0.1

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) -  File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg

O24 - Desktop BackupWallPaper: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Windows Media Player 5.2

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

NetSvcs: FastUserSwitchingCompatibility -  File not found

NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)

NetSvcs: Nla -  File not found

NetSvcs: Ntmssvc -  File not found

NetSvcs: NWCWorkstation -  File not found

NetSvcs: Nwsapagent -  File not found

NetSvcs: SRService -  File not found

NetSvcs: WmdmPmSp -  File not found

NetSvcs: LogonHours -  File not found

NetSvcs: PCAudit -  File not found

NetSvcs: helpsvc -  File not found

NetSvcs: uploadmgr -  File not found

 

MsConfig - StartUpFolder: C:^Users^Melanie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^0.8087520392255758.exe.lnk -  - File not found

MsConfig - StartUpReg: Malwarebytes' Anti-Malware - hkey= - key= - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

MsConfig - StartUpReg: NokiaOviSuite2 - hkey= - key= -  File not found

MsConfig - StartUpReg: SweetIM - hkey= - key= - C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)

MsConfig - StartUpReg: swg - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

MsConfig - State: "startup" - 2

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.09.07 18:31:31 | 000,599,552 | ---- | C] (OldTimer Tools) -- C:\Users\Melanie\Desktop\OTL.exe

[2012.09.05 16:50:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in

[2012.09.05 03:01:20 | 000,000,000 | R--D | C] -- C:\Program Files\Skype

[2012.09.05 03:01:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

[2012.09.05 03:01:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype

[2012.09.01 11:00:59 | 000,000,000 | ---D | C] -- C:\Users\Melanie\AppData\Roaming\SUPERAntiSpyware.com

[2012.09.01 11:00:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

[2012.09.01 11:00:53 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.09.07 18:42:17 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.09.07 18:33:59 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.09.07 18:31:33 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Users\Melanie\Desktop\OTL.exe

[2012.09.07 17:30:36 | 000,002,299 | ---- | M] () -- C:\Users\Melanie\AppData\Roaming\acervcmtmp.ini

[2012.09.07 17:30:29 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml

[2012.09.07 17:30:27 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.09.07 17:30:22 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job

[2012.09.07 17:30:13 | 000,003,216 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2012.09.07 17:30:13 | 000,003,216 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2012.09.07 17:30:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.09.07 17:30:05 | 3146,633,216 | -HS- | M] () -- C:\hiberfil.sys

[2012.09.07 17:15:44 | 000,194,749 | ---- | M] () -- C:\Users\Melanie\Desktop\Unbenannt.jpg

[2012.09.02 10:22:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job

[2012.09.01 10:30:07 | 000,000,761 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts

[2012.08.19 16:40:09 | 000,000,000 | ---- | M] () -- C:\Users\Melanie\AppData\Roaming\FileOut.cns

[2012.08.19 16:40:09 | 000,000,000 | ---- | M] () -- C:\Users\Melanie\AppData\Roaming\FileIn.cns

[2012.08.16 02:17:58 | 003,682,016 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2012.08.12 18:15:50 | 000,628,914 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2012.08.12 18:15:50 | 000,596,168 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2012.08.12 18:15:50 | 000,126,626 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2012.08.12 18:15:50 | 000,104,242 | ---- | M] () -- C:\Windows\System32\perfc009.dat

 
 ========== Files Created - No Company Name ==========

 

[2012.09.07 17:15:44 | 000,194,749 | ---- | C] () -- C:\Users\Melanie\Desktop\Unbenannt.jpg

[2011.03.22 16:52:49 | 000,000,312 | ---- | C] () -- C:\Windows\Demex.INI

[2011.02.11 18:40:40 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll

[2011.01.26 17:57:21 | 000,009,063 | ---- | C] () -- C:\Users\Melanie\.recently-used.xbel

[2011.01.21 15:52:42 | 000,096,346 | ---- | C] () -- C:\Program Files\Viktigt om Photoshop CS5.pdf

[2011.01.21 15:52:42 | 000,092,906 | ---- | C] () -- C:\Program Files\Photoshop CS5 - Bitte lesen.pdf

[2011.01.21 15:52:42 | 000,086,075 | ---- | C] () -- C:\Program Files\Photoshop CS5 — Lisez-moi.pdf

[2011.01.21 15:52:42 | 000,085,584 | ---- | C] () -- C:\Program Files\Léame de Photoshop CS5.pdf

[2011.01.21 15:52:42 | 000,079,176 | ---- | C] () -- C:\Program Files\Photoshop CS5 - Lueminut.pdf

[2011.01.21 15:52:42 | 000,079,067 | ---- | C] () -- C:\Program Files\Vigtigt-fil til Photoshop CS5.pdf

[2011.01.21 15:52:42 | 000,078,485 | ---- | C] () -- C:\Program Files\Viktig om Photoshop CS5.pdf

[2011.01.21 15:52:41 | 000,096,852 | ---- | C] () -- C:\Program Files\Leia-me do Photoshop CS5.pdf

[2011.01.21 15:52:41 | 000,086,462 | ---- | C] () -- C:\Program Files\Lees mij voor Photoshop CS5.pdf

[2011.01.21 15:52:41 | 000,085,462 | ---- | C] () -- C:\Program Files\Leggimi di Photoshop CS5.pdf

[2010.10.06 16:53:05 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI

[2010.10.04 09:59:30 | 000,000,052 | ---- | C] () -- C:\Windows\wininit.ini

[2010.10.02 07:23:54 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll

[2010.09.29 11:32:54 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe

[2010.09.29 11:32:54 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe

[2010.09.28 09:06:14 | 000,005,056 | ---- | C] () -- C:\ProgramData\drctchbl.xvi

[2010.08.28 00:47:58 | 000,002,299 | ---- | C] () -- C:\Users\Melanie\AppData\Roaming\acervcmtmp.ini

[2010.02.24 12:57:19 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol

[2010.01.23 14:50:06 | 000,007,052 | ---- | C] () -- C:\Users\Melanie\AppData\Local\d3d9caps.dat

[2009.11.01 16:35:56 | 000,000,000 | ---- | C] () -- C:\Users\Melanie\AppData\Roaming\FileOut.cns

[2009.11.01 16:35:56 | 000,000,000 | ---- | C] () -- C:\Users\Melanie\AppData\Roaming\FileIn.cns

[2008.10.05 00:05:18 | 000,000,000 | ---- | C] () -- C:\Users\Melanie\AppData\Roaming\wklnhst.dat

[2008.10.04 21:55:48 | 000,102,912 | ---- | C] () -- C:\Users\Melanie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008.10.04 16:31:59 | 000,000,669 | ---- | C] () -- C:\Users\Melanie\Sample Pictures.lnk

 
 ========== LOP Check ==========

 

[2008.10.08 18:17:35 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Acer

[2008.05.07 20:02:23 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Acer GameZone Console

[2010.09.09 16:18:04 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\ASCOMP Software

[2010.09.30 09:07:26 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Axfeoh

[2008.10.12 20:08:34 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Big Fish Games

[2012.01.17 20:18:46 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Canneverbe Limited

[2011.01.21 17:09:44 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2009.11.03 16:13:09 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\DAEMON Tools Pro

[2012.03.10 17:04:21 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\DVDVideoSoft

[2011.08.21 17:11:18 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\DVDVideoSoftIEHelpers

[2010.12.22 14:55:54 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\EAC

[2008.10.04 20:47:32 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\eSobi

[2008.10.10 18:12:11 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\FloodLightGames

[2008.10.15 23:19:55 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Gaijin Ent

[2008.10.10 14:58:35 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Gearbox Software

[2010.12.27 21:57:58 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\GetRightToGo

[2012.01.20 18:43:41 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\GHISLER

[2011.01.25 14:35:44 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\gtk-2.0

[2010.12.15 11:28:37 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\ICQ

[2010.10.12 06:22:34 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\IObit

[2008.10.13 19:37:42 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\iWin

[2011.03.16 15:56:19 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Jasc

[2010.05.09 19:29:15 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\MAGIX

[2012.03.25 13:18:11 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Nokia

[2012.03.25 13:18:12 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Nokia Suite

[2012.08.09 02:40:01 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Origin

[2011.09.02 17:23:20 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\PC Suite

[2012.01.17 15:17:32 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\PhotoFiltre

[2008.10.11 23:33:04 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\PlayFirst

[2012.03.11 11:22:29 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Systweak

[2009.12.21 09:29:22 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\temp

[2008.10.05 00:05:56 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Template

[2011.01.09 23:35:27 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\TubeBox

[2010.03.12 19:05:41 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\TuneUp Software

[2010.09.14 12:46:21 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\UDC Profiles

[2010.03.15 12:20:46 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Uniblue

[2010.09.29 11:49:10 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Yqmii

[2012.09.07 17:30:22 | 000,000,374 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job

[2012.09.07 17:29:23 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 
 < %SYSTEMDRIVE%\*. >

[2012.01.18 22:13:28 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN

[2010.10.04 13:05:22 | 000,000,000 | ---D | M] -- C:\Acer

[2011.12.24 15:46:36 | 000,000,000 | ---D | M] -- C:\ActivityChanger

[2008.09.10 18:43:54 | 000,000,000 | ---D | M] -- C:\Book

[2009.07.27 22:07:07 | 000,000,000 | ---D | M] -- C:\Boot

[2010.12.08 16:45:31 | 000,000,000 | ---D | M] -- C:\CabMakerFiles

[2009.05.18 12:41:45 | 000,000,000 | ---D | M] -- C:\CDHOME

[2006.11.02 15:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings

[2008.10.04 16:27:30 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen

[2010.06.30 18:04:13 | 000,000,000 | ---D | M] -- C:\DVDVideoSoft

[2010.09.06 20:53:33 | 000,000,000 | ---D | M] -- C:\EGIS_Drive

[2008.10.04 16:35:54 | 000,000,000 | ---D | M] -- C:\Elements

[2012.07.22 19:06:36 | 000,000,000 | ---D | M] -- C:\engine

[2008.04.30 09:21:30 | 000,000,000 | ---D | M] -- C:\Intel

[2008.05.07 19:46:17 | 000,000,000 | R--D | M] -- C:\MSOCache

[2008.01.21 04:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs

[2012.09.05 03:01:20 | 000,000,000 | ---D | M] -- C:\Program Files

[2012.09.01 10:59:52 | 000,000,000 | ---D | M] -- C:\ProgramData

[2008.10.04 16:27:30 | 000,000,000 | -HSD | M] -- C:\Programme

[2012.02.01 21:00:24 | 000,000,000 | R--D | M] -- C:\Sandbox

[2011.01.24 23:04:09 | 000,000,000 | ---D | M] -- C:\SETUP

[2012.07.22 19:06:36 | 000,000,000 | -H-D | M] -- C:\SETUP.1

[2012.07.22 19:09:43 | 000,000,000 | -H-D | M] -- C:\SETUP.2

[2012.08.03 23:06:01 | 000,000,000 | -H-D | M] -- C:\SETUP.3

[2012.09.07 18:43:21 | 000,000,000 | -HSD | M] -- C:\System Volume Information

[2012.08.19 16:40:24 | 000,000,000 | ---D | M] -- C:\Train Store

[2010.08.16 04:36:42 | 000,000,000 | R--D | M] -- C:\Users

[2012.07.08 10:00:49 | 000,000,000 | ---D | M] -- C:\Windows

 
 < %PROGRAMFILES%\*.exe >

 
 < %LOCALAPPDATA%\*.exe >

 
 < %systemroot%\*. /mp /s >

 
 < C:\Windows\system32\*.tsp >

[2006.11.02 11:44:49 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp

[2006.11.02 11:44:49 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp

[2006.11.02 11:44:49 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp

[2006.11.02 11:44:49 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp

[2009.04.11 08:27:17 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp

 
 < MD5 for: AGP440.SYS  >

[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\ERDNT\cache\agp440.sys

[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\agp440.sys

[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys

[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys

[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys

[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys

[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

 
 < MD5 for: ATAPI.SYS  >

[2008.09.10 18:44:50 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys

[2008.09.10 18:44:50 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys

[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\ERDNT\cache\atapi.sys

[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys

[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys

[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys

[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys

[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys

[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

[2008.09.10 18:44:50 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys

 
 < MD5 for: CNGAUDIT.DLL  >

[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache\cngaudit.dll

[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll

[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

 
 < MD5 for: EXPLORER.EXE  >

[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe

[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe

[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe

[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\ERDNT\cache\explorer.exe

[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe

[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe

[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe

[2008.01.21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

 
 < MD5 for: IASTORV.SYS  >

[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys

[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys

[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys

[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

 
 < MD5 for: NETLOGON.DLL  >

[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\ERDNT\cache\netlogon.dll

[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll

[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll

[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

 
 < MD5 for: NVSTOR.SYS  >

[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys

[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys

[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys

[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

 
 < MD5 for: SCECLI.DLL  >

[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll

[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\ERDNT\cache\scecli.dll

[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll

[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\ERDNT\cache\user32.dll

[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll

[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll

[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe

[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe

[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe

[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe

[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe

[2011.12.24 18:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys

[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV

[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV

[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV

[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV

[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

 
 < %systemroot%\system32\*.dll /lockedfiles >

 
 < %USERPROFILE%\*.* >

[2011.01.26 17:57:21 | 000,009,063 | ---- | M] () -- C:\Users\Melanie\.recently-used.xbel

[2012.09.07 18:34:52 | 006,029,312 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat

[2012.09.07 18:34:52 | 000,262,144 | ---- | M] () -- C:\Users\Melanie\ntuser.dat.LOG1

[2010.08.24 13:25:56 | 000,262,144 | ---- | M] () -- C:\Users\Melanie\ntuser.dat.LOG2

[2012.09.07 17:29:21 | 000,065,536 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat{37f50bb9-ee82-11e0-a4e4-001d72c6155e}.TM.blf

[2012.09.07 17:29:21 | 000,524,288 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat{37f50bb9-ee82-11e0-a4e4-001d72c6155e}.TMContainer00000000000000000001.regtrans-ms

[2011.10.04 23:05:42 | 000,524,288 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat{37f50bb9-ee82-11e0-a4e4-001d72c6155e}.TMContainer00000000000000000002.regtrans-ms

[2010.05.29 08:32:40 | 000,065,536 | -HS- | M] () -- C:\Users\Melanie\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf

[2010.05.29 08:32:40 | 000,524,288 | -HS- | M] () -- C:\Users\Melanie\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms

[2008.10.04 16:31:01 | 000,524,288 | -HS- | M] () -- C:\Users\Melanie\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms

[2011.10.04 14:31:47 | 000,065,536 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat{59c42f6b-cef9-11df-893a-001d72c6155e}.TM.blf

[2011.10.04 14:31:47 | 000,524,288 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat{59c42f6b-cef9-11df-893a-001d72c6155e}.TMContainer00000000000000000001.regtrans-ms

[2010.10.03 21:08:07 | 000,524,288 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat{59c42f6b-cef9-11df-893a-001d72c6155e}.TMContainer00000000000000000002.regtrans-ms

[2010.10.03 15:57:08 | 000,065,536 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat{86966b68-6af0-11df-adb2-001d72c6155e}.TM.blf

[2010.10.03 15:57:08 | 000,524,288 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat{86966b68-6af0-11df-adb2-001d72c6155e}.TMContainer00000000000000000001.regtrans-ms

[2010.05.29 09:06:59 | 000,524,288 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat{86966b68-6af0-11df-adb2-001d72c6155e}.TMContainer00000000000000000002.regtrans-ms

[2010.05.29 08:52:41 | 000,065,536 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat{edb220e7-6aec-11df-b273-001d72c6155e}.TM.blf

[2010.05.29 08:52:41 | 000,524,288 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat{edb220e7-6aec-11df-b273-001d72c6155e}.TMContainer00000000000000000001.regtrans-ms

[2010.05.29 08:41:10 | 000,524,288 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat{edb220e7-6aec-11df-b273-001d72c6155e}.TMContainer00000000000000000002.regtrans-ms

[2008.10.04 16:31:01 | 000,000,020 | -HS- | M] () -- C:\Users\Melanie\ntuser.ini

[2008.10.04 16:31:59 | 000,000,669 | ---- | M] () -- C:\Users\Melanie\Sample Pictures.lnk

 
 < %USERPROFILE%\Local Settings\Temp\*.exe >

 
 < %USERPROFILE%\Local Settings\Temp\*.dll >

 
 < %USERPROFILE%\Application Data\*.exe >

 
 < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
 

< End of report >

--- --- ---

Extras.txt

OTL Logfile:

Code:

OTL Extras logfile created on: 07.09.2012 18:34:49 - Run 1

OTL by OldTimer - Version 3.2.61.1     Folder = C:\Users\Melanie\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.19298)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,93 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 62,40% Memory free

6,09 Gb Paging File | 4,82 Gb Available in Paging File | 79,15% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 144,17 Gb Total Space | 22,80 Gb Free Space | 15,81% Space Free | Partition Type: NTFS

Drive D: | 144,15 Gb Total Space | 84,81 Gb Free Space | 58,83% Space Free | Partition Type: NTFS

 

Computer Name: MELANIE-PC | User Name: Melanie | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

http [open] -- Reg Error: Value error.

https [open] -- Reg Error: Value error.

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]

"DisableMonitoring" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 
 ========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.)

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.)

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{09E11437-59C8-4EB0-8D5E-283C8F05EF4A}" = rport=137 | protocol=17 | dir=out | app=system | 

"{0C00CD96-E916-4407-BCF7-6DECD3A82C64}" = lport=139 | protocol=6 | dir=in | app=system | 

"{2882D68C-FC26-4BAF-A42C-E9D0ED988E14}" = rport=139 | protocol=6 | dir=out | app=system | 

"{4A032908-2B58-4F81-A93F-0620ECA91478}" = rport=138 | protocol=17 | dir=out | app=system | 

"{5E510D95-42BD-41D0-B666-AD5F613957FF}" = rport=445 | protocol=6 | dir=out | app=system | 

"{643AD0F3-9D35-4525-90C0-010A7D263420}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{784E2A77-F00D-4E1D-8586-22B145D9F9A0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{8651D672-111F-40A6-B800-1BFFF5CB1262}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 

"{8C2D4A10-B6A1-4610-9D38-E2943BBDB40D}" = lport=137 | protocol=17 | dir=in | app=system | 

"{945B0167-FF4B-49F6-9265-2B97CF4E0E1A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{A15E0144-73F5-4F5A-90D0-D7514147F6DA}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 

"{A364324E-B2E1-4000-A07D-D68078E2DB39}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{AA9759AB-2735-4130-BA21-CA934597F217}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 

"{B0CCEC36-0F68-4200-9333-07ABDC9E6849}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 

"{B3743900-03CE-48DB-AB35-E7E997A036C3}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{BBCB0133-12F2-49E1-8A9E-C87374CF6097}" = lport=445 | protocol=6 | dir=in | app=system | 

"{C0849094-A269-43F7-A514-8A8C66D993C0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 

"{CD6B8795-BB01-401C-A467-E540D3C6F34B}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 

"{D079FD0A-2E5D-4340-ADF7-EF1DF81D13CB}" = lport=138 | protocol=17 | dir=in | app=system | 

"{FDF55BDF-09D1-404F-8550-43F21FB73820}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{046CAE90-41BD-4DFF-9F66-69CBDABEA0DC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{0515AB49-D391-4A91-8DAF-53C4D3C2F355}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 

"{057C4092-4B25-4539-939B-63111302ADC0}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{07AB2621-6363-4FD4-A967-F8B970F0F8E4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{0AA0CB6D-250A-497E-896F-CC4E0E01269B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{0E42E275-4EDB-4BE4-9107-69835DD8382A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{1078D01E-5551-4BBA-B6D4-0A4CB6DB4C87}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | 

"{13B1B061-F775-40F5-BC17-822DAEDA0C4E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{18F13C8A-2F99-4689-A939-5F2BEEEE4676}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{1B31B917-3FB6-4893-AEFB-86D65F402F3B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{1F4BF65C-AD70-4820-A638-34912EDC82B5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{201477B6-A117-44F3-A075-F09B1F3E8CC7}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{2865EE00-F211-4AD9-849A-446E836A2CE9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 

"{2AEE8DF9-D92E-45A7-A7CA-60478A153D76}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 

"{2BD739EF-A368-40D8-8694-38C445AFF41E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{2BEC0200-4362-4359-8DA8-1E235BD7E646}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 

"{2CDCF5F8-6BE7-4195-B77A-DBE6DC9C8B00}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{2D6C587F-53A7-41DA-A284-844F79B44E52}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{2DB9864A-7249-4E0B-9B05-84DF35F6E304}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 

"{2E12FE3B-F0BF-4E1B-875B-01449643E220}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{2E39948B-3696-4D57-A6BE-DC4061598B5E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{2F95D4F7-1A70-4609-8797-1F4695C71702}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{30B1BB7C-47DA-409F-9A46-272821AD65E4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{31A2002C-2D07-4788-A180-D1FB7DF92E6E}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | 

"{31EE60CF-0E6A-4F5E-A2B9-23EE956A20DA}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 

"{32C776B1-88B3-498B-BDDD-382E5DA221A5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 

"{34F8E6F2-3633-4471-8D44-EA6DD247C4BE}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{357157BD-043D-4229-97C7-6BEABC42647F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{36D901B5-EADB-4255-A267-C76D8598AC78}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{381AAF77-5325-44C7-BBDF-1F1A67E76AC2}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{3867FFCB-159C-405B-AB2E-64EEAB55BD47}" = protocol=6 | dir=in | app=c:\gamigo\snowboundonline\run.exe | 

"{38FE7F86-9D6B-43F3-A7D0-D452EB973705}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{39543FCA-E84E-4C40-BDBD-3AD976759DFC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{3F191BD8-E698-460A-8E8B-39B1F3923758}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{3F2A30C2-D1C1-41BB-9EFC-ED567874373F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{405CF252-7C68-4DA7-BF60-4350E324D3AA}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{40F6633E-C7F1-4B60-A140-293DB36D74F3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 

"{473D0EBB-ED72-4BCD-9868-A12242E9F7ED}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 

"{4CBED2F2-E9DE-4B1F-A436-742C6E9F4A6D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 

"{4D013F74-3C09-499E-9EE2-04EC2B33842C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{4E03B8D7-3820-4ABB-B0FD-3C8D279BE0B3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{4E68C5A0-5745-45E5-9D6F-310383B088EA}" = protocol=17 | dir=in | app=e:\libneap.dll | 

"{5042E790-1744-4447-AD2D-8B89F17ADD43}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{5426B4D8-11C5-4418-B531-70355A855A0D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 

"{54D9BC0D-F3EC-4491-988E-72FDCF6C729F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{5AD711F2-CD42-429E-818E-E2A72FAD3FF2}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 

"{5EB66F48-0DF4-49AE-8897-76AEDA2FA512}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{5F445A37-1343-4DEB-A2C3-B705E4382C35}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 

"{5F5DE20E-E07B-41C8-941A-1DA578BE3076}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{623F3F0C-96E3-4507-BC2C-6751D634CA79}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{63D7495B-9C2F-4C95-8ADD-8A62782781D8}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{663E24DB-746F-4613-A025-711B5352DF9A}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 

"{6698C2B0-0C8C-4BB4-AC2D-76CBD39FA84B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{66EB64F4-4600-4C86-B478-2BC2E528FDAA}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{686C827B-3F1E-4B91-834A-B92FBE144655}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 

"{69E15D11-2F91-4A1A-BA60-6DFB87DF6DBE}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{6C6D270D-9A2E-495B-B7B3-20CCAC190787}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{6CAD8071-31AD-4DBA-B819-2FEE6DD0200E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{6CD629A3-AF4A-4EE4-B3DB-759E3ED6EEA3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{6D9FF4BA-8651-4AE4-A762-9D7549032A22}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{700FF7C9-0677-496A-84D5-E6EAB672A274}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{7342C6A4-8AC8-4854-A52A-E52D09D484B0}" = protocol=17 | dir=in | app=e:\alicesetup.exe | 

"{74BEE852-5C5F-4F60-9C63-6033F6513F06}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{769C3A4E-BB2D-46C0-967C-0602B83F3261}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{7C0A7420-F5A9-4FB3-A313-79B5B5F94228}" = protocol=6 | dir=in | app=e:\libneap.dll | 

"{7EC7D901-F7A4-4E8A-8BEF-B0AA9FB84F81}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{831C7BC7-8A7C-4A3C-87B6-879B810A3C49}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{8A242C81-33AC-4B6C-9D23-50A4360AC30C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{8AF0D93E-83E2-460D-B674-27487D45D47D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{8B2B9469-10B8-4B65-9139-D84FB2585854}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{8B3488E5-E66D-4C64-A6D6-400D01F097BA}" = protocol=17 | dir=in | app=e:\dwizard615.exe | 

"{8FA528E3-1568-4DB4-A8C2-CC941BA9335F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{912C173F-76FA-43A2-9A1B-1217ADBCA054}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 

"{92199FC9-675B-41DD-A674-A697D6DF84FF}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{9E00047A-456B-4324-9237-5B8996187512}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{A14FF724-1692-4982-9999-8DDA3BD64CF4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{A7898854-4855-42AD-A680-595A87E9CCC5}" = dir=in | app=c:\program files\acer\acer vcm\vc.exe | 

"{A7F136AA-66E0-4782-AD73-4100136243C4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{ABE5CFA9-8510-4F6C-A17F-FA7AF7F79FBF}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{B395FF55-052E-4511-8AE5-4C79FF3318CD}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{B5195AB3-74D6-41FD-AC3E-F13518F4641A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{B5278D6D-EE48-44EB-B951-DB858009BB11}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 

"{B7750CF6-AD6A-4023-B1F8-4AFF7CC5C0E9}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 

"{B77F9E97-92E6-4165-8073-C25B985F7ABA}" = protocol=17 | dir=in | app=c:\gamigo\snowboundonline\run.exe | 

"{C120845B-15ED-4155-878E-ABE812208B34}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{C9D8324F-BD4A-44D3-AA49-2B99BC9E5492}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{CAE458B9-6B41-469F-81C2-009550143045}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{CD04A254-A2E8-4ADB-96D2-91074CD83499}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | 

"{D4B234B0-B109-4106-8A6F-C16FC6F18713}" = protocol=6 | dir=in | app=e:\dwizard615.exe | 

"{D5CB2415-F15F-4148-88D8-73081C54F0D1}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{D72A2A13-2176-4554-B5AB-EC4DCC6F27CD}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{D89BC81B-F048-4FFE-A0FC-7F79DCDDF241}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{DBF97DF8-19E3-4347-9A10-EBB5EAE7D1D3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{DC5A5504-5DBC-44E1-9F93-576CA513434C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{DFCE3B1E-5608-4F48-9692-11E4FE1FB82D}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 

"{E7626F63-126B-4076-888F-8285C87924CA}" = protocol=6 | dir=in | app=e:\alicesetup.exe | 

"{E951B1DB-74A9-4390-A214-B7CC94EA1A66}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{E9BB441F-C6F6-4FBD-A10D-C7B17E32BEB5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{E9D31E29-0BE1-4F04-8955-5B8661B6F271}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{EF1AB119-742C-45F6-BED3-EA5389E9DED8}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{EF8F2DCF-6C91-4317-9FFF-5F6773A7FD87}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{F25B8834-D667-4269-B7F7-932B44911059}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 

"{F36386E8-22AB-4180-8CBF-8A7BB14BD68D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{F39D629A-C59F-4EFE-8701-1FB8572EA983}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{F85931DE-2FCE-4B1D-9202-52E3324F2007}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 

"{F96C5476-AEE3-4280-A7D4-5953188EFA71}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{FE697784-DB62-446A-86D7-34C40E65ABAE}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"TCP Query User{055B05DE-1E25-4A6B-8709-0BE0281B1ABA}C:\program files\1clickdownload\1clickdownloader.exe" = protocol=6 | dir=in | app=c:\program files\1clickdownload\1clickdownloader.exe | 

"TCP Query User{0A04BDCF-CCDA-4B29-B6B4-20626F0EA5B5}C:\program files\activision value\world series of poker toc\wsoptoc.exe" = protocol=6 | dir=in | app=c:\program files\activision value\world series of poker toc\wsoptoc.exe | 

"TCP Query User{0C6EA673-AC9D-4728-9464-25CB86BAB5E6}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 

"TCP Query User{1C1B8E93-0AA3-4E7D-9AA6-14B67FFBE5CB}C:\program files\ea sports\fussball manager 12\online\fmonline.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fussball manager 12\online\fmonline.exe | 

"TCP Query User{2986400D-C5D6-486C-9ADD-CDE44E75D3ED}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 

"TCP Query User{3574FA08-1F87-4ED2-B8DC-3A7BEFF021B0}C:\program files\activision value\world series of poker toc\wsoptoc.exe" = protocol=6 | dir=in | app=c:\program files\activision value\world series of poker toc\wsoptoc.exe | 

"TCP Query User{388744BD-3526-4412-A4BB-1109BFC29F0C}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 

"TCP Query User{4BF1F50E-E8AF-4079-BEEA-27C2A6AC8D50}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 

"TCP Query User{5205D070-46C7-4622-93F9-779667C051B3}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe | 

"TCP Query User{5D15C7B8-CFA4-431B-A682-A9D23FB00D13}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 

"TCP Query User{A4685A39-4761-488F-AEEE-68E338D03644}C:\program files\ea sports\fussball manager 10\manager10.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fussball manager 10\manager10.exe | 

"TCP Query User{AFBF6A7F-2DA6-4B8C-8BA9-EBE64DECE3BE}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | 

"TCP Query User{C51BCCDF-F365-4BC2-8947-AAEF7392B2E1}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 

"TCP Query User{D0F63E59-D865-4AEC-A6F3-08F091D0B961}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe | 

"TCP Query User{D1E9BC05-4850-4BB1-B835-17DF2AE04E0B}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 

"TCP Query User{D38BC35D-90EE-4754-B32B-096C4A1969F4}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe | 

"TCP Query User{E13B0C81-C9EF-4B9B-9963-FBD520A40C5A}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe | 

"TCP Query User{E79382BD-A4B3-499A-802B-41D15751A6B6}C:\program files\ea sports\fussball manager 10\manager10.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fussball manager 10\manager10.exe | 

"TCP Query User{ED6ED9CC-F340-4574-B49C-5677008F52D1}C:\program files\ea sports\fussball manager 12\online\fmonline.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fussball manager 12\online\fmonline.exe | 

"TCP Query User{EF2FA0ED-34D2-4BE7-ADB8-52F4E8BB7BF4}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 

"UDP Query User{0894D49F-80BA-4011-A4BB-59E5B5CB123C}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 

"UDP Query User{10E6197C-C817-425D-91E3-5D4A08621E48}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe | 

"UDP Query User{24872BAB-B28E-4869-ABE8-6489FF03852D}C:\program files\1clickdownload\1clickdownloader.exe" = protocol=17 | dir=in | app=c:\program files\1clickdownload\1clickdownloader.exe | 

"UDP Query User{431C4731-6139-48D2-B95C-CB789E8D1C48}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 

"UDP Query User{4483AA06-2F55-4DFC-99EA-9D0870834E90}C:\program files\ea sports\fussball manager 12\online\fmonline.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fussball manager 12\online\fmonline.exe | 

"UDP Query User{54B5A8BF-7CE4-41F3-B3CD-51C0929F8BD8}C:\program files\activision value\world series of poker toc\wsoptoc.exe" = protocol=17 | dir=in | app=c:\program files\activision value\world series of poker toc\wsoptoc.exe | 

"UDP Query User{5763FB3E-FBCE-4FE8-A52D-332677094EA9}C:\program files\ea sports\fussball manager 10\manager10.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fussball manager 10\manager10.exe | 

"UDP Query User{72E33DF3-3CB6-433E-B53C-58D83282A470}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe | 

"UDP Query User{7BC4F64D-A858-406E-B76E-880D79090B7C}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 

"UDP Query User{9410DC36-2531-4B37-AC81-84863F76C926}C:\program files\ea sports\fussball manager 10\manager10.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fussball manager 10\manager10.exe | 

"UDP Query User{9A4E1845-1B11-4175-BDA4-BF598D1120CC}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 

"UDP Query User{A3692EF5-D088-49D7-A6E2-4804785699FB}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe | 

"UDP Query User{A588C00C-4B09-490C-8964-EFECC2E58D34}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 

"UDP Query User{AFC28250-7B0E-469F-BD9F-492205F76473}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 

"UDP Query User{C64DF1BC-7E98-462E-BF9C-3ACFF3AA619A}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | 

"UDP Query User{C8DA22EB-058E-495F-91A8-B87E94B7B5C9}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 

"UDP Query User{CA796A13-5E4C-43B8-BCCD-510B80B436E6}C:\program files\activision value\world series of poker toc\wsoptoc.exe" = protocol=17 | dir=in | app=c:\program files\activision value\world series of poker toc\wsoptoc.exe | 

"UDP Query User{D3A5978F-824B-4DC7-B810-DC2C7DF357F1}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe | 

"UDP Query User{EEADDAED-B901-42C6-8941-63F704AC288E}C:\program files\ea sports\fussball manager 12\online\fmonline.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fussball manager 12\online\fmonline.exe | 

"UDP Query User{FEAD0ED5-B023-4930-A4EB-EEA445753E6A}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

""Autobus ATM" per Train Simulator" = "Autobus ATM" per Train Simulator

"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86

"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM

"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu

"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

"{0CFF3525-4420-48F7-981B-BF771DA53BA6}_is1" = rcPass_Pass-0002_v2_2

"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86

"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In

"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard

"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8

"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 30

"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3FA7A919-87DA-42B1-814B-86DE8DCA17C2}" = gmax

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works

"{587A2120-41D3-11DB-3D6C-00E19E4D4AE1}" = MSTS Patch 1.8.0521 EN

"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management

"{5A0C1B89-04F3-4AAE-92AC-133B8D2DBEF3}_is1" = UZ_WLABmee62-001 v2.0

"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86

"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7964AE02-9127-42C0-A917-2CE4CD4EFE3B}" = Nokia Suite

"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP

"{7EC12739-C256-4681-8E06-2FE51D4499C1}_is1" = MRCE 189 2.0

"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management

"{8226A577-657C-4961-8DDC-EAC8DF61B465}" = Microsoft Train Simulator gmax Gamepack

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie

"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update

"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology

"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007

"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007

"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007

"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007

"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007

"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007

"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007

"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{A1DDF160-9EE1-492B-A8D7-028B5CE0DBC8}_is1" = SZD_RIC-001 v1.0

"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management

"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver

"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch

"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger

"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86

"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail

"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1

"{D16ECDF4-DA6F-418F-947A-C1652B5CFD96}" = SweetIM for Messenger 2.7

"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86

"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call

"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86

"{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}" = PC Connectivity Solution

"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader

"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86

"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5

"0852D05415AB9A4F1EF451E342267F76C776ED2F" = Windows-Treiberpaket - Nokia Modem  (11/03/2006 6.82.0.1)

"1ClickDownload" = 1ClickDownloader

"4Musics MP3 to WAV Converter 4.3_is1" = 4Musics MP3 to WAV Converter 4.3

"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)

"7-Zip" = 7-Zip 4.65

"ABC Amber Audio Converter" = ABC Amber Audio Converter

"AceIt_is1" = AceIt v1.3.1

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Advanced SystemCare 3_is1" = Advanced SystemCare 3

"Agere Systems Soft Modem" = Agere Systems HDA Modem

"AnswerWorks" = AnswerWorks Runtime

"BrothersInArms" = Brothers In Arms

"CCleaner" = CCleaner

"conduitEngine" = Conduit Engine

"Convoi" = Convoi 1.50

"DB Br 474 v0.1" = DB Br 474 v0.1

"Dél Alföld pálya: Béta Verzió" = Dél Alföld pálya: Béta Verzió

"DemexV1" = DEMEX

"DirectXMediaRuntime" = DirectX Media Runtime 5.1

"Druckertüchtigte IC-Wagen für den MSTS" = Druckertüchtigte IC-Wagen für den MSTS 1.0

"Eisenbahn Verkehrspläne Auskunft 3" = Eisenbahn Verkehrspläne Auskunft 3

"FormatFactory" = FormatFactory 2.90

"Free Video to Nokia Phones Converter_is1" = Free Video to Nokia Phones Converter version 2.3.815

"Free YouTube Download_is1" = Free YouTube Download version 3.0.13.815

"FUSSBALL MANAGER 10" = FUSSBALL MANAGER 10

"FUSSBALL MANAGER 12" = FUSSBALL MANAGER 12

"Google Updater" = Google Updater

"HDMI" = Intel(R) Graphics Media Accelerator Driver

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5

"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8

"Lepsény-Rajka horgásztó-Rajka-Pápa" = Lepsény-Rajka horgásztó-Rajka-Pápa

"LManager" = Launch Manager

"MAGIX Screenshare D" = MAGIX Screenshare

"MAGIX Speed burnR D" = MAGIX Speed burnR

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.0.1800

"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)

"mp3-2-wav" = mp3-2-wav converter 1.14

"MSTS Activity Mover_is1" = MSTS Activity Mover, 1.0

"Nokia Suite" = Nokia Suite

"Origin" = Origin

"ProTrain 12 Karlsruhe - Basel 1.0" = ProTrain 12 Karlsruhe - Basel 1.0

"ProTrain 12 Raildriver 1.0" = ProTrain 12 Raildriver 1.0

"ProTrain 36 1.0" = ProTrain 36 1.0

"ProTrain 7 - Frankfurt-Nürnberg 1.0" = ProTrain 7 - Frankfurt-Nürnberg 1.0

"ProTrain Thema 1 - Nachtzüge 1.0" = ProTrain Thema 1 - Nachtzüge 1.0

"ProTrain Thema 1 Raildriver 1.0" = ProTrain Thema 1 Raildriver 1.0

"r8brain" = r8brain 1.9

"Revo Uninstaller" = Revo Uninstaller 1.93

"RRT_RIC_Patch_is1" = Ïàò÷ äëÿ ïàññàæèðñêèõ âàãîíîâ ãàáàðèòà RIC ¹¹ 0001-0002

"softonic-de3 Toolbar" = softonic-de3 Toolbar

"STP DB ICE VT 605 V1.0" = STP DB ICE VT 605 V1.0

"STP DB ICE3 406 V1.0" = STP DB ICE3 406 V1.0

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"TGATool2A_is1" = TGATool2A version 4.00.34

"The route Bratislava-Brno-Praha for MSTS_is1" = The route Bratislava-Brno-Praha for MSTS version from  BP 77 / 

"Train Simulator 1.0" = Microsoft Train Simulator

"Train Store (German Language Pack)" = Train Store (German Language Pack)

"Train Store V3.2" = Train Store V3.2

"TranslatorBar_1.2 Toolbar" = TranslatorBar 1.2 Toolbar

"Uninstall_is1" = Uninstall 1.0.0.1

"VLC media player" = VLC media player 1.1.11

"WinLiveSuite_Wave3" = Windows Live Essentials

"WinRAR archiver" = WinRAR

"WLABm_Rest_PKP_0001" = WLABm_Rest_PKP_0001

"YTdetect" = Yahoo! Detect

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"PhotoFiltre" = PhotoFiltre

"Route_Riter v7.5" = Route_Riter v7.5

"Wupper Express 11 Actpack 1.0" = Wupper Express 11 Actpack 1.0

 
 ========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 06.09.2012 12:02:11 | Computer Name = Melanie-PC | Source = Application Error | ID = 1000

Description = Fehlerhafte Anwendung Manager12.exe, Version 1.0.0.3, Zeitstempel 

0x4ee1398a, fehlerhaftes Modul Telemetry.dll_unloaded, Version 0.0.0.0, Zeitstempel

 0x4e5df9f0, Ausnahmecode 0xc0000005, Fehleroffset 0x64d72889,  Prozess-ID 0x518, 

Anwendungsstartzeit 01cd8c430912e717.

 

Error - 06.09.2012 12:15:27 | Computer Name = Melanie-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 06.09.2012 12:31:38 | Computer Name = Melanie-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 06.09.2012 12:36:23 | Computer Name = Melanie-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 06.09.2012 12:37:17 | Computer Name = Melanie-PC | Source = Application Error | ID = 1000

Description = Fehlerhafte Anwendung IObitUpdate.exe, Version 1.1.0.261, Zeitstempel

 0x2a425e19, fehlerhaftes Modul kernel32.dll, Version 6.0.6002.18449, Zeitstempel

 0x4da47967, Ausnahmecode 0xc0000005, Fehleroffset 0x000bfea5,  Prozess-ID 0xdd8, 

Anwendungsstartzeit 01cd8c4dd4bd57c1.

 

Error - 06.09.2012 20:01:30 | Computer Name = Melanie-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 06.09.2012 21:25:34 | Computer Name = Melanie-PC | Source = Application Error | ID = 1000

Description = Fehlerhafte Anwendung Manager12.exe, Version 1.0.0.3, Zeitstempel 

0x4ee1398a, fehlerhaftes Modul Telemetry.dll_unloaded, Version 0.0.0.0, Zeitstempel

 0x4e5df9f0, Ausnahmecode 0xc0000005, Fehleroffset 0x65d92889,  Prozess-ID 0x12d4,

 Anwendungsstartzeit 01cd8c8e1ef92cec.

 

Error - 07.09.2012 11:10:06 | Computer Name = Melanie-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 07.09.2012 11:30:28 | Computer Name = Melanie-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 07.09.2012 12:33:22 | Computer Name = Melanie-PC | Source = Application Error | ID = 1000

Description = Fehlerhafte Anwendung Manager12.exe, Version 1.0.0.3, Zeitstempel 

0x4ee1398a, fehlerhaftes Modul Telemetry.dll_unloaded, Version 0.0.0.0, Zeitstempel

 0x4e5df9f0, Ausnahmecode 0xc0000005, Fehleroffset 0x6a412889,  Prozess-ID 0x784, 

Anwendungsstartzeit 01cd8d125aebd68b.

 

[ System Events ]

Error - 07.09.2012 11:10:06 | Computer Name = Melanie-PC | Source = Service Control Manager | ID = 7000

Description = 

 

Error - 07.09.2012 11:14:14 | Computer Name = Melanie-PC | Source = ACPI | ID = 327693

Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen

 Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware

 hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie 

den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen

 Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

 

Error - 07.09.2012 11:17:14 | Computer Name = Melanie-PC | Source = ACPI | ID = 327693

Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen

 Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware

 hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie 

den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen

 Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

 

Error - 07.09.2012 11:17:19 | Computer Name = Melanie-PC | Source = ACPI | ID = 327693

Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen

 Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware

 hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie 

den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen

 Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

 

Error - 07.09.2012 11:29:54 | Computer Name = Melanie-PC | Source = volmgr | ID = 262190

Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

 

Error - 07.09.2012 11:30:03 | Computer Name = Melanie-PC | Source = volmgr | ID = 262190

Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

 

Error - 07.09.2012 11:30:28 | Computer Name = Melanie-PC | Source = Service Control Manager | ID = 7000

Description = 

 

Error - 07.09.2012 11:30:28 | Computer Name = Melanie-PC | Source = Service Control Manager | ID = 7000

Description = 

 

Error - 07.09.2012 11:31:52 | Computer Name = Melanie-PC | Source = ACPI | ID = 327693

Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen

 Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware

 hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie 

den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen

 Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

 

Error - 07.09.2012 11:44:43 | Computer Name = Melanie-PC | Source = Dhcp | ID = 1001

Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server

 für die Netzwerkkarte mit der Netzwerkadresse 002269732DB5 zugeteilt werden. Der

 folgende Fehler ist aufgetreten:   %%1223. Es wird weiterhin im Hintergrund versucht,

 eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.

 

[ TuneUp Events ]

Error - 12.06.2010 15:01:08 | Computer Name = Melanie-PC | Source = TuneUp Program Statistics | ID = 131840

Description = 

 

 

< End of report >

--- --- ---

ich hatte dir damals zur instalation einiger programme geraten, sehe sie hier aber nicht? hattest du wenigstens regelmäßige backups gemacht? dann spiele mal eins zurück

Dieses MBRCheck, Sandboxie und Malwarebytes habe ich. Nebst mein Antivirus. BachkUps.....davon weiß ich leider nichts. Vielleicht ist es untergegangen. Apropos.....ein Systemwiederherstellungspunkt kann ich auch nicht erstellen. Denn das ist immer meine erste Alternative, wenn ich mit den Lappi Probleme habe.

ne, das ist keine alternative, ich hatte dir damals gesagt, richte dir nen backup ein, dass ist ne alternative, denn damit wird das system dann, im notfall sauber zurück gesetzt, die swh macht häufig probleme.

Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

Endlich fertig.

Combofix Logfile:

Code:

ComboFix 12-09-07.03 - Melanie 07.09.2012  19:52:01.3.2 - x86

Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.3000.1906 [GMT 2:00]

ausgeführt von:: c:\users\Melanie\Desktop\ComboFix.exe

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\system32\roboot.exe

.

.

(((((((((((((((((((((((   Dateien erstellt von 2012-08-07 bis 2012-09-07  ))))))))))))))))))))))))))))))

.

.

2012-09-07 18:07 . 2012-09-07 18:07        --------        d-----w-        c:\users\Public\AppData\Local\temp

2012-09-07 18:07 . 2012-09-07 18:07        --------        d-----w-        c:\users\Default\AppData\Local\temp

2012-09-05 01:01 . 2012-09-05 01:01        --------        d-----w-        c:\program files\Common Files\Skype

2012-09-05 01:01 . 2012-09-05 01:01        --------        d-----r-        c:\program files\Skype

2012-09-01 09:00 . 2012-09-07 17:39        --------        d-----w-        c:\program files\SUPERAntiSpyware

2012-08-15 17:11 . 2012-07-04 14:02        2047488        ----a-w-        c:\windows\system32\win32k.sys

2012-08-15 13:28 . 2012-05-11 15:57        623616        ----a-w-        c:\windows\system32\localspl.dll

2012-08-15 13:28 . 2012-06-28 11:37        916992        ----a-w-        c:\windows\system32\wininet.dll

2012-08-15 13:28 . 2012-06-28 11:31        743424        ----a-w-        c:\program files\Internet Explorer\iedvtool.dll

2012-08-15 13:28 . 2012-06-28 11:36        129536        ----a-w-        c:\program files\Internet Explorer\sqmapi.dll

2012-08-15 13:28 . 2012-06-28 11:31        521728        ----a-w-        c:\program files\Internet Explorer\jsdbgui.dll

2012-08-15 13:28 . 2012-06-28 11:31        247808        ----a-w-        c:\program files\Internet Explorer\ieproxy.dll

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-15 14:42 . 2012-04-01 07:04        426184        ----a-w-        c:\windows\system32\FlashPlayerApp.exe

2012-08-15 14:42 . 2012-01-20 16:00        70344        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl

2012-07-03 11:46 . 2012-01-19 13:48        22344        ----a-w-        c:\windows\system32\drivers\mbam.sys

2011-12-21 07:42 . 2012-01-20 16:28        121816        ----a-w-        c:\program files\mozilla firefox\components\browsercomps.dll

.

.

------- Sigcheck -------

Note: Unsigned files aren't necessarily malware.

.

[7] 2012-03-30 . 27D470DABC77BC60D0A3B0E4DEB6CB91 . 905600 . . [6.0.6002.18604] . . c:\windows\System32\drivers\tcpip.sys

.

[7] 2012-06-02 . 2E0B0A051FFAA86E358465BB0880D453 . 53784 . . [7.6.7600.256] . . c:\windows\System32\wuauclt.exe

.

[7] 2012-04-23 . 75C6A297E364014840B48ECCD7525E30 . 133120 . . [6.0.6000.16386] . . c:\windows\System32\cryptsvc.dll

[7] 2012-04-23 . 75C6A297E364014840B48ECCD7525E30 . 133120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_77e34ec697f67015\cryptsvc.dll

[7] 2012-04-23 . C979AEA8C4D8F875CD25507D08980006 . 135168 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_78447b63b1339621\cryptsvc.dll

[7] 2009-04-11 . FB27772BEAF8E1D28CCD825C09DA939B . 129024 . . [6.0.6000.16386] . . c:\windows\ERDNT\cache\cryptsvc.dll

[7] 2009-04-11 . FB27772BEAF8E1D28CCD825C09DA939B . 129024 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll

[7] 2008-01-21 . 6DE363F9F99334514C46AEC02D3E3678 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll

.

[7] 2012-06-28 . 0D5E31ADA4C9D24A7891E92DD33D406C . 6010368 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23385_none_f66432f95150deae\mshtml.dll

[7] 2012-06-28 . D049E2BAB04AA57CBD7D6573C532FD9D . 6008320 . . [8.00.6001.18702] . . c:\windows\System32\mshtml.dll

[7] 2012-06-28 . D049E2BAB04AA57CBD7D6573C532FD9D . 6008320 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19298_none_f5d2c7203838a6da\mshtml.dll

[7] 2012-05-15 . FACC0814B3D95D317E44070859AB5978 . 6009344 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23359_none_f688a3e55134f037\mshtml.dll

[7] 2012-05-15 . 6224CD5ACCF78EBC082CF7A493D0A340 . 6007808 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19272_none_f5e2653c382dd6ee\mshtml.dll

[7] 2012-02-28 . 6758A38197024E71F71FFF507A1AD2F1 . 5980672 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23318_none_f6b2e34b5115671c\mshtml.dll

[7] 2012-02-28 . 5F25D5561F5BDA32EDE1193EC01529BF . 5978624 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19222_none_f61874d838054b39\mshtml.dll

[7] 2011-12-15 . 0FB4CBF8B6F2407B821266F80C4EAA88 . 5980160 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23286_none_f665315d514ffade\mshtml.dll

[7] 2011-12-15 . 62CA6A044EE909202D74C138012DD9AF . 5979136 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19190_none_f5cac2ea383fdefb\mshtml.dll

[7] 2011-11-03 . D4D63FCD03E8B58D5F1DDE6D64E0FF1B . 5978624 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23266_none_f67ad135513fc2fc\mshtml.dll

[7] 2011-11-03 . 73D666A49DEC07192D7D1C367A142333 . 5978112 . . [8.00.6001.18702] . . c:\windows\ERDNT\cache\mshtml.dll

[7] 2011-11-03 . 73D666A49DEC07192D7D1C367A142333 . 5978112 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19170_none_f5e062c2382fa719\mshtml.dll

[7] 2011-09-30 . 59CC0E3A960D0B8A4BBDB6FC65340EB9 . 5972992 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23250_none_f67f9f65513d0f01\mshtml.dll

[7] 2011-09-30 . 7E6C9B54B10123EA983ECDF7FBFFEA86 . 5971456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19154_none_f5fa03c2381bd493\mshtml.dll

[7] 2011-07-23 . 8DF22BFA121C76BF1EE346AB9F12F360 . 5971456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23216_none_f6b0e0d151173747\mshtml.dll

[7] 2011-07-23 . CAB330223469AC16EDB4863DF4C9976B . 5969920 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19120_none_f616725e38071b64\mshtml.dll

[7] 2011-05-28 . 7AF8A6DB4596E3BB3309BABA661EB523 . 5967360 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23181_none_f6602e0551547f04\mshtml.dll

[7] 2011-05-28 . 6D1E32A3C964BAF06B7973E7B18E3212 . 5964800 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19088_none_f5dd93403830909b\mshtml.dll

[7] 2011-02-22 . 6D30A34B029176D86EC04ECE6C0F62B1 . 5964800 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23143_none_f68d6e49513241ee\mshtml.dll

[7] 2011-02-22 . AA411AEF2476D251078F9C9F0478C142 . 5962240 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19048_none_f608d2f0381020d7\mshtml.dll

[7] 2010-12-18 . 0DA63A2B1D6D55E6005F4552D22E7BBE . 5962240 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23111_none_f6abdd79511bbb6d\mshtml.dll

[7] 2010-12-18 . 42B87D22378C1EF98F3B6F410C2670AA . 5961216 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19019_none_f62a42fe37f6e65b\mshtml.dll

[7] 2010-11-02 . 9FCC1F6457A84902EA7545B568B5AEDB . 5960704 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23091_none_f6555c33515c9dce\mshtml.dll

[7] 2010-11-02 . 9AC463498C480E9EB3C63DC21E4F29C8 . 5959168 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18999_none_f5d3eb7c383792a1\mshtml.dll

[7] 2010-09-08 . E993FB26BFAC2887BFE8DDAC4DC9180A . 5958656 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23067_none_f67bcdb3513ee205\mshtml.dll

[7] 2010-09-08 . 1704FC902E1B53EF87593D60FD312A55 . 5957120 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18975_none_f5e58a2c382af563\mshtml.dll

[7] 2010-06-26 . DF63821381A08F65174BA42745B1C79B . 5954560 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23040_none_f68a6b855134f8c2\mshtml.dll

[7] 2010-06-26 . D6168759945CD6BC2DB4BFCD4E94B399 . 5951488 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18943_none_f603f95c38146ee2\mshtml.dll

[7] 2010-05-04 . 62F23130C89F1EE5C0C9EEAB0685D1E5 . 5953024 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23019_none_f6b3dde3511488fe\mshtml.dll

[7] 2010-05-04 . B1E862448C38B0F70139BC28F67332DE . 5950976 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18928_none_f61e9aa637ffb5b3\mshtml.dll

[7] 2010-02-23 . 27DB55375D8F8045A27E016BB21B17C0 . 5946880 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22995_none_f65985395158cfe8\mshtml.dll

[7] 2010-02-23 . 8D5FB97AE3D30CCDD8C9D8AF447C7D09 . 5944832 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18904_none_f630395637f31875\mshtml.dll

[7] 2010-01-02 . BE6120F3D7A853039B5437AC9E1986C1 . 5945856 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22973_none_f66d247d514a6558\mshtml.dll

[7] 2010-01-02 . DF4D546A6E1C8D0F4FC10FCC9E422763 . 5942784 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18882_none_f5d7b77c3835c828\mshtml.dll

[7] 2009-11-21 . ED6055694115B1A247B2591AB465A21D . 5944320 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22956_none_f685c5335137797b\mshtml.dll

[7] 2009-11-21 . 062B81F34EADEEF652E759BF93691C50 . 5940736 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18865_none_f5f058323822dc4b\mshtml.dll

[7] 2009-07-22 . 8FD67A68AF3E2013DC668D3DD1519BB7 . 5938176 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22903_none_f6b8d3f15111a1c1\mshtml.dll

[7] 2009-07-21 . 2620C82EEEBED884FAA1E00C4671E83A . 5937152 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18813_none_f624673a37fc1de8\mshtml.dll

[7] 2009-05-12 . 5F3B323A3758C9B156B199F54A888882 . 5936128 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22874_none_f66e22e151498188\mshtml.dll

[7] 2009-05-09 . 89CCF8069B59780BDEF45E345E671347 . 5936128 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18783_none_f5d8b5e03834e458\mshtml.dll

[7] 2009-04-11 . A4D04D404AFC1D30EDA01EE50D27AA51 . 3596288 . . [7.00.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18005_none_152e8ba81f4b4668\mshtml.dll

[7] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18702_none_f62e34f637f4eb79\mshtml.dll

[7] 2009-03-03 . 0DCC9623D9A3E77212177F59738BE29A . 3580928 . . [7.00.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18226_none_1333784c22344556\mshtml.dll

[7] 2009-03-03 . A77A82830D2BBB001A53A5368934F7EB . 3581440 . . [7.00.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22389_none_137f366d3b7fd8cb\mshtml.dll

[7] 2009-03-03 . 94ED56734E8AB74357F8EA2C5C174EA9 . 3595264 . . [7.00.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16830_none_113c67fe251b384c\mshtml.dll

[7] 2009-03-03 . 67FFB5ED7723D03B50734614D31B57A5 . 3596800 . . [7.00.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21023_none_11d3adb53e2e3b6c\mshtml.dll

[7] 2009-01-16 . 8FA6CFFC665D1D9D99126CFA8D8DEAB7 . 3580928 . . [7.00.6001.22355] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22355_none_139ba5093b6b1f9c\mshtml.dll

[7] 2009-01-15 . E161281A8E8937ED94299A6B465D7BCE . 3580416 . . [7.00.6001.18203] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18203_none_134617462226c16f\mshtml.dll

[7] 2009-01-15 . AD9E78847641E519FE50A9C27E49AD27 . 3596288 . . [7.00.6000.20996] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20996_none_118b26fd3e6417c6\mshtml.dll

[7] 2009-01-15 . 676692EDC2E1DBD89EFCB617A1E75F7D . 3594752 . . [7.00.6000.16809] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16809_none_1165da5c24fac888\mshtml.dll

[7] 2008-12-12 . 8ECFDD5549AD28191D8594C80D4001E8 . 3578880 . . [7.00.6001.18183] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18183_none_12ef96002267a3d0\mshtml.dll

[7] 2008-12-12 . 20348C5C94D7D4A0D9AA12FBAA698514 . 3579392 . . [7.00.6001.22328] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22328_none_13bf15ab3b5017ce\mshtml.dll

[7] 2008-12-12 . 863FBEECA377800B2AFA4F8E972BEBC0 . 3593216 . . [7.00.6000.16788] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16788_none_110e58cc253c9192\mshtml.dll

[7] 2008-12-12 . 616EA8D014AF07FB1DC97B7432794AA6 . 3594752 . . [7.00.6000.20973] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20973_none_119dc5f73e5693df\mshtml.dll

[7] 2008-10-16 . B1AE727959358E4FE72D7FE6DC6736E8 . 3578880 . . [7.00.6001.18157] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18157_none_131406ec224bb559\mshtml.dll

[7] 2008-10-16 . 8B03B6121C4A55BF48B56BFAF962F879 . 3593216 . . [7.00.6000.16764] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16764_none_111ff77c252ff454\mshtml.dll

[7] 2008-10-16 . 6D4AAAAAEB494F78610AE792EC6B3E77 . 3579392 . . [7.00.6001.22288] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22288_none_137e343d3b80c24d\mshtml.dll

[7] 2008-10-16 . CF807C36C2E1984104D173B9DE1BCBCD . 3595264 . . [7.00.6000.20937] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20937_none_11cd06cf3e328977\mshtml.dll

[7] 2008-10-02 . 3E3D3E24BD1F862CD1A772C0DAD3F134 . 3578880 . . [7.00.6001.18148] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18148_none_131fd7222242b2bf\mshtml.dll

[7] 2008-10-02 . 713D3D802424C56F28A3AC21F843D9E4 . 3593216 . . [7.00.6000.16757] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16757_none_112dc84625252468\mshtml.dll

[7] 2008-10-02 . 56942EB5D17DFA38CA0B2B234BB578A3 . 3579392 . . [7.00.6001.22278] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22278_none_138904293b78a65c\mshtml.dll

[7] 2008-10-02 . 34311116C0A994BD82D7732D0950999C . 3594752 . . [7.00.6000.20927] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20927_none_11d7d6bb3e2a6d86\mshtml.dll

[7] 2008-09-10 . 13A0AA60B35A6A13152A759536C10203 . 3591680 . . [7.00.6000.16681] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16681_none_110754e02542e30a\mshtml.dll

[7] 2008-09-10 . 38EC352C600EB037FE02749F8C170B6B . 3593728 . . [7.00.6000.20823] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20823_none_11d3d3ad3e2e0b03\mshtml.dll

[7] 2008-09-10 . 2C2A85BBAB617EDDD19119F66C05B1C3 . 3578368 . . [7.00.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18063_none_130533f222576ec7\mshtml.dll

[7] 2008-09-10 . 92A81ADE1E576A53176777260190F3A1 . 3578368 . . [7.00.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22167_none_1392d1e53b7173ed\mshtml.dll

[7] 2008-09-10 . 3AE6072A86AD8049DD133DB40F73F0C8 . 3591680 . . [7.00.6000.16643] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16643_none_113495242520a5f4\mshtml.dll

[7] 2008-09-10 . ED2588D1864319C54E79443130A8004B . 3593728 . . [7.00.6000.20777] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20777_none_11a1c3533e52feed\mshtml.dll

[7] 2008-09-10 . 9C4091CD321D6D8BCF9842F109EE574B . 3578368 . . [7.00.6001.18023] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18023_none_133073a22236ff03\mshtml.dll

[7] 2008-09-10 . 977C356E655F357665310C0C95D0DBD4 . 3578368 . . [7.00.6001.22120] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22120_none_13b70f8f3b5752c8\mshtml.dll

[7] 2008-06-27 . 2B59221D1B9D9FB1D202A21AFE8E410A . 3578368 . . [7.00.6001.18099] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18099_none_12eac5ea226a5aa4\mshtml.dll

[7] 2008-06-27 . B964D58A6698C8FCA93447ADBDE18820 . 3592192 . . [7.00.6000.16711] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16711_none_1153063a250a1c9a\mshtml.dll

[7] 2008-06-27 . 256E9D588ACB7F104123947297A9302A . 3578880 . . [7.00.6001.22212] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22212_none_13c3e1f53b4d66ac\mshtml.dll

[7] 2008-06-27 . 1D73575D8A0F368CD8FE3212E8928743 . 3594240 . . [7.00.6000.20868] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20868_none_11ad956f3e49f97a\mshtml.dll

[7] 2008-01-21 . 48E05FD07045BB2E5CFC43C970CAF1E7 . 3578368 . . [7.00.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18000_none_1343129c22297b1c\mshtml.dll

.

[7] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\System32\msvcrt.dll

[7] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18551_none_d306a7e69c340115\msvcrt.dll

[7] 2011-12-14 . A807F65718C263442F0C3613F9BFD267 . 680448 . . [7.0.6002.22755] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.22755_none_d39447bfb54e0362\msvcrt.dll

[7] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] . . c:\windows\ERDNT\cache\msvcrt.dll

[7] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_d340af2c9c07e8f9\msvcrt.dll

[7] 2008-01-21 . 04CBEAA089B6A752B3EB660BEE8C4964 . 680448 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6001.18000_none_d15536209ee61dad\msvcrt.dll

.

[7] 2012-06-28 . A9FF16A7FBE708D936AF46AFF1B2579B . 920064 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23385_none_e50a13dad0fa7578\wininet.dll

[7] 2012-06-28 . 03B4167CC1B30AC22DF413788AFADE97 . 916992 . . [8.00.6001.18702] . . c:\windows\System32\wininet.dll

[7] 2012-06-28 . 03B4167CC1B30AC22DF413788AFADE97 . 916992 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19298_none_e478a801b7e23da4\wininet.dll

[7] 2012-05-15 . 1FDE47149D9B08C0CEBEE731FDB39E0B . 920064 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23359_none_e52e84c6d0de8701\wininet.dll

[7] 2012-05-15 . DEAF5B0677A6B864B8F4F41C127695DB . 916992 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19272_none_e488461db7d76db8\wininet.dll

[7] 2012-02-28 . 9503972A61EA647A72C326EEB51265C1 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23318_none_e558c42cd0befde6\wininet.dll

[7] 2012-02-28 . AA8B3560AED18F5290F80C82C9B75ACC . 916992 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19222_none_e4be55b9b7aee203\wininet.dll

[7] 2011-12-15 . 2F56B044E8ED4FAA812A19A8DF2115EE . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23286_none_e50b123ed0f991a8\wininet.dll

[7] 2011-12-15 . DA7C58952F082AECABF775C83F913C6F . 916992 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19190_none_e470a3cbb7e975c5\wininet.dll

[7] 2011-11-03 . 406EEBC1B3FE188DE9D6B3AFB3834E84 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23266_none_e520b216d0e959c6\wininet.dll

[7] 2011-11-03 . 4E45F092670EEE0563AA9E1A7C8A1217 . 916992 . . [8.00.6001.18702] . . c:\windows\ERDNT\cache\wininet.dll

[7] 2011-11-03 . 4E45F092670EEE0563AA9E1A7C8A1217 . 916992 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19170_none_e48643a3b7d93de3\wininet.dll

[7] 2011-09-30 . DA000DE8EB63D54DCC206AA0699B9A52 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23250_none_e5258046d0e6a5cb\wininet.dll

[7] 2011-09-30 . 18F17E90657528C232B1944DEB4EC160 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19154_none_e49fe4a3b7c56b5d\wininet.dll

[7] 2011-07-23 . D2BA28C2B3CB7F2DBB5A5F92851B3F3F . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23216_none_e556c1b2d0c0ce11\wininet.dll

[7] 2011-07-23 . 8419DAE7205374F2CAA4C9CDBD0999E6 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19120_none_e4bc533fb7b0b22e\wininet.dll

[7] 2011-05-28 . E1E66EB05099B9DDCA178A9A00FCFF74 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23181_none_e5060ee6d0fe15ce\wininet.dll

[7] 2011-05-28 . DE4685DE5130039FA63DA66C0F72F787 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19088_none_e4837421b7da2765\wininet.dll

[7] 2011-02-22 . B3A938D522F085171387FEF112AEECF5 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23143_none_e5334f2ad0dbd8b8\wininet.dll

[7] 2011-02-22 . 047CDEFF94B63F0A4791372B47427B60 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19048_none_e4aeb3d1b7b9b7a1\wininet.dll

[7] 2010-12-18 . 7D6AACE6BF60B5A1D572E082DEC9F0F0 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23111_none_e551be5ad0c55237\wininet.dll

[7] 2010-12-18 . 74BCC23D622F32DA0450D164735ACAB1 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19019_none_e4d023dfb7a07d25\wininet.dll

[7] 2010-11-02 . D364DEB34DB229A4C1EFB1BC68F505C4 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23091_none_e4fb3d14d1063498\wininet.dll

[7] 2010-11-02 . 5681261BF2572F8776E1344DCB090C0B . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18999_none_e479cc5db7e1296b\wininet.dll

[7] 2010-09-08 . 6D4B5C39BB00A8BD98462664E73AC403 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23067_none_e521ae94d0e878cf\wininet.dll

[7] 2010-09-08 . 545264F1F3AC5BD57B159EBBDC4FDC58 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18975_none_e48b6b0db7d48c2d\wininet.dll

[7] 2010-06-26 . F60F99762FABCD7F4B53A4A0EBAE3505 . 919040 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23040_none_e5304c66d0de8f8c\wininet.dll

[7] 2010-06-26 . 78D42E00B5AB233F34116C0EF07F1BC9 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18943_none_e4a9da3db7be05ac\wininet.dll

[7] 2010-05-04 . 9DF755B063C647A1CAEB17F3E2FDDE1D . 919040 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23019_none_e559bec4d0be1fc8\wininet.dll

[7] 2010-05-04 . F317362AEB06140E7FB1B29331FDC038 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18928_none_e4c47b87b7a94c7d\wininet.dll

[7] 2010-02-23 . 24427C9C96556887A2F161800F00B2DE . 919040 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22995_none_e4ff661ad10266b2\wininet.dll

[7] 2010-02-23 . EC3B3E6071E3FCD4290BFD42676EE064 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18904_none_e4d61a37b79caf3f\wininet.dll

[7] 2010-01-02 . 1DC5E46312CBA5C1614B3D3359DB09C5 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22973_none_e513055ed0f3fc22\wininet.dll

[7] 2010-01-02 . 91B8712BDC74295DA14A08F519B70D65 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18882_none_e47d985db7df5ef2\wininet.dll

[7] 2009-11-21 . 0B603B1B76FF6CA2D88B658A9ECC40E8 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22956_none_e52ba614d0e11045\wininet.dll

[7] 2009-11-21 . DCB9E422810877D7C4115BACE54B084C . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18865_none_e4963913b7cc7315\wininet.dll

[7] 2009-07-22 . E48ADF567FE3EFCC2EB88A2BE5E020CB . 915456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22903_none_e55eb4d2d0bb388b\wininet.dll

[7] 2009-07-21 . 6206A2BF9741B31C258ACC51972AFCAA . 915456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18813_none_e4ca481bb7a5b4b2\wininet.dll

[7] 2009-05-12 . 4BEDA2520729640D927E09A51AB916C4 . 915456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22874_none_e51403c2d0f31852\wininet.dll

[7] 2009-05-09 . D78B62CC91F043CED52F23F0085E7FE2 . 915456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18783_none_e47e96c1b7de7b22\wininet.dll

[7] 2009-04-11 . 8777B44511D8BCCF47B5A7CBDC02DE11 . 828416 . . [7.00.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\wininet.dll

[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\wininet.dll

[7] 2009-03-03 . 6E115E2D3FAE5077A361A5BCE78FF170 . 827392 . . [7.00.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18226_none_01d9592da1dddc20\wininet.dll

[7] 2009-03-03 . 3ED9859939928CA568F487AB42175A33 . 827904 . . [7.00.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22389_none_0225174ebb296f95\wininet.dll

[7] 2009-03-03 . BA68744F8FE1BAAC35362F18774972A3 . 826368 . . [7.00.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16830_none_ffe248dfa4c4cf16\wininet.dll

[7] 2009-03-03 . 88B57405AC5B2BF513069086F8963635 . 828416 . . [7.00.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21023_none_00798e96bdd7d236\wininet.dll

[7] 2009-01-16 . 6A986C2CD30633447DAB21A4852E40D6 . 827904 . . [7.00.6001.22355] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22355_none_024185eabb14b666\wininet.dll

[7] 2009-01-15 . FB79A2AA5E92653B9A394FE26D799BF8 . 827392 . . [7.00.6001.18203] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18203_none_01ebf827a1d05839\wininet.dll

[7] 2009-01-15 . 65647F41CEC0C8EEC9DF5BC1168EC76C . 827904 . . [7.00.6000.20996] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20996_none_003107debe0dae90\wininet.dll

[7] 2009-01-15 . FF35D495AC08549154D1D96990513CD9 . 826368 . . [7.00.6000.16809] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16809_none_000bbb3da4a45f52\wininet.dll

[7] 2008-10-16 . 8F89FFECF6989DD7D9ECCEC6D95D7419 . 827392 . . [7.00.6001.18157] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18157_none_01b9e7cda1f54c23\wininet.dll

[7] 2008-10-16 . F18C1B151A0B18C35BF0919A9BA0FA0F . 826368 . . [7.00.6000.16764] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16764_none_ffc5d85da4d98b1e\wininet.dll

[7] 2008-10-16 . 4944C9FFE8903A276590D4215F74B937 . 827904 . . [7.00.6001.22288] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22288_none_0224151ebb2a5917\wininet.dll

[7] 2008-10-16 . 622FE627D15DD920238A993021F0A4D1 . 827904 . . [7.00.6000.20937] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20937_none_0072e7b0bddc2041\wininet.dll

[7] 2008-10-02 . C373C19F10601C1AFE7E40907AE48694 . 827392 . . [7.00.6001.18148] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18148_none_01c5b803a1ec4989\wininet.dll

[7] 2008-10-02 . 8BF7D225505A4ADA25D9444E91811CEA . 826368 . . [7.00.6000.16757] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16757_none_ffd3a927a4cebb32\wininet.dll

[7] 2008-10-02 . 6B2591CDCEFEB8451594288426677CBB . 827904 . . [7.00.6001.22278] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22278_none_022ee50abb223d26\wininet.dll

[7] 2008-10-02 . C85EF7DE97ABBF00B16AD11EDFEAC637 . 827904 . . [7.00.6000.20927] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20927_none_007db79cbdd40450\wininet.dll

[7] 2008-09-10 . 9191790BF02A8D759EC2B4E4FA868407 . 826368 . . [7.00.6000.16681] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16681_none_ffad35c1a4ec79d4\wininet.dll

[7] 2008-09-10 . F40594128A6BFDA6C3F0900796895078 . 827392 . . [7.00.6000.20823] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20823_none_0079b48ebdd7a1cd\wininet.dll

[7] 2008-09-10 . 44FD3968AD885026D94450832A78DE8A . 826880 . . [7.00.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18063_none_01ab14d3a2010591\wininet.dll

[7] 2008-09-10 . A86218059C228E7691A13E4CB63C4CDF . 826880 . . [7.00.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22167_none_0238b2c6bb1b0ab7\wininet.dll

[7] 2008-09-10 . DAEED2799D4D19F955C3E90B22A1E91E . 826368 . . [7.00.6000.16643] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16643_none_ffda7605a4ca3cbe\wininet.dll

[7] 2008-09-10 . F7FF1E0D443788D6AE4CBCA593530099 . 827392 . . [7.00.6000.20777] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20777_none_0047a434bdfc95b7\wininet.dll

[7] 2008-09-10 . 482BCCBF1FCBB3378100FF97081438C1 . 826880 . . [7.00.6001.18023] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18023_none_01d65483a1e095cd\wininet.dll

[7] 2008-09-10 . 4E962B645608E6EDB7D31B75921D07FA . 826880 . . [7.00.6001.22120] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22120_none_025cf070bb00e992\wininet.dll

[7] 2008-06-27 . 618A51B5FB9DD5810960F6044C0E9289 . 827392 . . [7.00.6001.18099] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18099_none_0190a6cba213f16e\wininet.dll

[7] 2008-06-27 . E74D932CA7B3DA8CDB7A5F11F5A03ABC . 826368 . . [7.00.6000.16711] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16711_none_fff8e71ba4b3b364\wininet.dll

[7] 2008-06-27 . EDF59D63DDBC8BE0BB4836EFFFC04BDC . 827904 . . [7.00.6001.22212] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22212_none_0269c2d6baf6fd76\wininet.dll

[7] 2008-06-27 . AE7150C0696C656D02FDD48259F4EFF5 . 827904 . . [7.00.6000.20868] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20868_none_00537650bdf39044\wininet.dll

[7] 2008-01-21 . 455D715A840579BDC1CF8E5C1DA76849 . 825856 . . [7.00.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_01e8f37da1d311e6\wininet.dll

.

[7] 2012-04-03 . CAD95AFB7FDDCC490681555C570FBB7D . 3602816 . . [6.0.6002.18607] . . c:\windows\System32\ntkrnlpa.exe

.

[7] 2012-06-28 . CE4945834BFE91AF301FA829E3E8A7AA . 638048 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23385_none_128320664925e45b\iexplore.exe

[7] 2012-06-28 . 7BC18656CCDD305665D3D7FAA283744A . 638048 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19298_none_11f1b48d300dac87\iexplore.exe

[7] 2012-05-15 . 26B900640CE979A708FD3793FA8A6C50 . 638048 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23359_none_12a791524909f5e4\iexplore.exe

[7] 2012-05-15 . 9AC31470779A703021C337FD83D683EE . 638048 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19272_none_120152a93002dc9b\iexplore.exe

[7] 2012-02-28 . CF4EFFB58D9D91E8D219C8E93BC59471 . 638240 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23318_none_12d1d0b848ea6cc9\iexplore.exe

.

.

[7] 2012-04-03 . B9907DD4BE7B1B39573BF66554AB224E . 3552640 . . [6.0.6002.22831] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22831_none_6e8113d5ca7e5806\ntoskrnl.exe

.

[7] 2008-01-21 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6000.16386] . . c:\windows\System32\WSHTCPIP.DLL

[7] 2008-01-21 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-winsock-helper-tcpip_31bf3856ad364e35_6.0.6001.18000_none_cbb305c23187855a\WSHTCPIP.DLL

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{548f6736-8fe4-4680-82f2-170d6c07e1d2}"= "c:\program files\TranslatorBar_1.2\tbTran.dll" [2010-06-03 2736736]

"{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}"= "c:\program files\softonic-de3\tbsoft.dll" [2010-11-13 3913000]

.

[HKEY_CLASSES_ROOT\clsid\{548f6736-8fe4-4680-82f2-170d6c07e1d2}]

.

[HKEY_CLASSES_ROOT\clsid\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}]

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]

2010-10-18 11:26        3908192        ----a-w-        c:\program files\ConduitEngine\ConduitEngine.dll

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{548f6736-8fe4-4680-82f2-170d6c07e1d2}]

2010-06-03 16:24        2736736        ----a-w-        c:\program files\TranslatorBar_1.2\tbTran.dll

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}]

2010-11-13 20:58        3913000        ----a-w-        c:\program files\softonic-de3\tbsoft.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{548f6736-8fe4-4680-82f2-170d6c07e1d2}"= "c:\program files\TranslatorBar_1.2\tbTran.dll" [2010-06-03 2736736]

"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-18 3908192]

"{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}"= "c:\program files\softonic-de3\tbsoft.dll" [2010-11-13 3913000]

.

[HKEY_CLASSES_ROOT\clsid\{548f6736-8fe4-4680-82f2-170d6c07e1d2}]

.

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

.

[HKEY_CLASSES_ROOT\clsid\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}]

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{548F6736-8FE4-4680-82F2-170D6C07E1D2}"= "c:\program files\TranslatorBar_1.2\tbTran.dll" [2010-06-03 2736736]

"{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}"= "c:\program files\softonic-de3\tbsoft.dll" [2010-11-13 3913000]

.

[HKEY_CLASSES_ROOT\clsid\{548f6736-8fe4-4680-82f2-170d6c07e1d2}]

.

[HKEY_CLASSES_ROOT\clsid\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2008-05-14 15:05        121392        ----a-w-        c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-04 68856]

"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2012-05-16 1084840]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-02-22 1037608]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

"RtHDVCpl"="RtHDVCpl.exe" [2008-05-08 6139904]

"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-07-25 809480]

"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-04-30 397312]

"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-05-14 526896]

"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-06 34040]

"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]

"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2008-9-10 1216512]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

@="Service"

.

[HKLM\~\startupfolder\C:^Users^Melanie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^0.8087520392255758.exe.lnk]

path=c:\users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0.8087520392255758.exe.lnk

backup=c:\windows\pss\0.8087520392255758.exe.lnk.Startup

backupExtension=.Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]

2012-07-03 11:46        462920        ----a-w-        c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]

2009-04-26 20:23        111928        ----a-r-        c:\program files\SweetIM\Messenger\SweetIM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2008-10-04 14:32        68856        ----a-w-        c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

.

R2 5776;5776;c:\users\Melanie\AppData\Local\Temp\5776.sys [x]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]

S2 ACEDRV09;ACEDRV09;c:\windows\system32\drivers\ACEDRV09.sys [x]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation        REG_MULTI_SZ           FontCache

.

Inhalt des "geplante Tasks" Ordners

.

2012-09-07 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 14:42]

.

2012-09-07 c:\windows\Tasks\AWC Startup.job

- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2010-10-04 14:10]

.

2012-09-02 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-03 17:21]

.

2012-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-03 16:16]

.

2012-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-03 16:16]

.

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = hxxp://www.google.de/

mStart Page = hxxp://home.sweetim.com

IE: Free YouTube Download - c:\users\Melanie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

IE: Free YouTube to MP3 Converter - c:\users\Melanie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\uoiz31cn.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - 

FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&q=

FF - prefs.js: network.proxy.type - 0

FF - user.js: browser.cache.memory.capacity - 65536

FF - user.js: browser.chrome.favicons - false

FF - user.js: browser.display.show_image_placeholders - true

FF - user.js: browser.turbo.enabled - true

FF - user.js: browser.urlbar.autocomplete.enabled - true

FF - user.js: browser.urlbar.autofill - true

FF - user.js: content.interrupt.parsing - true

FF - user.js: content.max.tokenizing.time - 2250000

FF - user.js: content.notify.backoffcount - 5

FF - user.js: content.notify.interval - 750000

FF - user.js: content.notify.ontimer - true

FF - user.js: content.switch.threshold - 750000

FF - user.js: network.http.max-connections - 48

FF - user.js: network.http.max-connections-per-server - 16

FF - user.js: network.http.max-persistent-connections-per-proxy - 16

FF - user.js: network.http.max-persistent-connections-per-server - 8

FF - user.js: network.http.pipelining - true

FF - user.js: network.http.pipelining.firstrequest - true

FF - user.js: network.http.pipelining.maxrequests - 8

FF - user.js: network.http.proxy.pipelining - true

FF - user.js: network.http.request.max-start-delay - 0

FF - user.js: nglayout.initialpaint.delay - 0

FF - user.js: plugin.expose_full_path - true

FF - user.js: ui.submenuDelay - 0

FF - user.js: extentions.y2layers.installId - b5126983-f67f-4732-b1d5-d7f9221b65e9

FF - user.js: extentions.y2layers.defaultEnableAppsList - twittube,ezLooker,pagerage,buzzdock,toprelatedtopics

FF - user.js: extensions.autoDisableScopes - 14

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)

HKCU-Run-SUPERAntiSpyware - c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe

SafeBoot-WudfPf

SafeBoot-WudfRd

MSConfigStartUp-NokiaOviSuite2 - c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe

AddRemove-{587A2120-41D3-11DB-3D6C-00E19E4D4AE1} - c:\program files\Microsoft Games\Train Simulator\Uninst_MSTS Patch 1.8.0521 EN.exe

AddRemove-{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} - c:\program files\SUPERAntiSpyware\Uninstall.exe

AddRemove-Wupper Express 11 Actpack 1.0 - c:\users\Melanie\Desktop\Uninstal.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net

Rootkit scan 2012-09-07 20:08

Windows 6.0.6002 Service Pack 2 NTFS

.

Scanne versteckte Prozesse... 

.

Scanne versteckte Autostarteinträge... 

.

Scanne versteckte Dateien... 

.

Scan erfolgreich abgeschlossen

versteckte Dateien: 0

.

**************************************************************************

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_USERS\S-1-5-21-78928637-2002754984-348181283-1000\Software\SecuROM\License information*]

"datasecu"=hex:53,53,24,3e,a1,fc,48,82,d0,94,d1,3a,f3,3e,c9,bf,05,bc,2f,e3,30,

   45,8c,42,07,c7,68,47,a6,79,89,8c,4b,4f,de,a3,7a,dd,11,99,67,a3,fe,ad,a2,40,\

"rkeysecu"=hex:f2,48,57,24,39,38,75,42,be,54,5e,0a,19,64,10,96

.

[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

Zeit der Fertigstellung: 2012-09-07  20:28:48

ComboFix-quarantined-files.txt  2012-09-07 18:28

.

Vor Suchlauf: 21 Verzeichnis(se), 24.938.921.984 Bytes frei

Nach Suchlauf: 25 Verzeichnis(se), 24.909.795.328 Bytes frei

.

- - End Of File - - B43ED4F56B71C359B96894FBB83A527E

--- --- ---

download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten

Hallo. Seit neuesten werde ich auch manchmal auf eine andere Seite umgeleitet. Könnte das einen Zusammenhang haben? Auch links unten blendet es bei Neustart des Lappis immer ein Werbungsfenster ein.

Wie poste ich die Log? Ich habe das jetzt ausgeführt und überall "Skip" angeklickt. Auf Continue?

nein. gehe auf c: tdss-killer-datum-version.txt inhalt posten

Bitte sehr.

Zitat:

09:23:48.0812 4548 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
09:23:49.0042 4548 ============================================================
09:23:49.0042 4548 Current date / time: 2012/09/08 09:23:49.0042
09:23:49.0042 4548 SystemInfo:
09:23:49.0042 4548
09:23:49.0042 4548 OS Version: 6.0.6002 ServicePack: 2.0
09:23:49.0042 4548 Product type: Workstation
09:23:49.0042 4548 ComputerName: MELANIE-PC
09:23:49.0042 4548 UserName: Melanie
09:23:49.0042 4548 Windows directory: C:\Windows
09:23:49.0042 4548 System windows directory: C:\Windows
09:23:49.0042 4548 Processor architecture: Intel x86
09:23:49.0042 4548 Number of processors: 2
09:23:49.0042 4548 Page size: 0x1000
09:23:49.0042 4548 Boot type: Normal boot
09:23:49.0042 4548 ============================================================
09:23:50.0518 4548 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:23:50.0520 4548 ============================================================
09:23:50.0520 4548 \Device\Harddisk0\DR0:
09:23:50.0521 4548 MBR partitions:
09:23:50.0521 4548 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0x12057000
09:23:50.0521 4548 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x133DF800, BlocksNum 0x1204E800
09:23:50.0521 4548 ============================================================
09:23:50.0572 4548 C: <-> \Device\Harddisk0\DR0\Partition1
09:23:50.0616 4548 D: <-> \Device\Harddisk0\DR0\Partition2
09:23:50.0616 4548 ============================================================
09:23:50.0616 4548 Initialize success
09:23:50.0616 4548 ============================================================
09:25:21.0469 1224 ============================================================
09:25:21.0469 1224 Scan started
09:25:21.0469 1224 Mode: Manual; SigCheck; TDLFS;
09:25:21.0469 1224 ============================================================
09:25:23.0018 1224 ================ Scan system memory ========================
09:25:23.0019 1224 System memory - ok
09:25:23.0019 1224 ================ Scan services =============================
09:25:23.0546 1224 5776 - ok
09:25:23.0776 1224 [ EC818AED40E3359FE49DDB1700151E56 ] ACEDRV09 C:\Windows\system32\drivers\ACEDRV09.sys
09:25:23.0907 1224 ACEDRV09 - ok
09:25:24.0358 1224 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
09:25:24.0383 1224 ACPI - ok
09:25:25.0043 1224 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:25:25.0055 1224 AdobeARMservice - ok
09:25:25.0158 1224 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:25:25.0173 1224 AdobeFlashPlayerUpdateSvc - ok
09:25:25.0207 1224 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:25:25.0235 1224 adp94xx - ok
09:25:25.0263 1224 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:25:25.0287 1224 adpahci - ok
09:25:25.0302 1224 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
09:25:25.0320 1224 adpu160m - ok
09:25:25.0365 1224 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:25:25.0382 1224 adpu320 - ok
09:25:25.0459 1224 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:25:25.0519 1224 AeLookupSvc - ok
09:25:25.0554 1224 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
09:25:25.0615 1224 AFD - ok
09:25:25.0646 1224 [ EFBC44FBD75E4F80BD927AEBF6E7EADE ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
09:25:25.0679 1224 AgereModemAudio - ok
09:25:25.0767 1224 [ 38325C6AA8EAE011897D61CE48EC6435 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
09:25:25.0882 1224 AgereSoftModem - ok
09:25:25.0923 1224 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:25:25.0936 1224 agp440 - ok
09:25:25.0967 1224 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
09:25:25.0982 1224 aic78xx - ok
09:25:26.0039 1224 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
09:25:26.0067 1224 ALG - ok
09:25:26.0103 1224 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
09:25:26.0116 1224 aliide - ok
09:25:26.0130 1224 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
09:25:26.0144 1224 amdagp - ok
09:25:26.0163 1224 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
09:25:26.0175 1224 amdide - ok
09:25:26.0211 1224 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
09:25:26.0256 1224 AmdK7 - ok
09:25:26.0278 1224 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:25:26.0315 1224 AmdK8 - ok
09:25:26.0342 1224 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
09:25:26.0394 1224 Appinfo - ok
09:25:26.0424 1224 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
09:25:26.0441 1224 arc - ok
09:25:26.0464 1224 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:25:26.0482 1224 arcsas - ok
09:25:26.0525 1224 [ E54E27976E2C5A6465D44C10B1D87AC0 ] ASPI C:\Windows\System32\DRIVERS\ASPI32.sys
09:25:26.0555 1224 ASPI ( UnsignedFile.Multi.Generic ) - warning
09:25:26.0555 1224 ASPI - detected UnsignedFile.Multi.Generic (1)
09:25:26.0580 1224 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:25:26.0620 1224 AsyncMac - ok
09:25:26.0678 1224 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
09:25:26.0696 1224 atapi - ok
09:25:26.0734 1224 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:25:26.0771 1224 AudioEndpointBuilder - ok
09:25:26.0811 1224 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
09:25:26.0834 1224 Audiosrv - ok
09:25:26.0870 1224 [ 502F1C30BD50B32D00CE4DCAECC3D3C7 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
09:25:26.0924 1224 b57nd60x - ok
09:25:27.0136 1224 [ E22ABCAA7B6FF580FEB0D49545DC4263 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
09:25:27.0229 1224 BCM43XX - ok
09:25:27.0348 1224 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
09:25:27.0417 1224 Beep - ok
09:25:27.0475 1224 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
09:25:27.0519 1224 BFE - ok
09:25:27.0580 1224 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
09:25:27.0629 1224 BITS - ok
09:25:27.0668 1224 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
09:25:27.0695 1224 blbdrive - ok
09:25:27.0723 1224 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:25:27.0747 1224 bowser - ok
09:25:27.0769 1224 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
09:25:27.0801 1224 BrFiltLo - ok
09:25:27.0835 1224 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
09:25:27.0872 1224 BrFiltUp - ok
09:25:27.0960 1224 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
09:25:28.0027 1224 Browser - ok
09:25:28.0049 1224 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
09:25:28.0112 1224 Brserid - ok
09:25:28.0139 1224 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
09:25:28.0233 1224 BrSerWdm - ok
09:25:28.0252 1224 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
09:25:28.0314 1224 BrUsbMdm - ok
09:25:28.0330 1224 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
09:25:28.0388 1224 BrUsbSer - ok
09:25:28.0403 1224 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:25:28.0462 1224 BTHMODEM - ok
09:25:28.0523 1224 [ 09E6AFFAE6C0E9158BF05C7D08D0107A ] BUNAgentSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
09:25:28.0528 1224 BUNAgentSvc ( UnsignedFile.Multi.Generic ) - warning
09:25:28.0528 1224 BUNAgentSvc - detected UnsignedFile.Multi.Generic (1)
09:25:28.0557 1224 catchme - ok
09:25:28.0580 1224 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:25:28.0624 1224 cdfs - ok
09:25:28.0658 1224 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:25:28.0692 1224 cdrom - ok
09:25:28.0719 1224 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
09:25:28.0753 1224 CertPropSvc - ok
09:25:28.0773 1224 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
09:25:28.0814 1224 circlass - ok
09:25:28.0850 1224 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
09:25:28.0871 1224 CLFS - ok
09:25:28.0943 1224 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:25:28.0957 1224 clr_optimization_v2.0.50727_32 - ok
09:25:29.0036 1224 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:25:29.0051 1224 clr_optimization_v4.0.30319_32 - ok
09:25:29.0073 1224 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:25:29.0116 1224 CmBatt - ok
09:25:29.0134 1224 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:25:29.0147 1224 cmdide - ok
09:25:29.0184 1224 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:25:29.0198 1224 Compbatt - ok
09:25:29.0205 1224 COMSysApp - ok
09:25:29.0215 1224 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:25:29.0230 1224 crcdisk - ok
09:25:29.0246 1224 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
09:25:29.0289 1224 Crusoe - ok
09:25:29.0336 1224 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:25:29.0356 1224 CryptSvc - ok
09:25:29.0406 1224 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:25:29.0487 1224 DcomLaunch - ok
09:25:29.0523 1224 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:25:29.0554 1224 DfsC - ok
09:25:29.0640 1224 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
09:25:29.0791 1224 DFSR - ok
09:25:29.0824 1224 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
09:25:29.0864 1224 Dhcp - ok
09:25:29.0896 1224 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
09:25:29.0910 1224 disk - ok
09:25:29.0931 1224 [ 73BAF270D24FE726B9CD7F80BB17A23D ] DKbFltr C:\Windows\system32\DRIVERS\DKbFltr.sys
09:25:29.0942 1224 DKbFltr - ok
09:25:29.0970 1224 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:25:30.0003 1224 Dnscache - ok
09:25:30.0043 1224 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:25:30.0087 1224 dot3svc - ok
09:25:30.0115 1224 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
09:25:30.0148 1224 DPS - ok
09:25:30.0190 1224 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:25:30.0233 1224 drmkaud - ok
09:25:30.0281 1224 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:25:30.0327 1224 DXGKrnl - ok
09:25:30.0356 1224 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
09:25:30.0388 1224 E1G60 - ok
09:25:30.0427 1224 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
09:25:30.0451 1224 EapHost - ok
09:25:30.0479 1224 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
09:25:30.0499 1224 Ecache - ok
09:25:30.0578 1224 [ 2CE2DDCB1A41ED4488A2A8B98D286B3D ] eDataSecurity Service C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
09:25:30.0605 1224 eDataSecurity Service - ok
09:25:30.0647 1224 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:25:30.0676 1224 ehRecvr - ok
09:25:30.0715 1224 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
09:25:30.0774 1224 ehSched - ok
09:25:30.0812 1224 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
09:25:30.0836 1224 ehstart - ok
09:25:30.0885 1224 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:25:30.0908 1224 elxstor - ok
09:25:31.0490 1224 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
09:25:31.0590 1224 EMDMgmt - ok
09:25:31.0647 1224 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:25:31.0684 1224 ErrDev - ok
09:25:31.0726 1224 [ A51FD9DF23720485991F56741BBEFCFB ] ETService C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
09:25:31.0738 1224 ETService ( UnsignedFile.Multi.Generic ) - warning
09:25:31.0739 1224 ETService - detected UnsignedFile.Multi.Generic (1)
09:25:31.0830 1224 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
09:25:31.0867 1224 EventSystem - ok
09:25:31.0904 1224 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
09:25:31.0940 1224 exfat - ok
09:25:31.0967 1224 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:25:31.0992 1224 fastfat - ok
09:25:32.0039 1224 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:25:32.0077 1224 fdc - ok
09:25:32.0103 1224 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
09:25:32.0133 1224 fdPHost - ok
09:25:32.0179 1224 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
09:25:32.0231 1224 FDResPub - ok
09:25:32.0279 1224 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:25:32.0292 1224 FileInfo - ok
09:25:32.0313 1224 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:25:32.0352 1224 Filetrace - ok
09:25:32.0397 1224 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:25:32.0429 1224 flpydisk - ok
09:25:32.0456 1224 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:25:32.0475 1224 FltMgr - ok
09:25:32.0522 1224 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
09:25:32.0606 1224 FontCache - ok
09:25:32.0688 1224 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:25:32.0701 1224 FontCache3.0.0.0 - ok
09:25:32.0750 1224 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:25:32.0781 1224 Fs_Rec - ok
09:25:32.0811 1224 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:25:32.0826 1224 gagp30kx - ok
09:25:33.0034 1224 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
09:25:33.0148 1224 gpsvc - ok
09:25:33.0263 1224 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9fbf99e8cea12 C:\Program Files\Google\Update\GoogleUpdate.exe
09:25:33.0276 1224 gupdate1c9fbf99e8cea12 - ok
09:25:33.0282 1224 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:25:33.0293 1224 gupdatem - ok
09:25:33.0345 1224 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:25:33.0360 1224 gusvc - ok
09:25:33.0404 1224 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:25:33.0475 1224 HdAudAddService - ok
09:25:33.0515 1224 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:25:33.0567 1224 HDAudBus - ok
09:25:33.0597 1224 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:25:33.0649 1224 HidBth - ok
09:25:33.0665 1224 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
09:25:33.0732 1224 HidIr - ok
09:25:33.0796 1224 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
09:25:33.0851 1224 hidserv - ok
09:25:33.0883 1224 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:25:33.0907 1224 HidUsb - ok
09:25:33.0940 1224 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:25:33.0987 1224 hkmsvc - ok
09:25:34.0027 1224 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
09:25:34.0046 1224 HpCISSs - ok
09:25:34.0094 1224 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
09:25:34.0141 1224 HSFHWAZL - ok
09:25:34.0180 1224 [ EC36F1D542ED4252390D446BF6D4DFD0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
09:25:34.0286 1224 HSF_DPV - ok
09:25:34.0416 1224 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:25:34.0465 1224 HTTP - ok
09:25:34.0508 1224 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
09:25:34.0523 1224 i2omp - ok
09:25:34.0557 1224 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:25:34.0592 1224 i8042prt - ok
09:25:34.0618 1224 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
09:25:34.0640 1224 iaStorV - ok
09:25:34.0733 1224 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:25:34.0805 1224 idsvc - ok
09:25:35.0456 1224 [ DCE0B53570703CCE580D066F89EF58CD ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
09:25:35.0931 1224 igfx - ok
09:25:35.0976 1224 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:25:35.0988 1224 iirsp - ok
09:25:36.0058 1224 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
09:25:36.0110 1224 IKEEXT - ok
09:25:36.0143 1224 [ C6E5276C00EBDEB096BB5EF4B797D1B6 ] int15 C:\Windows\system32\drivers\int15.sys
09:25:36.0152 1224 int15 - ok
09:25:36.0235 1224 [ 219CA9A36D6DE2EC04F958C907673436 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
09:25:36.0415 1224 IntcAzAudAddService - ok
09:25:36.0474 1224 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
09:25:36.0492 1224 intelide - ok
09:25:36.0511 1224 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:25:36.0563 1224 intelppm - ok
09:25:36.0600 1224 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:25:36.0641 1224 IPBusEnum - ok
09:25:36.0658 1224 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:25:36.0691 1224 IpFilterDriver - ok
09:25:36.0764 1224 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:25:36.0793 1224 iphlpsvc - ok
09:25:36.0830 1224 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
09:25:36.0855 1224 IPMIDRV - ok
09:25:36.0892 1224 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
09:25:36.0917 1224 IPNAT - ok
09:25:36.0945 1224 [ E50A95179211B12946F7E035D60AF560 ] irda C:\Windows\system32\DRIVERS\irda.sys
09:25:36.0987 1224 irda - ok
09:25:37.0024 1224 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:25:37.0053 1224 IRENUM - ok
09:25:37.0099 1224 [ CBB0D940221A281BCFEAEA695BD1CDA5 ] Irmon C:\Windows\System32\irmon.dll
09:25:37.0161 1224 Irmon - ok
09:25:37.0185 1224 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:25:37.0201 1224 isapnp - ok
09:25:37.0238 1224 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
09:25:37.0259 1224 iScsiPrt - ok
09:25:37.0300 1224 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
09:25:37.0314 1224 iteatapi - ok
09:25:37.0337 1224 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
09:25:37.0351 1224 iteraid - ok
09:25:37.0368 1224 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:25:37.0383 1224 kbdclass - ok
09:25:37.0402 1224 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
09:25:37.0437 1224 kbdhid - ok
09:25:37.0501 1224 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
09:25:37.0545 1224 KeyIso - ok
09:25:37.0599 1224 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:25:37.0626 1224 KSecDD - ok
09:25:37.0651 1224 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
09:25:37.0746 1224 KtmRm - ok
09:25:37.0792 1224 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
09:25:37.0833 1224 LanmanServer - ok
09:25:37.0861 1224 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:25:37.0906 1224 LanmanWorkstation - ok
09:25:37.0947 1224 [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
09:25:37.0969 1224 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
09:25:37.0969 1224 LightScribeService - detected UnsignedFile.Multi.Generic (1)
09:25:38.0006 1224 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:25:38.0067 1224 lltdio - ok
09:25:38.0104 1224 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:25:38.0150 1224 lltdsvc - ok
09:25:38.0181 1224 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:25:38.0234 1224 lmhosts - ok
09:25:38.0280 1224 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:25:38.0295 1224 LSI_FC - ok
09:25:38.0310 1224 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:25:38.0324 1224 LSI_SAS - ok
09:25:38.0344 1224 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:25:38.0359 1224 LSI_SCSI - ok
09:25:38.0373 1224 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
09:25:38.0448 1224 luafv - ok
09:25:38.0484 1224 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
09:25:38.0497 1224 MBAMProtector - ok
09:25:38.0553 1224 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
09:25:38.0622 1224 MBAMService - ok
09:25:38.0696 1224 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:25:38.0720 1224 Mcx2Svc - ok
09:25:38.0778 1224 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
09:25:38.0795 1224 megasas - ok
09:25:38.0824 1224 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
09:25:38.0851 1224 MegaSR - ok
09:25:38.0885 1224 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
09:25:38.0931 1224 MMCSS - ok
09:25:38.0958 1224 MobilityService - ok
09:25:38.0976 1224 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
09:25:39.0026 1224 Modem - ok
09:25:39.0041 1224 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:25:39.0087 1224 monitor - ok
09:25:39.0119 1224 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:25:39.0131 1224 mouclass - ok
09:25:39.0143 1224 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:25:39.0170 1224 mouhid - ok
09:25:39.0186 1224 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
09:25:39.0199 1224 MountMgr - ok
09:25:39.0217 1224 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
09:25:39.0232 1224 mpio - ok
09:25:39.0254 1224 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:25:39.0278 1224 mpsdrv - ok
09:25:39.0314 1224 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
09:25:39.0377 1224 MpsSvc - ok
09:25:39.0393 1224 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
09:25:39.0404 1224 Mraid35x - ok
09:25:39.0436 1224 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:25:39.0459 1224 MRxDAV - ok
09:25:39.0493 1224 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:25:39.0508 1224 mrxsmb - ok
09:25:39.0541 1224 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:25:39.0574 1224 mrxsmb10 - ok
09:25:39.0601 1224 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:25:39.0618 1224 mrxsmb20 - ok
09:25:39.0651 1224 [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci C:\Windows\system32\drivers\msahci.sys
09:25:39.0667 1224 msahci - ok
09:25:39.0712 1224 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:25:39.0729 1224 msdsm - ok
09:25:39.0747 1224 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
09:25:39.0788 1224 MSDTC - ok
09:25:39.0803 1224 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:25:39.0838 1224 Msfs - ok
09:25:39.0845 1224 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:25:39.0861 1224 msisadrv - ok
09:25:39.0914 1224 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:25:39.0942 1224 MSiSCSI - ok
09:25:39.0949 1224 msiserver - ok
09:25:39.0971 1224 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:25:40.0015 1224 MSKSSRV - ok
09:25:40.0032 1224 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:25:40.0057 1224 MSPCLOCK - ok
09:25:40.0077 1224 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:25:40.0104 1224 MSPQM - ok
09:25:40.0129 1224 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:25:40.0146 1224 MsRPC - ok
09:25:40.0160 1224 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:25:40.0173 1224 mssmbios - ok
09:25:40.0190 1224 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:25:40.0215 1224 MSTEE - ok
09:25:40.0233 1224 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
09:25:40.0247 1224 Mup - ok
09:25:40.0277 1224 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
09:25:40.0322 1224 napagent - ok
09:25:40.0360 1224 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:25:40.0385 1224 NativeWifiP - ok
09:25:40.0424 1224 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:25:40.0491 1224 NDIS - ok
09:25:40.0539 1224 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:25:40.0575 1224 NdisTapi - ok
09:25:40.0594 1224 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:25:40.0624 1224 Ndisuio - ok
09:25:40.0639 1224 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:25:40.0665 1224 NdisWan - ok
09:25:40.0678 1224 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:25:40.0699 1224 NDProxy - ok
09:25:40.0713 1224 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:25:40.0750 1224 NetBIOS - ok
09:25:40.0787 1224 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
09:25:40.0822 1224 netbt - ok
09:25:40.0859 1224 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
09:25:40.0878 1224 Netlogon - ok
09:25:40.0913 1224 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
09:25:40.0960 1224 Netman - ok
09:25:41.0006 1224 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
09:25:41.0051 1224 netprofm - ok
09:25:41.0084 1224 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:25:41.0099 1224 NetTcpPortSharing - ok
09:25:41.0134 1224 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:25:41.0148 1224 nfrd960 - ok
09:25:41.0174 1224 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:25:41.0209 1224 NlaSvc - ok
09:25:41.0274 1224 [ F6C40E0A565EE3CE5AEEB325E10054F2 ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
09:25:41.0341 1224 nmwcd - ok
09:25:41.0388 1224 [ 2A394E9E1FA3565E4B2FEA470FFE4D6B ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
09:25:41.0429 1224 nmwcdc - ok
09:25:41.0477 1224 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:25:41.0506 1224 Npfs - ok
09:25:41.0524 1224 [ 6D8D2E5652FC2442C810C5D8BE784148 ] NSCIRDA C:\Windows\system32\DRIVERS\nscirda.sys
09:25:41.0591 1224 NSCIRDA - ok
09:25:41.0639 1224 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
09:25:41.0682 1224 nsi - ok
09:25:41.0721 1224 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:25:41.0747 1224 nsiproxy - ok
09:25:41.0803 1224 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:25:41.0876 1224 Ntfs - ok
09:25:41.0897 1224 [ CB76F68BA0D57C5D25B538981B1C611C ] NTIBackupSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
09:25:41.0910 1224 NTIBackupSvc - ok
09:25:41.0949 1224 [ 2757D2BA59AEE155209E24942AB127C9 ] NTIDrvr C:\Windows\system32\DRIVERS\NTIDrvr.sys
09:25:41.0958 1224 NTIDrvr - ok
09:25:42.0015 1224 [ DF1C10A75DF7E50195FC417F88A33227 ] NTISchedulerSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
09:25:42.0034 1224 NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - warning
09:25:42.0034 1224 NTISchedulerSvc - detected UnsignedFile.Multi.Generic (1)
09:25:42.0065 1224 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
09:25:42.0117 1224 ntrigdigi - ok
09:25:42.0133 1224 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
09:25:42.0176 1224 Null - ok
09:25:42.0194 1224 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:25:42.0209 1224 nvraid - ok
09:25:42.0227 1224 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:25:42.0241 1224 nvstor - ok
09:25:42.0257 1224 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:25:42.0273 1224 nv_agp - ok
09:25:42.0371 1224 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:25:42.0396 1224 odserv - ok
09:25:42.0412 1224 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
09:25:42.0439 1224 ohci1394 - ok
09:25:42.0463 1224 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:25:42.0477 1224 ose - ok
09:25:42.0523 1224 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
09:25:42.0632 1224 p2pimsvc - ok
09:25:42.0646 1224 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
09:25:42.0672 1224 p2psvc - ok
09:25:42.0704 1224 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
09:25:42.0757 1224 Parport - ok
09:25:42.0789 1224 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:25:42.0805 1224 partmgr - ok
09:25:42.0850 1224 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
09:25:42.0910 1224 Parvdm - ok
09:25:42.0966 1224 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
09:25:43.0011 1224 PcaSvc - ok
09:25:43.0037 1224 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
09:25:43.0054 1224 pccsmcfd - ok
09:25:43.0090 1224 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
09:25:43.0107 1224 pci - ok
09:25:43.0129 1224 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
09:25:43.0141 1224 pciide - ok
09:25:43.0166 1224 [ B7C5A8769541900F6DFA6FE0C5E4D513 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:25:43.0184 1224 pcmcia - ok
09:25:43.0221 1224 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:25:43.0318 1224 PEAUTH - ok
09:25:43.0395 1224 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
09:25:43.0505 1224 pla - ok
09:25:43.0562 1224 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:25:43.0607 1224 PlugPlay - ok
09:25:43.0634 1224 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
09:25:43.0672 1224 PNRPAutoReg - ok
09:25:43.0701 1224 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
09:25:43.0763 1224 PNRPsvc - ok
09:25:43.0842 1224 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:25:43.0922 1224 PolicyAgent - ok
09:25:43.0963 1224 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:25:44.0010 1224 PptpMiniport - ok
09:25:44.0030 1224 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
09:25:44.0061 1224 Processor - ok
09:25:44.0095 1224 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
09:25:44.0130 1224 ProfSvc - ok
09:25:44.0139 1224 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
09:25:44.0159 1224 ProtectedStorage - ok
09:25:44.0190 1224 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
09:25:44.0225 1224 PSched - ok
09:25:44.0279 1224 [ 1DCBB35090CC4B2BD3D661E6089523C6 ] PSDFilter C:\Windows\system32\DRIVERS\psdfilter.sys
09:25:44.0290 1224 PSDFilter - ok
09:25:44.0303 1224 [ E26E46D619469964AC3609620F443867 ] PSDNServ C:\Windows\system32\DRIVERS\PSDNServ.sys
09:25:44.0312 1224 PSDNServ - ok
09:25:44.0325 1224 [ 3E1D134AF2806867D06047C4CC33CC65 ] psdvdisk C:\Windows\system32\DRIVERS\PSDVdisk.sys
09:25:44.0335 1224 psdvdisk - ok
09:25:44.0384 1224 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:25:44.0463 1224 ql2300 - ok
09:25:44.0488 1224 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:25:44.0502 1224 ql40xx - ok
09:25:44.0546 1224 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
09:25:44.0580 1224 QWAVE - ok
09:25:44.0587 1224 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:25:44.0604 1224 QWAVEdrv - ok
09:25:44.0627 1224 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:25:44.0668 1224 RasAcd - ok
09:25:44.0684 1224 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
09:25:44.0734 1224 RasAuto - ok
09:25:44.0752 1224 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:25:44.0794 1224 Rasl2tp - ok
09:25:44.0854 1224 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
09:25:44.0897 1224 RasMan - ok
09:25:44.0931 1224 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:25:44.0967 1224 RasPppoe - ok
09:25:44.0998 1224 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:25:45.0013 1224 RasSstp - ok
09:25:45.0036 1224 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:25:45.0073 1224 rdbss - ok
09:25:45.0092 1224 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:25:45.0132 1224 RDPCDD - ok
09:25:45.0176 1224 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
09:25:45.0206 1224 rdpdr - ok
09:25:45.0213 1224 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:25:45.0240 1224 RDPENCDD - ok
09:25:45.0290 1224 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:25:45.0330 1224 RDPWD - ok
09:25:45.0367 1224 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:25:45.0395 1224 RemoteAccess - ok
09:25:45.0436 1224 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:25:45.0475 1224 RemoteRegistry - ok
09:25:45.0497 1224 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
09:25:45.0534 1224 RpcLocator - ok
09:25:45.0560 1224 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
09:25:45.0592 1224 RpcSs - ok
09:25:45.0641 1224 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:25:45.0715 1224 rspndr - ok
09:25:45.0757 1224 [ 73835C4F79ADC404EF39C8A9E2D4183B ] RS_Service C:\Program Files\Acer\Acer VCM\RS_Service.exe
09:25:45.0778 1224 RS_Service ( UnsignedFile.Multi.Generic ) - warning
09:25:45.0778 1224 RS_Service - detected UnsignedFile.Multi.Generic (1)
09:25:45.0810 1224 [ 30AF53469B2A60F693ACB24FBD90ABD7 ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
09:25:45.0839 1224 RTSTOR - ok
09:25:45.0878 1224 [ 59509AD6CBC28F2C73056268985B3E48 ] s0016bus C:\Windows\system32\DRIVERS\s0016bus.sys
09:25:45.0891 1224 s0016bus - ok
09:25:45.0917 1224 [ B98C3A6F91F4FBA285AF9606A240C6B4 ] s0016mdfl C:\Windows\system32\DRIVERS\s0016mdfl.sys
09:25:45.0926 1224 s0016mdfl - ok
09:25:45.0977 1224 [ 8A83426F4FB7B5212825D9DE76368B1A ] s0016mdm C:\Windows\system32\DRIVERS\s0016mdm.sys
09:25:45.0989 1224 s0016mdm - ok
09:25:46.0028 1224 [ 594FF5620661D1386475406E78CB6F2F ] s0017bus C:\Windows\system32\DRIVERS\s0017bus.sys
09:25:46.0039 1224 s0017bus - ok
09:25:46.0060 1224 [ 7258F550419D543BC5C8E80C578A5D54 ] s0017mdfl C:\Windows\system32\DRIVERS\s0017mdfl.sys
09:25:46.0070 1224 s0017mdfl - ok
09:25:46.0103 1224 [ 1DE4F6607FEB17A15DBD4F1B139E6D2F ] s0017mdm C:\Windows\system32\DRIVERS\s0017mdm.sys
09:25:46.0115 1224 s0017mdm - ok
09:25:46.0154 1224 [ 9814E6BACC06D2526CD52981C7EEEDF0 ] s0017mgmt C:\Windows\system32\DRIVERS\s0017mgmt.sys
09:25:46.0166 1224 s0017mgmt - ok
09:25:46.0193 1224 [ 2C62CD58225973F26682CD4F783DDEDE ] s0017nd5 C:\Windows\system32\DRIVERS\s0017nd5.sys
09:25:46.0203 1224 s0017nd5 - ok
09:25:46.0235 1224 [ F87C3422E84B2FB1B43E0A26247AD5A5 ] s0017obex C:\Windows\system32\DRIVERS\s0017obex.sys
09:25:46.0246 1224 s0017obex - ok
09:25:46.0278 1224 [ DF5E7360A0AFA5956BF75DA683D0679F ] s0017unic C:\Windows\system32\DRIVERS\s0017unic.sys
09:25:46.0292 1224 s0017unic - ok
09:25:46.0318 1224 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
09:25:46.0335 1224 SamSs - ok
09:25:46.0381 1224 SASDIFSV - ok
09:25:46.0386 1224 SASKUTIL - ok
09:25:47.0440 1224 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:25:47.0453 1224 sbp2port - ok
09:25:47.0487 1224 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:25:47.0511 1224 SCardSvr - ok
09:25:47.0559 1224 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
09:25:47.0715 1224 Schedule - ok
09:25:47.0765 1224 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
09:25:47.0786 1224 SCPolicySvc - ok
09:25:47.0804 1224 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
09:25:47.0876 1224 sdbus - ok
09:25:47.0921 1224 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:25:47.0990 1224 SDRSVC - ok
09:25:48.0021 1224 [ 97EC6C60112EBD40C07FE295A38AB1EA ] SE2Ebus C:\Windows\system32\DRIVERS\SE2Ebus.sys
09:25:48.0057 1224 SE2Ebus - ok
09:25:48.0088 1224 [ ABFE402BA200E82568A5606719397AFA ] SE2Emdfl C:\Windows\system32\DRIVERS\SE2Emdfl.sys
09:25:48.0119 1224 SE2Emdfl - ok
09:25:48.0146 1224 [ 4ACFE8A2A3C1624964429E83BC7148A4 ] SE2Emdm C:\Windows\system32\DRIVERS\SE2Emdm.sys
09:25:48.0162 1224 SE2Emdm - ok
09:25:48.0184 1224 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:25:48.0241 1224 secdrv - ok
09:25:48.0269 1224 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
09:25:48.0298 1224 seclogon - ok
09:25:48.0329 1224 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
09:25:48.0364 1224 SENS - ok
09:25:48.0393 1224 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
09:25:48.0452 1224 Serenum - ok
09:25:48.0467 1224 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
09:25:48.0524 1224 Serial - ok
09:25:48.0544 1224 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:25:48.0570 1224 sermouse - ok
09:25:48.0650 1224 [ C15B813F2FDB44F87F23312472C6E790 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
09:25:48.0700 1224 ServiceLayer - ok
09:25:48.0748 1224 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
09:25:48.0776 1224 SessionEnv - ok
09:25:48.0799 1224 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:25:48.0823 1224 sffdisk - ok
09:25:48.0837 1224 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:25:48.0877 1224 sffp_mmc - ok
09:25:48.0894 1224 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:25:48.0935 1224 sffp_sd - ok
09:25:48.0951 1224 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:25:49.0008 1224 sfloppy - ok
09:25:49.0106 1224 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:25:49.0138 1224 SharedAccess - ok
09:25:49.0175 1224 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:25:49.0213 1224 ShellHWDetection - ok
09:25:49.0232 1224 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
09:25:49.0246 1224 sisagp - ok
09:25:49.0287 1224 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
09:25:49.0302 1224 SiSRaid2 - ok
09:25:49.0328 1224 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:25:49.0345 1224 SiSRaid4 - ok
09:25:49.0418 1224 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
09:25:49.0434 1224 SkypeUpdate - ok
09:25:49.0570 1224 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
09:25:49.0768 1224 slsvc - ok
09:25:49.0797 1224 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
09:25:49.0857 1224 SLUINotify - ok
09:25:49.0890 1224 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:25:49.0927 1224 Smb - ok
09:25:49.0985 1224 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:25:49.0999 1224 SNMPTRAP - ok
09:25:50.0027 1224 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
09:25:50.0039 1224 spldr - ok
09:25:50.0068 1224 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
09:25:50.0116 1224 Spooler - ok
09:25:50.0168 1224 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\Windows\system32\Drivers\sptd.sys
09:25:50.0211 1224 sptd - ok
09:25:50.0245 1224 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
09:25:50.0267 1224 srv - ok
09:25:50.0320 1224 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:25:50.0338 1224 srv2 - ok
09:25:50.0359 1224 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:25:50.0389 1224 srvnet - ok
09:25:50.0454 1224 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:25:50.0519 1224 SSDPSRV - ok
09:25:50.0545 1224 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:25:50.0569 1224 SstpSvc - ok
09:25:50.0604 1224 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
09:25:50.0648 1224 stisvc - ok
09:25:50.0678 1224 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:25:50.0691 1224 swenum - ok
09:25:50.0735 1224 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
09:25:50.0785 1224 swprv - ok
09:25:50.0810 1224 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
09:25:50.0823 1224 Symc8xx - ok
09:25:50.0883 1224 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
09:25:50.0895 1224 Sym_hi - ok
09:25:50.0911 1224 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
09:25:50.0925 1224 Sym_u3 - ok
09:25:50.0967 1224 [ 32E8B307F0E9F72B66B518FD62EAB91E ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
09:25:50.0982 1224 SynTP - ok
09:25:51.0021 1224 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
09:25:51.0105 1224 SysMain - ok
09:25:51.0151 1224 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:25:51.0188 1224 TabletInputService - ok
09:25:51.0220 1224 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:25:51.0251 1224 TapiSrv - ok
09:25:51.0277 1224 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
09:25:51.0324 1224 TBS - ok
09:25:51.0378 1224 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:25:51.0686 1224 Tcpip - ok
09:25:51.0706 1224 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
09:25:51.0763 1224 Tcpip6 - ok
09:25:51.0854 1224 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:25:51.0880 1224 tcpipreg - ok
09:25:51.0903 1224 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:25:51.0946 1224 TDPIPE - ok
09:25:51.0964 1224 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:25:51.0992 1224 TDTCP - ok
09:25:52.0030 1224 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:25:52.0051 1224 tdx - ok
09:25:52.0068 1224 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:25:52.0083 1224 TermDD - ok
09:25:52.0107 1224 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
09:25:52.0188 1224 TermService - ok
09:25:52.0211 1224 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
09:25:52.0231 1224 Themes - ok
09:25:52.0249 1224 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
09:25:52.0280 1224 THREADORDER - ok
09:25:52.0315 1224 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
09:25:52.0388 1224 TrkWks - ok
09:25:52.0420 1224 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:25:52.0457 1224 TrustedInstaller - ok
09:25:52.0516 1224 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:25:52.0557 1224 tssecsrv - ok
09:25:52.0570 1224 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
09:25:52.0599 1224 tunmp - ok
09:25:52.0635 1224 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:25:52.0653 1224 tunnel - ok
09:25:52.0673 1224 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:25:52.0687 1224 uagp35 - ok
09:25:52.0728 1224 [ F763E070843EE2803DE1395002B42938 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
09:25:52.0737 1224 UBHelper - ok
09:25:52.0764 1224 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:25:52.0790 1224 udfs - ok
09:25:52.0819 1224 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:25:52.0860 1224 UI0Detect - ok
09:25:52.0894 1224 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:25:52.0908 1224 uliagpkx - ok
09:25:52.0939 1224 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
09:25:52.0957 1224 uliahci - ok
09:25:52.0981 1224 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
09:25:52.0995 1224 UlSata - ok
09:25:53.0015 1224 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
09:25:53.0030 1224 ulsata2 - ok
09:25:53.0064 1224 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:25:53.0110 1224 umbus - ok
09:25:53.0145 1224 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
09:25:53.0198 1224 upnphost - ok
09:25:53.0254 1224 [ 47F5F9D837D80FFD5882A14DB9DA0A67 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
09:25:53.0305 1224 upperdev - ok
09:25:53.0367 1224 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:25:53.0395 1224 usbccgp - ok
09:25:53.0433 1224 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:25:53.0500 1224 usbcir - ok
09:25:53.0531 1224 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:25:53.0575 1224 usbehci - ok
09:25:53.0611 1224 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:25:53.0642 1224 usbhub - ok
09:25:53.0654 1224 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:25:53.0699 1224 usbohci - ok
09:25:53.0724 1224 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:25:53.0758 1224 usbprint - ok
09:25:53.0784 1224 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:25:53.0805 1224 usbscan - ok
09:25:53.0853 1224 [ D575246188F63DE0ACCF6EAC5FB59E6A ] usbser C:\Windows\system32\drivers\usbser.sys
09:25:53.0875 1224 usbser - ok
09:25:53.0928 1224 [ E44F0D17BE0908B58DCC99CCB99C6C32 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
09:25:53.0966 1224 UsbserFilt - ok
09:25:53.0998 1224 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:25:54.0054 1224 USBSTOR - ok
09:25:54.0077 1224 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
09:25:54.0102 1224 usbuhci - ok
09:25:54.0127 1224 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
09:25:54.0173 1224 usbvideo - ok
09:25:54.0194 1224 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
09:25:54.0220 1224 UxSms - ok
09:25:54.0264 1224 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
09:25:54.0343 1224 vds - ok
09:25:54.0394 1224 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:25:54.0430 1224 vga - ok
09:25:54.0448 1224 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
09:25:54.0484 1224 VgaSave - ok
09:25:54.0496 1224 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
09:25:54.0510 1224 viaagp - ok
09:25:54.0525 1224 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
09:25:54.0552 1224 ViaC7 - ok
09:25:54.0595 1224 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
09:25:54.0608 1224 viaide - ok
09:25:54.0624 1224 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:25:54.0637 1224 volmgr - ok
09:25:54.0695 1224 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:25:54.0716 1224 volmgrx - ok
09:25:54.0730 1224 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:25:54.0749 1224 volsnap - ok
09:25:54.0764 1224 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:25:54.0781 1224 vsmraid - ok
09:25:54.0853 1224 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
09:25:54.0955 1224 VSS - ok
09:25:55.0003 1224 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
09:25:55.0035 1224 W32Time - ok
09:25:55.0087 1224 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:25:55.0152 1224 WacomPen - ok
09:25:55.0170 1224 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
09:25:55.0210 1224 Wanarp - ok
09:25:55.0215 1224 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:25:55.0236 1224 Wanarpv6 - ok
09:25:55.0271 1224 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:25:55.0300 1224 wcncsvc - ok
09:25:55.0344 1224 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:25:55.0366 1224 WcsPlugInService - ok
09:25:55.0390 1224 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
09:25:55.0403 1224 Wd - ok
09:25:55.0491 1224 [ 77D80469DD64DFDDF3F2B881C68DCBE1 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:25:55.0500 1224 Suspicious file (Forged): C:\Windows\system32\drivers\Wdf01000.sys. Real md5: 77D80469DD64DFDDF3F2B881C68DCBE1, Fake md5: 9950E3D0F08141C7E89E64456AE7DC73
09:25:55.0501 1224 Wdf01000 ( Virus.Win32.Rloader.a ) - infected
09:25:55.0501 1224 Wdf01000 - detected Virus.Win32.Rloader.a (0)
09:25:55.0526 1224 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:25:55.0562 1224 WdiServiceHost - ok
09:25:55.0567 1224 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:25:55.0600 1224 WdiSystemHost - ok
09:25:55.0651 1224 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
09:25:55.0686 1224 WebClient - ok
09:25:55.0740 1224 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:25:55.0805 1224 Wecsvc - ok
09:25:55.0818 1224 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:25:55.0847 1224 wercplsupport - ok
09:25:55.0878 1224 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
09:25:55.0910 1224 WerSvc - ok
09:25:55.0946 1224 [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
09:25:56.0022 1224 winachsf - ok
09:25:56.0087 1224 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
09:25:56.0106 1224 WinDefend - ok
09:25:56.0134 1224 WinHttpAutoProxySvc - ok
09:25:56.0228 1224 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:25:56.0251 1224 Winmgmt - ok
09:25:56.0341 1224 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
09:25:56.0469 1224 WinRM - ok
09:25:56.0547 1224 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:25:56.0624 1224 Wlansvc - ok
09:25:56.0699 1224 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
09:25:56.0719 1224 WmiAcpi - ok
09:25:56.0747 1224 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:25:56.0782 1224 wmiApSrv - ok
09:25:56.0882 1224 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
09:25:56.0975 1224 WMPNetworkSvc - ok
09:25:57.0009 1224 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:25:57.0059 1224 WPCSvc - ok
09:25:57.0125 1224 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:25:57.0159 1224 WPDBusEnum - ok
09:25:57.0183 1224 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
09:25:57.0198 1224 WpdUsb - ok
09:25:57.0368 1224 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:25:57.0417 1224 WPFFontCache_v0400 - ok
09:25:57.0473 1224 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:25:57.0528 1224 ws2ifsl - ok
09:25:57.0554 1224 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
09:25:57.0600 1224 wscsvc - ok
09:25:57.0606 1224 WSearch - ok
09:25:57.0700 1224 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
09:25:57.0849 1224 wuauserv - ok
09:25:57.0931 1224 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:25:57.0959 1224 WudfPf - ok
09:25:57.0991 1224 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:25:58.0018 1224 WUDFRd - ok
09:25:58.0053 1224 [ 2C0206FF8D2C75AC027D1096FA2FAFDA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:25:58.0102 1224 wudfsvc - ok
09:25:58.0132 1224 [ 04E268ADFC81964C49DC0C082D520F7E ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
09:25:58.0201 1224 yukonwlh - ok
09:25:58.0214 1224 ================ Scan global ===============================
09:25:58.0281 1224 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
09:25:58.0318 1224 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
09:25:58.0362 1224 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
09:25:58.0392 1224 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
09:25:58.0399 1224 [Global] - ok
09:25:58.0400 1224 ================ Scan MBR ==================================
09:25:58.0444 1224 [ 6FC6F9186C07BCA94E140F63BFE6E9B4 ] \Device\Harddisk0\DR0
09:26:01.0568 1224 \Device\Harddisk0\DR0 - ok
09:26:01.0569 1224 ================ Scan VBR ==================================
09:26:01.0630 1224 [ 5B3A8956EE1022E75044C159784E19FF ] \Device\Harddisk0\DR0\Partition1
09:26:01.0634 1224 \Device\Harddisk0\DR0\Partition1 - ok
09:26:01.0662 1224 [ 7D9A409FABDEA3848DE8B8542E4A7AA8 ] \Device\Harddisk0\DR0\Partition2
09:26:01.0666 1224 \Device\Harddisk0\DR0\Partition2 - ok
09:26:01.0666 1224 ============================================================
09:26:01.0666 1224 Scan finished
09:26:01.0666 1224 ============================================================
09:26:01.0687 3356 Detected object count: 7
09:26:01.0687 3356 Actual detected object count: 7

Ich habe den Inhalt der Datei komplett markiert, kopiert und hier eingefügt. Vielleicht jetzt?

Zitat:

hi die neueste version vom tdss killer hast du? also frisch geladen?
dann scanne noch mal, wähle scip und dann schließe den scanner, poste das neue log.

Ach den Scanner schließen? Hatte ihn noch auf, weil ich dachte, das ich dann dort irgendwas machen soll. Ich scanne nochmal neu, wähle dann überall Skip, schließe den Scanner und poste das neue Log.

ja genau, scannen, skip, schließen und dann log posten :-)

Hier das neue Log.

Zitat:

12:32:34.0368 2308 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
12:32:36.0372 2308 ============================================================
12:32:36.0372 2308 Current date / time: 2012/09/08 12:32:36.0372
12:32:36.0372 2308 SystemInfo:
12:32:36.0372 2308
12:32:36.0372 2308 OS Version: 6.0.6002 ServicePack: 2.0
12:32:36.0372 2308 Product type: Workstation
12:32:36.0372 2308 ComputerName: MELANIE-PC
12:32:36.0372 2308 UserName: Melanie
12:32:36.0372 2308 Windows directory: C:\Windows
12:32:36.0372 2308 System windows directory: C:\Windows
12:32:36.0372 2308 Processor architecture: Intel x86
12:32:36.0372 2308 Number of processors: 2
12:32:36.0372 2308 Page size: 0x1000
12:32:36.0372 2308 Boot type: Normal boot
12:32:36.0372 2308 ============================================================
12:32:37.0777 2308 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:32:37.0779 2308 ============================================================
12:32:37.0779 2308 \Device\Harddisk0\DR0:
12:32:37.0779 2308 MBR partitions:
12:32:37.0779 2308 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0x12057000
12:32:37.0779 2308 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x133DF800, BlocksNum 0x1204E800
12:32:37.0779 2308 ============================================================
12:32:37.0819 2308 C: <-> \Device\Harddisk0\DR0\Partition1
12:32:38.0107 2308 D: <-> \Device\Harddisk0\DR0\Partition2
12:32:38.0108 2308 ============================================================
12:32:38.0108 2308 Initialize success
12:32:38.0108 2308 ============================================================
12:34:13.0958 5420 ============================================================
12:34:13.0958 5420 Scan started
12:34:13.0958 5420 Mode: Manual; SigCheck; TDLFS;
12:34:13.0958 5420 ============================================================
12:34:16.0648 5420 ================ Scan system memory ========================
12:34:16.0648 5420 System memory - ok
12:34:16.0648 5420 ================ Scan services =============================
12:34:17.0268 5420 5776 - ok
12:34:19.0751 5420 [ EC818AED40E3359FE49DDB1700151E56 ] ACEDRV09 C:\Windows\system32\drivers\ACEDRV09.sys
12:34:19.0874 5420 ACEDRV09 - ok
12:34:19.0922 5420 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
12:34:19.0947 5420 ACPI - ok
12:34:20.0718 5420 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
12:34:20.0732 5420 AdobeARMservice - ok
12:34:20.0833 5420 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:34:20.0854 5420 AdobeFlashPlayerUpdateSvc - ok
12:34:22.0272 5420 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:34:22.0315 5420 adp94xx - ok
12:34:22.0361 5420 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:34:22.0384 5420 adpahci - ok
12:34:22.0433 5420 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
12:34:22.0451 5420 adpu160m - ok
12:34:22.0474 5420 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:34:22.0492 5420 adpu320 - ok
12:34:22.0579 5420 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:34:22.0621 5420 AeLookupSvc - ok
12:34:22.0664 5420 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
12:34:22.0706 5420 AFD - ok
12:34:22.0744 5420 [ EFBC44FBD75E4F80BD927AEBF6E7EADE ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
12:34:22.0778 5420 AgereModemAudio - ok
12:34:23.0198 5420 [ 38325C6AA8EAE011897D61CE48EC6435 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
12:34:23.0295 5420 AgereSoftModem - ok
12:34:23.0343 5420 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:34:23.0359 5420 agp440 - ok
12:34:24.0055 5420 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
12:34:24.0070 5420 aic78xx - ok
12:34:24.0138 5420 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
12:34:24.0269 5420 ALG - ok
12:34:24.0291 5420 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
12:34:24.0308 5420 aliide - ok
12:34:24.0329 5420 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
12:34:24.0342 5420 amdagp - ok
12:34:25.0284 5420 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
12:34:25.0297 5420 amdide - ok
12:34:25.0343 5420 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
12:34:25.0369 5420 AmdK7 - ok
12:34:25.0389 5420 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:34:25.0421 5420 AmdK8 - ok
12:34:25.0452 5420 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
12:34:25.0484 5420 Appinfo - ok
12:34:25.0512 5420 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
12:34:25.0526 5420 arc - ok
12:34:25.0552 5420 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:34:25.0566 5420 arcsas - ok
12:34:26.0258 5420 [ E54E27976E2C5A6465D44C10B1D87AC0 ] ASPI C:\Windows\System32\DRIVERS\ASPI32.sys
12:34:26.0277 5420 ASPI ( UnsignedFile.Multi.Generic ) - warning
12:34:26.0277 5420 ASPI - detected UnsignedFile.Multi.Generic (1)
12:34:26.0302 5420 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:34:26.0327 5420 AsyncMac - ok
12:34:26.0377 5420 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
12:34:26.0391 5420 atapi - ok
12:34:27.0290 5420 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:34:27.0316 5420 AudioEndpointBuilder - ok
12:34:27.0325 5420 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
12:34:27.0352 5420 Audiosrv - ok
12:34:27.0381 5420 [ 502F1C30BD50B32D00CE4DCAECC3D3C7 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
12:34:27.0428 5420 b57nd60x - ok
12:34:27.0491 5420 [ E22ABCAA7B6FF580FEB0D49545DC4263 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
12:34:27.0585 5420 BCM43XX - ok
12:34:27.0614 5420 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
12:34:27.0652 5420 Beep - ok
12:34:27.0719 5420 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
12:34:27.0826 5420 BFE - ok
12:34:27.0880 5420 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
12:34:27.0963 5420 BITS - ok
12:34:27.0990 5420 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
12:34:28.0024 5420 blbdrive - ok
12:34:28.0045 5420 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:34:28.0109 5420 bowser - ok
12:34:28.0136 5420 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
12:34:28.0165 5420 BrFiltLo - ok
12:34:28.0180 5420 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
12:34:28.0215 5420 BrFiltUp - ok
12:34:28.0305 5420 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
12:34:28.0336 5420 Browser - ok
12:34:28.0360 5420 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
12:34:28.0425 5420 Brserid - ok
12:34:29.0284 5420 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
12:34:29.0347 5420 BrSerWdm - ok
12:34:29.0364 5420 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
12:34:29.0459 5420 BrUsbMdm - ok
12:34:29.0498 5420 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
12:34:29.0556 5420 BrUsbSer - ok
12:34:29.0603 5420 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:34:29.0648 5420 BTHMODEM - ok
12:34:29.0924 5420 [ 09E6AFFAE6C0E9158BF05C7D08D0107A ] BUNAgentSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
12:34:29.0929 5420 BUNAgentSvc ( UnsignedFile.Multi.Generic ) - warning
12:34:29.0929 5420 BUNAgentSvc - detected UnsignedFile.Multi.Generic (1)
12:34:29.0958 5420 catchme - ok
12:34:30.0036 5420 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:34:30.0082 5420 cdfs - ok
12:34:30.0114 5420 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:34:30.0145 5420 cdrom - ok
12:34:30.0287 5420 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
12:34:30.0318 5420 CertPropSvc - ok
12:34:30.0352 5420 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
12:34:30.0393 5420 circlass - ok
12:34:30.0462 5420 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
12:34:30.0483 5420 CLFS - ok
12:34:30.0567 5420 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:34:30.0580 5420 clr_optimization_v2.0.50727_32 - ok
12:34:31.0249 5420 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:34:31.0263 5420 clr_optimization_v4.0.30319_32 - ok
12:34:31.0308 5420 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:34:31.0351 5420 CmBatt - ok
12:34:31.0391 5420 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:34:31.0404 5420 cmdide - ok
12:34:31.0418 5420 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:34:31.0431 5420 Compbatt - ok
12:34:31.0438 5420 COMSysApp - ok
12:34:31.0447 5420 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:34:31.0460 5420 crcdisk - ok
12:34:31.0481 5420 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
12:34:31.0519 5420 Crusoe - ok
12:34:31.0560 5420 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:34:31.0626 5420 CryptSvc - ok
12:34:31.0685 5420 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:34:31.0774 5420 DcomLaunch - ok
12:34:31.0813 5420 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:34:31.0843 5420 DfsC - ok
12:34:32.0332 5420 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
12:34:32.0540 5420 DFSR - ok
12:34:32.0570 5420 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
12:34:32.0613 5420 Dhcp - ok
12:34:33.0264 5420 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
12:34:33.0282 5420 disk - ok
12:34:33.0322 5420 [ 73BAF270D24FE726B9CD7F80BB17A23D ] DKbFltr C:\Windows\system32\DRIVERS\DKbFltr.sys
12:34:33.0335 5420 DKbFltr - ok
12:34:33.0361 5420 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:34:33.0393 5420 Dnscache - ok
12:34:33.0423 5420 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:34:33.0467 5420 dot3svc - ok
12:34:34.0218 5420 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
12:34:34.0267 5420 DPS - ok
12:34:34.0726 5420 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:34:34.0756 5420 drmkaud - ok
12:34:34.0827 5420 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:34:34.0874 5420 DXGKrnl - ok
12:34:34.0926 5420 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
12:34:34.0971 5420 E1G60 - ok
12:34:35.0018 5420 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
12:34:35.0040 5420 EapHost - ok
12:34:35.0092 5420 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
12:34:35.0110 5420 Ecache - ok
12:34:35.0180 5420 [ 2CE2DDCB1A41ED4488A2A8B98D286B3D ] eDataSecurity Service C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
12:34:35.0257 5420 eDataSecurity Service - ok
12:34:35.0339 5420 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:34:35.0400 5420 ehRecvr - ok
12:34:35.0417 5420 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
12:34:35.0485 5420 ehSched - ok
12:34:35.0526 5420 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
12:34:35.0551 5420 ehstart - ok
12:34:35.0577 5420 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:34:35.0603 5420 elxstor - ok
12:34:35.0658 5420 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
12:34:35.0812 5420 EMDMgmt - ok
12:34:36.0261 5420 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:34:36.0302 5420 ErrDev - ok
12:34:36.0351 5420 [ A51FD9DF23720485991F56741BBEFCFB ] ETService C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
12:34:36.0375 5420 ETService ( UnsignedFile.Multi.Generic ) - warning
12:34:36.0375 5420 ETService - detected UnsignedFile.Multi.Generic (1)
12:34:36.0499 5420 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
12:34:36.0533 5420 EventSystem - ok
12:34:36.0729 5420 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
12:34:36.0787 5420 exfat - ok
12:34:36.0826 5420 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:34:36.0861 5420 fastfat - ok
12:34:36.0953 5420 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:34:36.0988 5420 fdc - ok
12:34:37.0050 5420 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
12:34:37.0085 5420 fdPHost - ok
12:34:37.0126 5420 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
12:34:37.0227 5420 FDResPub - ok
12:34:37.0271 5420 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:34:37.0287 5420 FileInfo - ok
12:34:37.0338 5420 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:34:37.0381 5420 Filetrace - ok
12:34:37.0422 5420 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:34:37.0458 5420 flpydisk - ok
12:34:37.0493 5420 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:34:37.0515 5420 FltMgr - ok
12:34:37.0594 5420 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
12:34:37.0658 5420 FontCache - ok
12:34:37.0747 5420 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:34:37.0758 5420 FontCache3.0.0.0 - ok
12:34:37.0842 5420 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:34:37.0927 5420 Fs_Rec - ok
12:34:37.0958 5420 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:34:37.0972 5420 gagp30kx - ok
12:34:38.0036 5420 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
12:34:38.0110 5420 gpsvc - ok
12:34:38.0176 5420 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9fbf99e8cea12 C:\Program Files\Google\Update\GoogleUpdate.exe
12:34:38.0191 5420 gupdate1c9fbf99e8cea12 - ok
12:34:38.0254 5420 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
12:34:38.0266 5420 gupdatem - ok
12:34:38.0326 5420 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
12:34:38.0342 5420 gusvc - ok
12:34:38.0396 5420 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:34:38.0485 5420 HdAudAddService - ok
12:34:38.0529 5420 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:34:38.0597 5420 HDAudBus - ok
12:34:38.0611 5420 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:34:38.0664 5420 HidBth - ok
12:34:38.0679 5420 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
12:34:38.0741 5420 HidIr - ok
12:34:38.0810 5420 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
12:34:38.0864 5420 hidserv - ok
12:34:38.0886 5420 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:34:38.0907 5420 HidUsb - ok
12:34:38.0943 5420 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:34:38.0989 5420 hkmsvc - ok
12:34:39.0242 5420 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
12:34:39.0261 5420 HpCISSs - ok
12:34:39.0308 5420 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
12:34:39.0355 5420 HSFHWAZL - ok
12:34:39.0394 5420 [ EC36F1D542ED4252390D446BF6D4DFD0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
12:34:39.0533 5420 HSF_DPV - ok
12:34:39.0574 5420 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:34:39.0671 5420 HTTP - ok
12:34:39.0722 5420 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
12:34:39.0738 5420 i2omp - ok
12:34:39.0771 5420 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:34:39.0796 5420 i8042prt - ok
12:34:39.0833 5420 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
12:34:39.0854 5420 iaStorV - ok
12:34:39.0958 5420 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:34:40.0051 5420 idsvc - ok
12:34:40.0442 5420 [ DCE0B53570703CCE580D066F89EF58CD ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
12:34:40.0959 5420 igfx - ok
12:34:41.0002 5420 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:34:41.0019 5420 iirsp - ok
12:34:41.0085 5420 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
12:34:41.0158 5420 IKEEXT - ok
12:34:41.0190 5420 [ C6E5276C00EBDEB096BB5EF4B797D1B6 ] int15 C:\Windows\system32\drivers\int15.sys
12:34:41.0201 5420 int15 - ok
12:34:41.0306 5420 [ 219CA9A36D6DE2EC04F958C907673436 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
12:34:41.0523 5420 IntcAzAudAddService - ok
12:34:41.0588 5420 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
12:34:41.0603 5420 intelide - ok
12:34:41.0659 5420 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:34:41.0704 5420 intelppm - ok
12:34:41.0792 5420 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:34:41.0871 5420 IPBusEnum - ok
12:34:41.0906 5420 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:34:41.0995 5420 IpFilterDriver - ok
12:34:42.0056 5420 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:34:42.0085 5420 iphlpsvc - ok
12:34:42.0099 5420 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
12:34:42.0138 5420 IPMIDRV - ok
12:34:42.0173 5420 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
12:34:42.0199 5420 IPNAT - ok
12:34:42.0225 5420 [ E50A95179211B12946F7E035D60AF560 ] irda C:\Windows\system32\DRIVERS\irda.sys
12:34:42.0267 5420 irda - ok
12:34:42.0316 5420 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:34:42.0346 5420 IRENUM - ok
12:34:42.0392 5420 [ CBB0D940221A281BCFEAEA695BD1CDA5 ] Irmon C:\Windows\System32\irmon.dll
12:34:42.0453 5420 Irmon - ok
12:34:42.0477 5420 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:34:42.0493 5420 isapnp - ok
12:34:42.0530 5420 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
12:34:42.0550 5420 iScsiPrt - ok
12:34:42.0570 5420 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
12:34:42.0584 5420 iteatapi - ok
12:34:42.0607 5420 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
12:34:42.0622 5420 iteraid - ok
12:34:42.0671 5420 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:34:42.0683 5420 kbdclass - ok
12:34:43.0239 5420 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:34:43.0275 5420 kbdhid - ok
12:34:43.0360 5420 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
12:34:43.0434 5420 KeyIso - ok
12:34:43.0492 5420 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:34:43.0531 5420 KSecDD - ok
12:34:43.0588 5420 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
12:34:43.0639 5420 KtmRm - ok
12:34:43.0707 5420 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
12:34:43.0737 5420 LanmanServer - ok
12:34:43.0765 5420 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:34:43.0809 5420 LanmanWorkstation - ok
12:34:43.0850 5420 [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
12:34:43.0873 5420 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
12:34:43.0873 5420 LightScribeService - detected UnsignedFile.Multi.Generic (1)
12:34:43.0943 5420 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:34:43.0983 5420 lltdio - ok
12:34:44.0018 5420 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:34:44.0065 5420 lltdsvc - ok
12:34:44.0095 5420 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:34:44.0149 5420 lmhosts - ok
12:34:44.0206 5420 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:34:44.0223 5420 LSI_FC - ok
12:34:44.0258 5420 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:34:44.0274 5420 LSI_SAS - ok
12:34:44.0292 5420 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:34:44.0306 5420 LSI_SCSI - ok
12:34:44.0321 5420 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
12:34:44.0365 5420 luafv - ok
12:34:44.0399 5420 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
12:34:44.0412 5420 MBAMProtector - ok
12:34:44.0467 5420 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
12:34:44.0521 5420 MBAMService - ok
12:34:44.0577 5420 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:34:44.0600 5420 Mcx2Svc - ok
12:34:44.0659 5420 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
12:34:44.0675 5420 megasas - ok
12:34:44.0705 5420 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
12:34:44.0748 5420 MegaSR - ok
12:34:44.0788 5420 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
12:34:44.0832 5420 MMCSS - ok
12:34:44.0861 5420 MobilityService - ok
12:34:44.0879 5420 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
12:34:44.0923 5420 Modem - ok
12:34:44.0945 5420 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:34:44.0989 5420 monitor - ok
12:34:45.0022 5420 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:34:45.0036 5420 mouclass - ok
12:34:45.0069 5420 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:34:45.0095 5420 mouhid - ok
12:34:45.0112 5420 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
12:34:45.0125 5420 MountMgr - ok
12:34:45.0142 5420 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
12:34:45.0158 5420 mpio - ok
12:34:45.0180 5420 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:34:45.0202 5420 mpsdrv - ok
12:34:45.0240 5420 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
12:34:45.0325 5420 MpsSvc - ok
12:34:45.0341 5420 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
12:34:45.0353 5420 Mraid35x - ok
12:34:45.0384 5420 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:34:45.0407 5420 MRxDAV - ok
12:34:45.0442 5420 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:34:45.0460 5420 mrxsmb - ok
12:34:45.0501 5420 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:34:45.0523 5420 mrxsmb10 - ok
12:34:45.0538 5420 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:34:45.0555 5420 mrxsmb20 - ok
12:34:45.0588 5420 [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci C:\Windows\system32\drivers\msahci.sys
12:34:45.0604 5420 msahci - ok
12:34:45.0649 5420 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:34:45.0667 5420 msdsm - ok
12:34:45.0684 5420 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
12:34:45.0726 5420 MSDTC - ok
12:34:45.0742 5420 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:34:45.0794 5420 Msfs - ok
12:34:45.0802 5420 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:34:45.0821 5420 msisadrv - ok
12:34:45.0873 5420 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:34:45.0901 5420 MSiSCSI - ok
12:34:45.0907 5420 msiserver - ok
12:34:46.0186 5420 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:34:46.0280 5420 MSKSSRV - ok
12:34:46.0302 5420 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:34:46.0334 5420 MSPCLOCK - ok
12:34:46.0348 5420 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:34:46.0380 5420 MSPQM - ok
12:34:46.0410 5420 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:34:46.0432 5420 MsRPC - ok
12:34:46.0475 5420 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:34:46.0487 5420 mssmbios - ok
12:34:46.0861 5420 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:34:46.0894 5420 MSTEE - ok
12:34:46.0949 5420 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
12:34:46.0968 5420 Mup - ok
12:34:47.0003 5420 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
12:34:47.0072 5420 napagent - ok
12:34:47.0108 5420 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:34:47.0136 5420 NativeWifiP - ok
12:34:47.0173 5420 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:34:47.0216 5420 NDIS - ok
12:34:47.0276 5420 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:34:47.0328 5420 NdisTapi - ok
12:34:47.0365 5420 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:34:47.0421 5420 Ndisuio - ok
12:34:47.0454 5420 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:34:47.0477 5420 NdisWan - ok
12:34:47.0493 5420 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:34:47.0515 5420 NDProxy - ok
12:34:47.0528 5420 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:34:47.0555 5420 NetBIOS - ok
12:34:47.0691 5420 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
12:34:47.0727 5420 netbt - ok
12:34:47.0774 5420 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
12:34:47.0791 5420 Netlogon - ok
12:34:47.0817 5420 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
12:34:47.0856 5420 Netman - ok
12:34:47.0910 5420 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
12:34:47.0959 5420 netprofm - ok
12:34:47.0989 5420 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:34:48.0004 5420 NetTcpPortSharing - ok
12:34:48.0038 5420 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:34:48.0053 5420 nfrd960 - ok
12:34:48.0079 5420 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:34:48.0114 5420 NlaSvc - ok
12:34:48.0189 5420 [ F6C40E0A565EE3CE5AEEB325E10054F2 ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
12:34:48.0245 5420 nmwcd - ok
12:34:48.0293 5420 [ 2A394E9E1FA3565E4B2FEA470FFE4D6B ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
12:34:48.0326 5420 nmwcdc - ok
12:34:48.0370 5420 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:34:48.0394 5420 Npfs - ok
12:34:48.0417 5420 [ 6D8D2E5652FC2442C810C5D8BE784148 ] NSCIRDA C:\Windows\system32\DRIVERS\nscirda.sys
12:34:48.0463 5420 NSCIRDA - ok
12:34:48.0510 5420 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
12:34:48.0563 5420 nsi - ok
12:34:48.0581 5420 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:34:48.0628 5420 nsiproxy - ok
12:34:48.0708 5420 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:34:48.0811 5420 Ntfs - ok
12:34:48.0845 5420 [ CB76F68BA0D57C5D25B538981B1C611C ] NTIBackupSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
12:34:48.0856 5420 NTIBackupSvc - ok
12:34:48.0887 5420 [ 2757D2BA59AEE155209E24942AB127C9 ] NTIDrvr C:\Windows\system32\DRIVERS\NTIDrvr.sys
12:34:48.0896 5420 NTIDrvr - ok
12:34:48.0963 5420 [ DF1C10A75DF7E50195FC417F88A33227 ] NTISchedulerSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
12:34:48.0970 5420 NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - warning
12:34:48.0970 5420 NTISchedulerSvc - detected UnsignedFile.Multi.Generic (1)
12:34:49.0002 5420 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
12:34:49.0053 5420 ntrigdigi - ok
12:34:49.0071 5420 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
12:34:49.0114 5420 Null - ok
12:34:49.0132 5420 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:34:49.0147 5420 nvraid - ok
12:34:49.0165 5420 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:34:49.0179 5420 nvstor - ok
12:34:49.0195 5420 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:34:49.0210 5420 nv_agp - ok
12:34:49.0787 5420 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:34:49.0814 5420 odserv - ok
12:34:49.0839 5420 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
12:34:49.0877 5420 ohci1394 - ok
12:34:49.0924 5420 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:34:49.0937 5420 ose - ok
12:34:50.0027 5420 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
12:34:50.0126 5420 p2pimsvc - ok
12:34:50.0139 5420 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
12:34:50.0181 5420 p2psvc - ok
12:34:50.0230 5420 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
12:34:50.0277 5420 Parport - ok
12:34:50.0316 5420 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:34:50.0333 5420 partmgr - ok
12:34:50.0377 5420 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
12:34:50.0437 5420 Parvdm - ok
12:34:50.0515 5420 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
12:34:50.0561 5420 PcaSvc - ok
12:34:50.0586 5420 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
12:34:50.0615 5420 pccsmcfd - ok
12:34:50.0650 5420 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
12:34:50.0675 5420 pci - ok
12:34:52.0723 5420 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
12:34:52.0736 5420 pciide - ok
12:34:52.0784 5420 [ B7C5A8769541900F6DFA6FE0C5E4D513 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:34:52.0802 5420 pcmcia - ok
12:34:52.0839 5420 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:34:52.0961 5420 PEAUTH - ok
12:34:59.0908 5420 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
12:35:00.0038 5420 pla - ok
12:35:00.0106 5420 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:35:00.0150 5420 PlugPlay - ok
12:35:00.0178 5420 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
12:35:00.0219 5420 PNRPAutoReg - ok
12:35:00.0267 5420 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
12:35:00.0294 5420 PNRPsvc - ok
12:35:00.0374 5420 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:35:00.0443 5420 PolicyAgent - ok
12:35:00.0473 5420 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:35:00.0521 5420 PptpMiniport - ok
12:35:00.0551 5420 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
12:35:00.0582 5420 Processor - ok
12:35:00.0616 5420 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
12:35:00.0650 5420 ProfSvc - ok
12:35:00.0660 5420 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:35:00.0680 5420 ProtectedStorage - ok
12:35:01.0689 5420 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
12:35:01.0724 5420 PSched - ok
12:35:01.0789 5420 [ 1DCBB35090CC4B2BD3D661E6089523C6 ] PSDFilter C:\Windows\system32\DRIVERS\psdfilter.sys
12:35:01.0800 5420 PSDFilter - ok
12:35:01.0814 5420 [ E26E46D619469964AC3609620F443867 ] PSDNServ C:\Windows\system32\DRIVERS\PSDNServ.sys
12:35:01.0823 5420 PSDNServ - ok
12:35:01.0836 5420 [ 3E1D134AF2806867D06047C4CC33CC65 ] psdvdisk C:\Windows\system32\DRIVERS\PSDVdisk.sys
12:35:01.0847 5420 psdvdisk - ok
12:35:01.0896 5420 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:35:01.0992 5420 ql2300 - ok
12:35:02.0810 5420 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:35:02.0827 5420 ql40xx - ok
12:35:02.0891 5420 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
12:35:02.0971 5420 QWAVE - ok
12:35:02.0987 5420 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:35:03.0003 5420 QWAVEdrv - ok
12:35:03.0016 5420 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:35:03.0064 5420 RasAcd - ok
12:35:03.0084 5420 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
12:35:03.0164 5420 RasAuto - ok
12:35:03.0186 5420 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:35:03.0223 5420 Rasl2tp - ok
12:35:03.0320 5420 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
12:35:03.0357 5420 RasMan - ok
12:35:03.0387 5420 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:35:03.0408 5420 RasPppoe - ok
12:35:03.0443 5420 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:35:03.0458 5420 RasSstp - ok
12:35:03.0480 5420 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:35:03.0518 5420 rdbss - ok
12:35:03.0537 5420 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:35:03.0580 5420 RDPCDD - ok
12:35:03.0621 5420 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
12:35:03.0656 5420 rdpdr - ok
12:35:03.0664 5420 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:35:03.0694 5420 RDPENCDD - ok
12:35:03.0768 5420 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:35:03.0808 5420 RDPWD - ok
12:35:03.0845 5420 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:35:03.0873 5420 RemoteAccess - ok
12:35:03.0925 5420 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:35:03.0949 5420 RemoteRegistry - ok
12:35:03.0975 5420 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
12:35:04.0011 5420 RpcLocator - ok
12:35:04.0083 5420 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
12:35:04.0136 5420 RpcSs - ok
12:35:04.0197 5420 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:35:04.0237 5420 rspndr - ok
12:35:04.0324 5420 [ 73835C4F79ADC404EF39C8A9E2D4183B ] RS_Service C:\Program Files\Acer\Acer VCM\RS_Service.exe
12:35:04.0335 5420 RS_Service ( UnsignedFile.Multi.Generic ) - warning
12:35:04.0335 5420 RS_Service - detected UnsignedFile.Multi.Generic (1)
12:35:04.0410 5420 [ 30AF53469B2A60F693ACB24FBD90ABD7 ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
12:35:04.0440 5420 RTSTOR - ok
12:35:04.0479 5420 [ 59509AD6CBC28F2C73056268985B3E48 ] s0016bus C:\Windows\system32\DRIVERS\s0016bus.sys
12:35:04.0496 5420 s0016bus - ok
12:35:04.0529 5420 [ B98C3A6F91F4FBA285AF9606A240C6B4 ] s0016mdfl C:\Windows\system32\DRIVERS\s0016mdfl.sys
12:35:04.0538 5420 s0016mdfl - ok
12:35:04.0589 5420 [ 8A83426F4FB7B5212825D9DE76368B1A ] s0016mdm C:\Windows\system32\DRIVERS\s0016mdm.sys
12:35:04.0601 5420 s0016mdm - ok
12:35:04.0629 5420 [ 594FF5620661D1386475406E78CB6F2F ] s0017bus C:\Windows\system32\DRIVERS\s0017bus.sys
12:35:04.0640 5420 s0017bus - ok
12:35:04.0661 5420 [ 7258F550419D543BC5C8E80C578A5D54 ] s0017mdfl C:\Windows\system32\DRIVERS\s0017mdfl.sys
12:35:04.0671 5420 s0017mdfl - ok
12:35:04.0704 5420 [ 1DE4F6607FEB17A15DBD4F1B139E6D2F ] s0017mdm C:\Windows\system32\DRIVERS\s0017mdm.sys
12:35:04.0716 5420 s0017mdm - ok
12:35:04.0754 5420 [ 9814E6BACC06D2526CD52981C7EEEDF0 ] s0017mgmt C:\Windows\system32\DRIVERS\s0017mgmt.sys
12:35:04.0766 5420 s0017mgmt - ok
12:35:04.0793 5420 [ 2C62CD58225973F26682CD4F783DDEDE ] s0017nd5 C:\Windows\system32\DRIVERS\s0017nd5.sys
12:35:04.0804 5420 s0017nd5 - ok
12:35:04.0880 5420 [ F87C3422E84B2FB1B43E0A26247AD5A5 ] s0017obex C:\Windows\system32\DRIVERS\s0017obex.sys
12:35:04.0892 5420 s0017obex - ok
12:35:04.0934 5420 [ DF5E7360A0AFA5956BF75DA683D0679F ] s0017unic C:\Windows\system32\DRIVERS\s0017unic.sys
12:35:04.0948 5420 s0017unic - ok
12:35:05.0007 5420 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
12:35:05.0023 5420 SamSs - ok
12:35:05.0081 5420 SASDIFSV - ok
12:35:05.0086 5420 SASKUTIL - ok
12:35:05.0129 5420 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:35:05.0145 5420 sbp2port - ok
12:35:05.0198 5420 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:35:05.0227 5420 SCardSvr - ok
12:35:07.0754 5420 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
12:35:07.0884 5420 Schedule - ok
12:35:07.0922 5420 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:35:07.0941 5420 SCPolicySvc - ok
12:35:09.0896 5420 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
12:35:09.0945 5420 sdbus - ok
12:35:10.0013 5420 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:35:10.0104 5420 SDRSVC - ok
12:35:10.0135 5420 [ 97EC6C60112EBD40C07FE295A38AB1EA ] SE2Ebus C:\Windows\system32\DRIVERS\SE2Ebus.sys
12:35:10.0158 5420 SE2Ebus - ok
12:35:10.0180 5420 [ ABFE402BA200E82568A5606719397AFA ] SE2Emdfl C:\Windows\system32\DRIVERS\SE2Emdfl.sys
12:35:10.0209 5420 SE2Emdfl - ok
12:35:10.0226 5420 [ 4ACFE8A2A3C1624964429E83BC7148A4 ] SE2Emdm C:\Windows\system32\DRIVERS\SE2Emdm.sys
12:35:10.0260 5420 SE2Emdm - ok
12:35:10.0276 5420 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:35:10.0341 5420 secdrv - ok
12:35:10.0961 5420 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
12:35:11.0078 5420 seclogon - ok
12:35:11.0133 5420 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
12:35:11.0178 5420 SENS - ok
12:35:11.0208 5420 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
12:35:11.0266 5420 Serenum - ok
12:35:11.0292 5420 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
12:35:11.0350 5420 Serial - ok
12:35:11.0369 5420 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:35:11.0395 5420 sermouse - ok
12:35:15.0533 5420 [ C15B813F2FDB44F87F23312472C6E790 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
12:35:15.0657 5420 ServiceLayer - ok
12:35:15.0720 5420 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
12:35:15.0754 5420 SessionEnv - ok
12:35:15.0772 5420 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:35:15.0825 5420 sffdisk - ok
12:35:17.0410 5420 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:35:17.0449 5420 sffp_mmc - ok
12:35:17.0490 5420 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:35:17.0535 5420 sffp_sd - ok
12:35:17.0547 5420 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:35:17.0609 5420 sfloppy - ok
12:35:17.0691 5420 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:35:17.0724 5420 SharedAccess - ok
12:35:17.0771 5420 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:35:17.0831 5420 ShellHWDetection - ok
12:35:17.0850 5420 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
12:35:17.0864 5420 sisagp - ok
12:35:17.0904 5420 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
12:35:17.0918 5420 SiSRaid2 - ok
12:35:17.0968 5420 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:35:17.0982 5420 SiSRaid4 - ok
12:35:18.0514 5420 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
12:35:18.0536 5420 SkypeUpdate - ok
12:35:18.0708 5420 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
12:35:18.0937 5420 slsvc - ok
12:35:19.0705 5420 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
12:35:19.0779 5420 SLUINotify - ok
12:35:19.0820 5420 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:35:19.0860 5420 Smb - ok
12:35:19.0937 5420 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:35:19.0954 5420 SNMPTRAP - ok
12:35:19.0979 5420 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
12:35:19.0994 5420 spldr - ok
12:35:20.0031 5420 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
12:35:20.0079 5420 Spooler - ok
12:35:20.0131 5420 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\Windows\system32\Drivers\sptd.sys
12:35:20.0174 5420 sptd - ok
12:35:20.0220 5420 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:35:20.0303 5420 srv - ok
12:35:20.0349 5420 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:35:20.0376 5420 srv2 - ok
12:35:20.0400 5420 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:35:20.0433 5420 srvnet - ok
12:35:20.0495 5420 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:35:20.0534 5420 SSDPSRV - ok
12:35:20.0552 5420 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:35:20.0570 5420 SstpSvc - ok
12:35:20.0601 5420 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
12:35:20.0628 5420 stisvc - ok
12:35:20.0652 5420 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:35:20.0665 5420 swenum - ok
12:35:20.0699 5420 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
12:35:20.0736 5420 swprv - ok
12:35:20.0751 5420 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
12:35:20.0763 5420 Symc8xx - ok
12:35:20.0812 5420 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
12:35:20.0824 5420 Sym_hi - ok
12:35:20.0840 5420 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
12:35:20.0853 5420 Sym_u3 - ok
12:35:20.0874 5420 [ 32E8B307F0E9F72B66B518FD62EAB91E ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
12:35:20.0889 5420 SynTP - ok
12:35:20.0929 5420 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
12:35:21.0004 5420 SysMain - ok
12:35:21.0037 5420 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:35:21.0073 5420 TabletInputService - ok
12:35:21.0138 5420 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:35:21.0169 5420 TapiSrv - ok
12:35:21.0184 5420 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
12:35:21.0231 5420 TBS - ok
12:35:21.0284 5420 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:35:21.0358 5420 Tcpip - ok
12:35:21.0387 5420 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
12:35:21.0435 5420 Tcpip6 - ok
12:35:21.0495 5420 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:35:21.0521 5420 tcpipreg - ok
12:35:21.0544 5420 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:35:21.0586 5420 TDPIPE - ok
12:35:21.0605 5420 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:35:21.0632 5420 TDTCP - ok
12:35:21.0671 5420 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:35:21.0697 5420 tdx - ok
12:35:21.0720 5420 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:35:21.0737 5420 TermDD - ok
12:35:21.0759 5420 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
12:35:21.0809 5420 TermService - ok
12:35:21.0836 5420 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
12:35:21.0856 5420 Themes - ok
12:35:21.0900 5420 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
12:35:21.0935 5420 THREADORDER - ok
12:35:22.0013 5420 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
12:35:22.0081 5420 TrkWks - ok
12:35:22.0116 5420 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:35:22.0151 5420 TrustedInstaller - ok
12:35:22.0190 5420 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:35:22.0227 5420 tssecsrv - ok
12:35:22.0244 5420 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
12:35:22.0269 5420 tunmp - ok
12:35:22.0297 5420 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:35:22.0312 5420 tunnel - ok
12:35:22.0336 5420 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:35:22.0349 5420 uagp35 - ok
12:35:22.0368 5420 [ F763E070843EE2803DE1395002B42938 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
12:35:22.0378 5420 UBHelper - ok
12:35:22.0405 5420 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:35:22.0433 5420 udfs - ok
12:35:22.0471 5420 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:35:22.0515 5420 UI0Detect - ok
12:35:22.0546 5420 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:35:22.0563 5420 uliagpkx - ok
12:35:22.0591 5420 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
12:35:22.0612 5420 uliahci - ok
12:35:22.0644 5420 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
12:35:22.0661 5420 UlSata - ok
12:35:22.0678 5420 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
12:35:22.0695 5420 ulsata2 - ok
12:35:22.0715 5420 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:35:22.0761 5420 umbus - ok
12:35:22.0786 5420 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
12:35:22.0824 5420 upnphost - ok
12:35:22.0883 5420 [ 47F5F9D837D80FFD5882A14DB9DA0A67 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
12:35:22.0935 5420 upperdev - ok
12:35:22.0963 5420 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:35:22.0997 5420 usbccgp - ok
12:35:23.0018 5420 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:35:23.0085 5420 usbcir - ok
12:35:23.0116 5420 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:35:23.0138 5420 usbehci - ok
12:35:23.0163 5420 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:35:23.0205 5420 usbhub - ok
12:35:23.0217 5420 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:35:23.0261 5420 usbohci - ok
12:35:23.0287 5420 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:35:23.0322 5420 usbprint - ok
12:35:23.0381 5420 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:35:23.0401 5420 usbscan - ok
12:35:23.0449 5420 [ D575246188F63DE0ACCF6EAC5FB59E6A ] usbser C:\Windows\system32\drivers\usbser.sys
12:35:23.0487 5420 usbser - ok
12:35:23.0536 5420 [ E44F0D17BE0908B58DCC99CCB99C6C32 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
12:35:23.0579 5420 UsbserFilt - ok
12:35:23.0606 5420 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:35:23.0639 5420 USBSTOR - ok
12:35:23.0662 5420 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:35:23.0686 5420 usbuhci - ok
12:35:23.0712 5420 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
12:35:23.0759 5420 usbvideo - ok
12:35:23.0779 5420 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
12:35:23.0805 5420 UxSms - ok
12:35:23.0839 5420 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
12:35:23.0915 5420 vds - ok
12:35:23.0957 5420 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:35:23.0995 5420 vga - ok
12:35:24.0011 5420 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
12:35:24.0041 5420 VgaSave - ok
12:35:24.0059 5420 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
12:35:24.0078 5420 viaagp - ok
12:35:24.0099 5420 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
12:35:24.0125 5420 ViaC7 - ok
12:35:24.0147 5420 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
12:35:24.0160 5420 viaide - ok
12:35:24.0209 5420 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:35:24.0222 5420 volmgr - ok
12:35:24.0258 5420 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:35:24.0280 5420 volmgrx - ok
12:35:24.0304 5420 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:35:24.0324 5420 volsnap - ok
12:35:24.0349 5420 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:35:24.0365 5420 vsmraid - ok
12:35:24.0448 5420 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
12:35:24.0555 5420 VSS - ok
12:35:24.0577 5420 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
12:35:24.0610 5420 W32Time - ok
12:35:24.0683 5420 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:35:24.0736 5420 WacomPen - ok
12:35:26.0668 5420 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
12:35:26.0689 5420 Wanarp - ok
12:35:26.0710 5420 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:35:26.0734 5420 Wanarpv6 - ok
12:35:26.0791 5420 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:35:26.0867 5420 wcncsvc - ok
12:35:26.0930 5420 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:35:26.0957 5420 WcsPlugInService - ok
12:35:26.0976 5420 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
12:35:26.0993 5420 Wd - ok
12:35:27.0055 5420 [ 77D80469DD64DFDDF3F2B881C68DCBE1 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:35:27.0063 5420 Suspicious file (Forged): C:\Windows\system32\drivers\Wdf01000.sys. Real md5: 77D80469DD64DFDDF3F2B881C68DCBE1, Fake md5: 9950E3D0F08141C7E89E64456AE7DC73
12:35:27.0065 5420 Wdf01000 ( Virus.Win32.Rloader.a ) - infected
12:35:27.0065 5420 Wdf01000 - detected Virus.Win32.Rloader.a (0)
12:35:27.0112 5420 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:35:27.0148 5420 WdiServiceHost - ok
12:35:27.0153 5420 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:35:27.0181 5420 WdiSystemHost - ok
12:35:27.0226 5420 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
12:35:27.0259 5420 WebClient - ok
12:35:27.0293 5420 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:35:27.0334 5420 Wecsvc - ok
12:35:27.0349 5420 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:35:27.0373 5420 wercplsupport - ok
12:35:27.0406 5420 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
12:35:27.0433 5420 WerSvc - ok
12:35:27.0477 5420 [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
12:35:27.0579 5420 winachsf - ok
12:35:27.0673 5420 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
12:35:27.0695 5420 WinDefend - ok
12:35:27.0721 5420 WinHttpAutoProxySvc - ok
12:35:27.0803 5420 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:35:27.0838 5420 Winmgmt - ok
12:35:27.0915 5420 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
12:35:28.0008 5420 WinRM - ok
12:35:28.0078 5420 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:35:28.0206 5420 Wlansvc - ok
12:35:28.0252 5420 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
12:35:28.0288 5420 WmiAcpi - ok
12:35:28.0323 5420 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:35:28.0357 5420 wmiApSrv - ok
12:35:28.0413 5420 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
12:35:28.0483 5420 WMPNetworkSvc - ok
12:35:28.0529 5420 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:35:28.0556 5420 WPCSvc - ok
12:35:28.0589 5420 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:35:28.0610 5420 WPDBusEnum - ok
12:35:28.0635 5420 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
12:35:28.0650 5420 WpdUsb - ok
12:35:28.0754 5420 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:35:28.0794 5420 WPFFontCache_v0400 - ok
12:35:28.0815 5420 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:35:28.0845 5420 ws2ifsl - ok
12:35:28.0873 5420 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
12:35:28.0893 5420 wscsvc - ok
12:35:28.0899 5420 WSearch - ok
12:35:28.0997 5420 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
12:35:29.0113 5420 wuauserv - ok
12:35:29.0173 5420 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:35:29.0222 5420 WudfPf - ok
12:35:29.0254 5420 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:35:29.0271 5420 WUDFRd - ok
12:35:29.0306 5420 [ 2C0206FF8D2C75AC027D1096FA2FAFDA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:35:29.0322 5420 wudfsvc - ok
12:35:29.0363 5420 [ 04E268ADFC81964C49DC0C082D520F7E ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
12:35:29.0404 5420 yukonwlh - ok
12:35:29.0415 5420 ================ Scan global ===============================
12:35:29.0479 5420 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
12:35:29.0515 5420 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
12:35:29.0549 5420 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
12:35:29.0578 5420 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
12:35:29.0587 5420 [Global] - ok
12:35:29.0589 5420 ================ Scan MBR ==================================
12:35:29.0608 5420 [ 6FC6F9186C07BCA94E140F63BFE6E9B4 ] \Device\Harddisk0\DR0
12:35:32.0298 5420 \Device\Harddisk0\DR0 - ok
12:35:32.0299 5420 ================ Scan VBR ==================================
12:35:32.0303 5420 [ 5B3A8956EE1022E75044C159784E19FF ] \Device\Harddisk0\DR0\Partition1
12:35:32.0305 5420 \Device\Harddisk0\DR0\Partition1 - ok
12:35:32.0326 5420 [ 7D9A409FABDEA3848DE8B8542E4A7AA8 ] \Device\Harddisk0\DR0\Partition2
12:35:32.0328 5420 \Device\Harddisk0\DR0\Partition2 - ok
12:35:32.0328 5420 ============================================================
12:35:32.0328 5420 Scan finished
12:35:32.0328 5420 ============================================================
12:35:32.0344 3192 Detected object count: 7
12:35:32.0344 3192 Actual detected object count: 7
12:35:47.0197 3192 ASPI ( UnsignedFile.Multi.Generic ) - skipped by user
12:35:47.0197 3192 ASPI ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:35:47.0200 3192 BUNAgentSvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:35:47.0200 3192 BUNAgentSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:35:47.0202 3192 ETService ( UnsignedFile.Multi.Generic ) - skipped by user
12:35:47.0202 3192 ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:35:47.0205 3192 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
12:35:47.0205 3192 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:35:47.0207 3192 NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:35:47.0207 3192 NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:35:47.0210 3192 RS_Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:35:47.0210 3192 RS_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:35:47.0213 3192 Wdf01000 ( Virus.Win32.Rloader.a ) - skipped by user
12:35:47.0213 3192 Wdf01000 ( Virus.Win32.Rloader.a ) - User select action: Skip
12:35:49.0931 5476 Deinitialize success

hi
starte noch mal, entferne den:
12:35:47.0213 3192 Wdf01000 ( Virus.Win32.Rloader.a ) - skipped by user
du kannst dich schon mal aufs neu aufsetzen einrichten, du hast ein rootkit

Oh nein?! Ich habe weder eine Betriebssystem CD, noch Ahnung davon.....
Geschweige denn, was ein Rootkit ist.
Ist das unumgänglich?
Auf was muß ich zum Entfernen klicken?

klicke Continue und ja, formatieren ist nötig
du hast doch schon mal formatiert in deinem alten thread glaube ich oder?

Habe ich gemacht. Soll ich nun auf "Reboot Computer" klicken? Ist eine CD für die Formatierung nötig? Ein nachträgliches BackUp wid mir wohl nun nicht mehr weiterhelfen. Habe ich trotzdem noch Möglichkeiten, meinen ganzen Kram sicherzustellen und dann neu zuinstallieren? Ist ja doch ne ganze Menge.

ne, nen nachträgliches backup wird nichts bringen, deswegen hatte ich dir damals ja einige werkzeuge an die hand gegeben, die man nur hätte nutzen müssen, aber genug davon.
1. reboot.
2. sag mir mal wie der pc heißt, also hersteller + typ
3. wenn der reboot durch is, noch mal mit tdss killer scannen und log posten, das mit der datensicherung bekommen wir alles hin, keine angst.

Es ist ein Acer. Du brauchst aber sicherlich eine genaue Bezeichnung. Wo kann ich diese finden?
Ich reboote mal schnell und poste das neue Log.

müsste eig im kaufvertrag, oder evtl. auf dem gerät selbst stehen.
aber die acer teile haben ne recovery funktion, also da ist keine cd nötig

Direkt auf den Laptop steht was.

Acer Aspire 5730Z

Ist das so korrekt?
Kaufvertrag ist nicht mehr vorhanden.

Hier das neue Log.

Zitat:

13:07:44.0262 4152 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
13:07:44.0415 4152 ============================================================
13:07:44.0415 4152 Current date / time: 2012/09/08 13:07:44.0415
13:07:44.0415 4152 SystemInfo:
13:07:44.0415 4152
13:07:44.0415 4152 OS Version: 6.0.6002 ServicePack: 2.0
13:07:44.0415 4152 Product type: Workstation
13:07:44.0415 4152 ComputerName: MELANIE-PC
13:07:44.0415 4152 UserName: Melanie
13:07:44.0415 4152 Windows directory: C:\Windows
13:07:44.0415 4152 System windows directory: C:\Windows
13:07:44.0415 4152 Processor architecture: Intel x86
13:07:44.0415 4152 Number of processors: 2
13:07:44.0415 4152 Page size: 0x1000
13:07:44.0415 4152 Boot type: Normal boot
13:07:44.0415 4152 ============================================================
13:07:45.0570 4152 BG loaded
13:07:46.0028 4152 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:07:46.0029 4152 ============================================================
13:07:46.0029 4152 \Device\Harddisk0\DR0:
13:07:46.0030 4152 MBR partitions:
13:07:46.0030 4152 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0x12057000
13:07:46.0030 4152 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x133DF800, BlocksNum 0x1204E800
13:07:46.0030 4152 ============================================================
13:07:46.0070 4152 C: <-> \Device\Harddisk0\DR0\Partition1
13:07:46.0480 4152 D: <-> \Device\Harddisk0\DR0\Partition2
13:07:46.0480 4152 ============================================================
13:07:46.0481 4152 Initialize success
13:07:46.0481 4152 ============================================================
13:07:51.0368 4452 ============================================================
13:07:51.0368 4452 Scan started
13:07:51.0368 4452 Mode: Manual; SigCheck; TDLFS;
13:07:51.0368 4452 ============================================================
13:07:53.0041 4452 ================ Scan system memory ========================
13:07:53.0041 4452 System memory - ok
13:07:53.0041 4452 ================ Scan services =============================
13:07:53.0238 4452 5776 - ok
13:07:53.0653 4452 [ EC818AED40E3359FE49DDB1700151E56 ] ACEDRV09 C:\Windows\system32\drivers\ACEDRV09.sys
13:07:53.0792 4452 ACEDRV09 - ok
13:07:53.0857 4452 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
13:07:53.0880 4452 ACPI - ok
13:07:54.0087 4452 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:07:54.0098 4452 AdobeARMservice - ok
13:07:54.0202 4452 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:07:54.0219 4452 AdobeFlashPlayerUpdateSvc - ok
13:07:54.0262 4452 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:07:54.0294 4452 adp94xx - ok
13:07:54.0472 4452 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:07:54.0598 4452 adpahci - ok
13:07:54.0623 4452 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
13:07:54.0678 4452 adpu160m - ok
13:07:54.0701 4452 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:07:54.0717 4452 adpu320 - ok
13:07:54.0780 4452 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:07:54.0889 4452 AeLookupSvc - ok
13:07:54.0932 4452 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
13:07:54.0996 4452 AFD - ok
13:07:55.0023 4452 [ EFBC44FBD75E4F80BD927AEBF6E7EADE ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
13:07:55.0071 4452 AgereModemAudio - ok
13:07:55.0233 4452 [ 38325C6AA8EAE011897D61CE48EC6435 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
13:07:55.0329 4452 AgereSoftModem - ok
13:07:55.0367 4452 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:07:55.0383 4452 agp440 - ok
13:07:55.0533 4452 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
13:07:55.0553 4452 aic78xx - ok
13:07:55.0628 4452 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
13:07:55.0786 4452 ALG - ok
13:07:55.0814 4452 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
13:07:55.0826 4452 aliide - ok
13:07:55.0841 4452 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
13:07:55.0854 4452 amdagp - ok
13:07:55.0874 4452 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
13:07:55.0886 4452 amdide - ok
13:07:55.0966 4452 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
13:07:56.0011 4452 AmdK7 - ok
13:07:56.0034 4452 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
13:07:56.0074 4452 AmdK8 - ok
13:07:56.0108 4452 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
13:07:56.0161 4452 Appinfo - ok
13:07:56.0224 4452 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
13:07:56.0240 4452 arc - ok
13:07:56.0286 4452 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:07:56.0303 4452 arcsas - ok
13:07:56.0392 4452 [ E54E27976E2C5A6465D44C10B1D87AC0 ] ASPI C:\Windows\System32\DRIVERS\ASPI32.sys
13:07:56.0422 4452 ASPI ( UnsignedFile.Multi.Generic ) - warning
13:07:56.0422 4452 ASPI - detected UnsignedFile.Multi.Generic (1)
13:07:56.0469 4452 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:07:56.0504 4452 AsyncMac - ok
13:07:56.0533 4452 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
13:07:56.0546 4452 atapi - ok
13:07:56.0589 4452 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:07:56.0770 4452 AudioEndpointBuilder - ok
13:07:56.0789 4452 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
13:07:56.0816 4452 Audiosrv - ok
13:07:56.0858 4452 [ 502F1C30BD50B32D00CE4DCAECC3D3C7 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
13:07:56.0950 4452 b57nd60x - ok
13:07:57.0024 4452 [ E22ABCAA7B6FF580FEB0D49545DC4263 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
13:07:57.0077 4452 BCM43XX - ok
13:07:57.0103 4452 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
13:07:57.0138 4452 Beep - ok
13:07:57.0307 4452 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
13:07:57.0341 4452 BFE - ok
13:07:57.0391 4452 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
13:07:57.0454 4452 BITS - ok
13:07:57.0479 4452 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
13:07:57.0516 4452 blbdrive - ok
13:07:57.0678 4452 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:07:57.0721 4452 bowser - ok
13:07:57.0769 4452 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
13:07:57.0805 4452 BrFiltLo - ok
13:07:57.0824 4452 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
13:07:57.0858 4452 BrFiltUp - ok
13:07:57.0949 4452 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
13:07:57.0990 4452 Browser - ok
13:07:58.0015 4452 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
13:07:58.0210 4452 Brserid - ok
13:07:58.0250 4452 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
13:07:58.0300 4452 BrSerWdm - ok
13:07:58.0386 4452 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
13:07:58.0447 4452 BrUsbMdm - ok
13:07:58.0475 4452 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
13:07:58.0534 4452 BrUsbSer - ok
13:07:58.0647 4452 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:07:58.0727 4452 BTHMODEM - ok
13:07:58.0812 4452 [ 09E6AFFAE6C0E9158BF05C7D08D0107A ] BUNAgentSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
13:07:58.0875 4452 BUNAgentSvc ( UnsignedFile.Multi.Generic ) - warning
13:07:58.0875 4452 BUNAgentSvc - detected UnsignedFile.Multi.Generic (1)
13:07:58.0946 4452 catchme - ok
13:07:58.0969 4452 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:07:59.0014 4452 cdfs - ok
13:07:59.0080 4452 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:07:59.0138 4452 cdrom - ok
13:07:59.0175 4452 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
13:07:59.0209 4452 CertPropSvc - ok
13:07:59.0229 4452 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
13:07:59.0290 4452 circlass - ok
13:07:59.0339 4452 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
13:07:59.0362 4452 CLFS - ok
13:07:59.0432 4452 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:07:59.0464 4452 clr_optimization_v2.0.50727_32 - ok
13:07:59.0570 4452 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:07:59.0816 4452 clr_optimization_v4.0.30319_32 - ok
13:07:59.0874 4452 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:07:59.0931 4452 CmBatt - ok
13:07:59.0945 4452 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:07:59.0984 4452 cmdide - ok
13:08:00.0006 4452 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:08:00.0021 4452 Compbatt - ok
13:08:00.0028 4452 COMSysApp - ok
13:08:00.0038 4452 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:08:00.0053 4452 crcdisk - ok
13:08:00.0069 4452 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
13:08:00.0111 4452 Crusoe - ok
13:08:00.0148 4452 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:08:00.0181 4452 CryptSvc - ok
13:08:00.0239 4452 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:08:00.0296 4452 DcomLaunch - ok
13:08:00.0335 4452 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:08:00.0410 4452 DfsC - ok
13:08:00.0496 4452 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
13:08:00.0660 4452 DFSR - ok
13:08:00.0691 4452 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
13:08:00.0745 4452 Dhcp - ok
13:08:00.0785 4452 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
13:08:00.0801 4452 disk - ok
13:08:00.0843 4452 [ 73BAF270D24FE726B9CD7F80BB17A23D ] DKbFltr C:\Windows\system32\DRIVERS\DKbFltr.sys
13:08:00.0854 4452 DKbFltr - ok
13:08:00.0882 4452 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:08:00.0968 4452 Dnscache - ok
13:08:01.0033 4452 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:08:01.0066 4452 dot3svc - ok
13:08:01.0227 4452 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
13:08:01.0320 4452 DPS - ok
13:08:01.0335 4452 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:08:01.0379 4452 drmkaud - ok
13:08:01.0424 4452 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:08:01.0462 4452 DXGKrnl - ok
13:08:01.0490 4452 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
13:08:01.0524 4452 E1G60 - ok
13:08:01.0583 4452 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
13:08:01.0603 4452 EapHost - ok
13:08:01.0679 4452 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
13:08:01.0696 4452 Ecache - ok
13:08:01.0845 4452 [ 2CE2DDCB1A41ED4488A2A8B98D286B3D ] eDataSecurity Service C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
13:08:01.0868 4452 eDataSecurity Service - ok
13:08:01.0937 4452 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:08:01.0988 4452 ehRecvr - ok
13:08:02.0048 4452 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
13:08:02.0094 4452 ehSched - ok
13:08:02.0135 4452 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
13:08:02.0162 4452 ehstart - ok
13:08:02.0197 4452 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:08:02.0225 4452 elxstor - ok
13:08:02.0278 4452 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
13:08:02.0354 4452 EMDMgmt - ok
13:08:02.0414 4452 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:08:02.0467 4452 ErrDev - ok
13:08:02.0527 4452 [ A51FD9DF23720485991F56741BBEFCFB ] ETService C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
13:08:02.0572 4452 ETService ( UnsignedFile.Multi.Generic ) - warning
13:08:02.0572 4452 ETService - detected UnsignedFile.Multi.Generic (1)
13:08:02.0664 4452 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
13:08:02.0717 4452 EventSystem - ok
13:08:02.0771 4452 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
13:08:02.0817 4452 exfat - ok
13:08:02.0868 4452 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:08:02.0889 4452 fastfat - ok
13:08:02.0972 4452 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:08:03.0007 4452 fdc - ok
13:08:03.0070 4452 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
13:08:03.0099 4452 fdPHost - ok
13:08:03.0146 4452 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
13:08:03.0198 4452 FDResPub - ok
13:08:03.0257 4452 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:08:03.0271 4452 FileInfo - ok
13:08:03.0291 4452 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:08:03.0330 4452 Filetrace - ok
13:08:03.0375 4452 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:08:03.0407 4452 flpydisk - ok
13:08:03.0479 4452 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:08:03.0494 4452 FltMgr - ok
13:08:03.0601 4452 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
13:08:03.0687 4452 FontCache - ok
13:08:03.0789 4452 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:08:03.0802 4452 FontCache3.0.0.0 - ok
13:08:03.0884 4452 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:08:03.0981 4452 Fs_Rec - ok
13:08:04.0033 4452 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:08:04.0049 4452 gagp30kx - ok
13:08:04.0145 4452 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
13:08:04.0199 4452 gpsvc - ok
13:08:04.0285 4452 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9fbf99e8cea12 C:\Program Files\Google\Update\GoogleUpdate.exe
13:08:04.0300 4452 gupdate1c9fbf99e8cea12 - ok
13:08:04.0340 4452 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
13:08:04.0352 4452 gupdatem - ok
13:08:04.0568 4452 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
13:08:04.0579 4452 gusvc - ok
13:08:04.0682 4452 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:08:04.0763 4452 HdAudAddService - ok
13:08:04.0838 4452 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:08:04.0993 4452 HDAudBus - ok
13:08:05.0020 4452 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:08:05.0112 4452 HidBth - ok
13:08:05.0144 4452 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
13:08:05.0211 4452 HidIr - ok
13:08:05.0263 4452 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
13:08:05.0319 4452 hidserv - ok
13:08:05.0350 4452 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:08:05.0378 4452 HidUsb - ok
13:08:05.0407 4452 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:08:05.0449 4452 hkmsvc - ok
13:08:05.0484 4452 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
13:08:05.0497 4452 HpCISSs - ok
13:08:05.0561 4452 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
13:08:05.0664 4452 HSFHWAZL - ok
13:08:05.0703 4452 [ EC36F1D542ED4252390D446BF6D4DFD0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
13:08:05.0845 4452 HSF_DPV - ok
13:08:05.0894 4452 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:08:05.0981 4452 HTTP - ok
13:08:06.0031 4452 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
13:08:06.0049 4452 i2omp - ok
13:08:06.0091 4452 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:08:06.0150 4452 i8042prt - ok
13:08:06.0185 4452 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
13:08:06.0206 4452 iaStorV - ok
13:08:06.0311 4452 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:08:06.0415 4452 idsvc - ok
13:08:06.0671 4452 [ DCE0B53570703CCE580D066F89EF58CD ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
13:08:07.0019 4452 igfx - ok
13:08:07.0066 4452 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:08:07.0077 4452 iirsp - ok
13:08:07.0148 4452 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
13:08:07.0322 4452 IKEEXT - ok
13:08:07.0354 4452 [ C6E5276C00EBDEB096BB5EF4B797D1B6 ] int15 C:\Windows\system32\drivers\int15.sys
13:08:07.0365 4452 int15 - ok
13:08:07.0445 4452 [ 219CA9A36D6DE2EC04F958C907673436 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
13:08:07.0549 4452 IntcAzAudAddService - ok
13:08:07.0619 4452 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
13:08:07.0635 4452 intelide - ok
13:08:07.0656 4452 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:08:07.0708 4452 intelppm - ok
13:08:07.0745 4452 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:08:07.0796 4452 IPBusEnum - ok
13:08:07.0837 4452 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:08:07.0869 4452 IpFilterDriver - ok
13:08:07.0943 4452 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:08:08.0006 4452 iphlpsvc - ok
13:08:08.0019 4452 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
13:08:08.0045 4452 IPMIDRV - ok
13:08:08.0070 4452 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
13:08:08.0095 4452 IPNAT - ok
13:08:08.0145 4452 [ E50A95179211B12946F7E035D60AF560 ] irda C:\Windows\system32\DRIVERS\irda.sys
13:08:08.0186 4452 irda - ok
13:08:08.0224 4452 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:08:08.0253 4452 IRENUM - ok
13:08:08.0311 4452 [ CBB0D940221A281BCFEAEA695BD1CDA5 ] Irmon C:\Windows\System32\irmon.dll
13:08:08.0372 4452 Irmon - ok
13:08:08.0397 4452 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:08:08.0412 4452 isapnp - ok
13:08:08.0451 4452 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
13:08:08.0466 4452 iScsiPrt - ok
13:08:08.0523 4452 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
13:08:08.0535 4452 iteatapi - ok
13:08:08.0571 4452 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
13:08:08.0582 4452 iteraid - ok
13:08:08.0635 4452 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:08:08.0647 4452 kbdclass - ok
13:08:08.0825 4452 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
13:08:08.0860 4452 kbdhid - ok
13:08:08.0946 4452 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
13:08:08.0988 4452 KeyIso - ok
13:08:09.0045 4452 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:08:09.0081 4452 KSecDD - ok
13:08:09.0108 4452 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
13:08:09.0168 4452 KtmRm - ok
13:08:09.0249 4452 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
13:08:09.0312 4452 LanmanServer - ok
13:08:09.0340 4452 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:08:09.0385 4452 LanmanWorkstation - ok
13:08:09.0447 4452 [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
13:08:09.0472 4452 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
13:08:09.0472 4452 LightScribeService - detected UnsignedFile.Multi.Generic (1)
13:08:09.0518 4452 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:08:09.0575 4452 lltdio - ok
13:08:09.0615 4452 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:08:09.0674 4452 lltdsvc - ok
13:08:09.0704 4452 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:08:09.0757 4452 lmhosts - ok
13:08:09.0814 4452 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:08:09.0828 4452 LSI_FC - ok
13:08:09.0866 4452 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:08:09.0880 4452 LSI_SAS - ok
13:08:09.0944 4452 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:08:09.0959 4452 LSI_SCSI - ok
13:08:09.0974 4452 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
13:08:10.0017 4452 luafv - ok
13:08:10.0052 4452 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
13:08:10.0063 4452 MBAMProtector - ok
13:08:10.0187 4452 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
13:08:10.0215 4452 MBAMService - ok
13:08:10.0285 4452 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:08:10.0310 4452 Mcx2Svc - ok
13:08:10.0390 4452 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
13:08:10.0406 4452 megasas - ok
13:08:10.0448 4452 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
13:08:10.0481 4452 MegaSR - ok
13:08:10.0530 4452 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
13:08:10.0608 4452 MMCSS - ok
13:08:10.0747 4452 MobilityService - ok
13:08:10.0765 4452 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
13:08:10.0808 4452 Modem - ok
13:08:10.0853 4452 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:08:10.0903 4452 monitor - ok
13:08:10.0953 4452 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:08:10.0967 4452 mouclass - ok
13:08:11.0000 4452 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:08:11.0029 4452 mouhid - ok
13:08:11.0053 4452 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
13:08:11.0069 4452 MountMgr - ok
13:08:11.0095 4452 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
13:08:11.0113 4452 mpio - ok
13:08:11.0133 4452 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:08:11.0191 4452 mpsdrv - ok
13:08:11.0239 4452 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
13:08:11.0325 4452 MpsSvc - ok
13:08:11.0349 4452 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
13:08:11.0361 4452 Mraid35x - ok
13:08:11.0415 4452 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:08:11.0449 4452 MRxDAV - ok
13:08:11.0483 4452 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:08:11.0532 4452 mrxsmb - ok
13:08:11.0565 4452 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:08:11.0609 4452 mrxsmb10 - ok
13:08:11.0624 4452 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:08:11.0639 4452 mrxsmb20 - ok
13:08:11.0685 4452 [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci C:\Windows\system32\drivers\msahci.sys
13:08:11.0702 4452 msahci - ok
13:08:11.0724 4452 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:08:11.0741 4452 msdsm - ok
13:08:11.0759 4452 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
13:08:11.0811 4452 MSDTC - ok
13:08:11.0826 4452 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:08:11.0873 4452 Msfs - ok
13:08:11.0880 4452 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:08:11.0895 4452 msisadrv - ok
13:08:11.0948 4452 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:08:11.0981 4452 MSiSCSI - ok
13:08:11.0988 4452 msiserver - ok
13:08:12.0017 4452 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:08:12.0075 4452 MSKSSRV - ok
13:08:12.0088 4452 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:08:12.0118 4452 MSPCLOCK - ok
13:08:12.0134 4452 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:08:12.0172 4452 MSPQM - ok
13:08:12.0208 4452 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:08:12.0225 4452 MsRPC - ok
13:08:12.0250 4452 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:08:12.0262 4452 mssmbios - ok
13:08:12.0280 4452 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:08:12.0305 4452 MSTEE - ok
13:08:12.0346 4452 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
13:08:12.0360 4452 Mup - ok
13:08:12.0389 4452 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
13:08:12.0422 4452 napagent - ok
13:08:12.0449 4452 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:08:12.0475 4452 NativeWifiP - ok
13:08:12.0514 4452 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:08:12.0542 4452 NDIS - ok
13:08:12.0573 4452 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:08:12.0606 4452 NdisTapi - ok
13:08:12.0628 4452 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:08:12.0653 4452 Ndisuio - ok
13:08:12.0674 4452 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:08:12.0695 4452 NdisWan - ok
13:08:12.0734 4452 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:08:12.0754 4452 NDProxy - ok
13:08:12.0780 4452 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:08:12.0829 4452 NetBIOS - ok
13:08:12.0866 4452 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
13:08:12.0902 4452 netbt - ok
13:08:12.0960 4452 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
13:08:12.0976 4452 Netlogon - ok
13:08:13.0003 4452 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
13:08:13.0054 4452 Netman - ok
13:08:13.0107 4452 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
13:08:13.0161 4452 netprofm - ok
13:08:13.0186 4452 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:08:13.0204 4452 NetTcpPortSharing - ok
13:08:13.0257 4452 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:08:13.0272 4452 nfrd960 - ok
13:08:13.0298 4452 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:08:13.0330 4452 NlaSvc - ok
13:08:13.0409 4452 [ F6C40E0A565EE3CE5AEEB325E10054F2 ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
13:08:13.0465 4452 nmwcd - ok
13:08:13.0512 4452 [ 2A394E9E1FA3565E4B2FEA470FFE4D6B ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
13:08:13.0545 4452 nmwcdc - ok
13:08:13.0589 4452 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:08:13.0613 4452 Npfs - ok
13:08:13.0636 4452 [ 6D8D2E5652FC2442C810C5D8BE784148 ] NSCIRDA C:\Windows\system32\DRIVERS\nscirda.sys
13:08:13.0678 4452 NSCIRDA - ok
13:08:13.0729 4452 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
13:08:13.0771 4452 nsi - ok
13:08:13.0789 4452 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:08:13.0815 4452 nsiproxy - ok
13:08:13.0872 4452 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:08:13.0956 4452 Ntfs - ok
13:08:13.0976 4452 [ CB76F68BA0D57C5D25B538981B1C611C ] NTIBackupSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
13:08:13.0986 4452 NTIBackupSvc - ok
13:08:14.0039 4452 [ 2757D2BA59AEE155209E24942AB127C9 ] NTIDrvr C:\Windows\system32\DRIVERS\NTIDrvr.sys
13:08:14.0048 4452 NTIDrvr - ok
13:08:14.0116 4452 [ DF1C10A75DF7E50195FC417F88A33227 ] NTISchedulerSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
13:08:14.0158 4452 NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - warning
13:08:14.0158 4452 NTISchedulerSvc - detected UnsignedFile.Multi.Generic (1)
13:08:14.0188 4452 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
13:08:14.0233 4452 ntrigdigi - ok
13:08:14.0246 4452 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
13:08:14.0285 4452 Null - ok
13:08:14.0306 4452 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:08:14.0320 4452 nvraid - ok
13:08:14.0340 4452 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:08:14.0353 4452 nvstor - ok
13:08:14.0370 4452 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:08:14.0384 4452 nv_agp - ok
13:08:14.0517 4452 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:08:14.0541 4452 odserv - ok
13:08:14.0569 4452 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
13:08:14.0595 4452 ohci1394 - ok
13:08:14.0642 4452 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:08:14.0656 4452 ose - ok
13:08:14.0702 4452 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
13:08:14.0757 4452 p2pimsvc - ok
13:08:14.0813 4452 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
13:08:14.0884 4452 p2psvc - ok
13:08:14.0938 4452 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
13:08:14.0991 4452 Parport - ok
13:08:15.0023 4452 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:08:15.0042 4452 partmgr - ok
13:08:15.0095 4452 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
13:08:15.0150 4452 Parvdm - ok
13:08:15.0211 4452 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
13:08:15.0256 4452 PcaSvc - ok
13:08:15.0283 4452 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
13:08:15.0299 4452 pccsmcfd - ok
13:08:15.0335 4452 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
13:08:15.0352 4452 pci - ok
13:08:15.0374 4452 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
13:08:15.0387 4452 pciide - ok
13:08:15.0412 4452 [ B7C5A8769541900F6DFA6FE0C5E4D513 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:08:15.0429 4452 pcmcia - ok
13:08:15.0468 4452 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:08:15.0586 4452 PEAUTH - ok
13:08:15.0662 4452 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
13:08:15.0761 4452 pla - ok
13:08:15.0819 4452 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:08:15.0885 4452 PlugPlay - ok
13:08:15.0914 4452 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
13:08:15.0941 4452 PNRPAutoReg - ok
13:08:15.0970 4452 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
13:08:15.0998 4452 PNRPsvc - ok
13:08:16.0065 4452 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:08:16.0112 4452 PolicyAgent - ok
13:08:16.0153 4452 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:08:16.0201 4452 PptpMiniport - ok
13:08:16.0231 4452 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
13:08:16.0268 4452 Processor - ok
13:08:16.0296 4452 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
13:08:16.0323 4452 ProfSvc - ok
13:08:16.0429 4452 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
13:08:16.0443 4452 ProtectedStorage - ok
13:08:16.0624 4452 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
13:08:16.0684 4452 PSched - ok
13:08:16.0746 4452 [ 1DCBB35090CC4B2BD3D661E6089523C6 ] PSDFilter C:\Windows\system32\DRIVERS\psdfilter.sys
13:08:16.0757 4452 PSDFilter - ok
13:08:16.0771 4452 [ E26E46D619469964AC3609620F443867 ] PSDNServ C:\Windows\system32\DRIVERS\PSDNServ.sys
13:08:16.0781 4452 PSDNServ - ok
13:08:16.0804 4452 [ 3E1D134AF2806867D06047C4CC33CC65 ] psdvdisk C:\Windows\system32\DRIVERS\PSDVdisk.sys
13:08:16.0815 4452 psdvdisk - ok
13:08:16.0864 4452 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:08:16.0960 4452 ql2300 - ok
13:08:16.0989 4452 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:08:17.0005 4452 ql40xx - ok
13:08:17.0070 4452 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
13:08:17.0107 4452 QWAVE - ok
13:08:17.0115 4452 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:08:17.0131 4452 QWAVEdrv - ok
13:08:17.0206 4452 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:08:17.0281 4452 RasAcd - ok
13:08:17.0307 4452 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
13:08:17.0358 4452 RasAuto - ok
13:08:17.0376 4452 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:08:17.0416 4452 Rasl2tp - ok
13:08:17.0477 4452 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
13:08:17.0514 4452 RasMan - ok
13:08:17.0543 4452 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:08:17.0573 4452 RasPppoe - ok
13:08:17.0622 4452 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:08:17.0635 4452 RasSstp - ok
13:08:17.0648 4452 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:08:17.0698 4452 rdbss - ok
13:08:17.0716 4452 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:08:17.0759 4452 RDPCDD - ok
13:08:17.0799 4452 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
13:08:17.0834 4452 rdpdr - ok
13:08:17.0843 4452 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:08:17.0873 4452 RDPENCDD - ok
13:08:17.0935 4452 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:08:17.0976 4452 RDPWD - ok
13:08:18.0024 4452 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:08:18.0050 4452 RemoteAccess - ok
13:08:18.0092 4452 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:08:18.0132 4452 RemoteRegistry - ok
13:08:18.0154 4452 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
13:08:18.0190 4452 RpcLocator - ok
13:08:18.0217 4452 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
13:08:18.0250 4452 RpcSs - ok
13:08:18.0287 4452 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:08:18.0327 4452 rspndr - ok
13:08:18.0369 4452 [ 73835C4F79ADC404EF39C8A9E2D4183B ] RS_Service C:\Program Files\Acer\Acer VCM\RS_Service.exe
13:08:18.0378 4452 RS_Service ( UnsignedFile.Multi.Generic ) - warning
13:08:18.0378 4452 RS_Service - detected UnsignedFile.Multi.Generic (1)
13:08:18.0411 4452 [ 30AF53469B2A60F693ACB24FBD90ABD7 ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
13:08:18.0456 4452 RTSTOR - ok
13:08:18.0491 4452 [ 59509AD6CBC28F2C73056268985B3E48 ] s0016bus C:\Windows\system32\DRIVERS\s0016bus.sys
13:08:18.0505 4452 s0016bus - ok
13:08:18.0530 4452 [ B98C3A6F91F4FBA285AF9606A240C6B4 ] s0016mdfl C:\Windows\system32\DRIVERS\s0016mdfl.sys
13:08:18.0543 4452 s0016mdfl - ok
13:08:18.0590 4452 [ 8A83426F4FB7B5212825D9DE76368B1A ] s0016mdm C:\Windows\system32\DRIVERS\s0016mdm.sys
13:08:18.0607 4452 s0016mdm - ok
13:08:18.0641 4452 [ 594FF5620661D1386475406E78CB6F2F ] s0017bus C:\Windows\system32\DRIVERS\s0017bus.sys
13:08:18.0654 4452 s0017bus - ok
13:08:18.0673 4452 [ 7258F550419D543BC5C8E80C578A5D54 ] s0017mdfl C:\Windows\system32\DRIVERS\s0017mdfl.sys
13:08:18.0684 4452 s0017mdfl - ok
13:08:18.0716 4452 [ 1DE4F6607FEB17A15DBD4F1B139E6D2F ] s0017mdm C:\Windows\system32\DRIVERS\s0017mdm.sys
13:08:18.0730 4452 s0017mdm - ok
13:08:18.0766 4452 [ 9814E6BACC06D2526CD52981C7EEEDF0 ] s0017mgmt C:\Windows\system32\DRIVERS\s0017mgmt.sys
13:08:18.0780 4452 s0017mgmt - ok
13:08:18.0805 4452 [ 2C62CD58225973F26682CD4F783DDEDE ] s0017nd5 C:\Windows\system32\DRIVERS\s0017nd5.sys
13:08:18.0816 4452 s0017nd5 - ok
13:08:18.0847 4452 [ F87C3422E84B2FB1B43E0A26247AD5A5 ] s0017obex C:\Windows\system32\DRIVERS\s0017obex.sys
13:08:18.0861 4452 s0017obex - ok
13:08:18.0891 4452 [ DF5E7360A0AFA5956BF75DA683D0679F ] s0017unic C:\Windows\system32\DRIVERS\s0017unic.sys
13:08:18.0904 4452 s0017unic - ok
13:08:18.0930 4452 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
13:08:18.0950 4452 SamSs - ok
13:08:18.0993 4452 SASDIFSV - ok
13:08:18.0999 4452 SASKUTIL - ok
13:08:19.0041 4452 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:08:19.0059 4452 sbp2port - ok
13:08:19.0088 4452 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:08:19.0117 4452 SCardSvr - ok
13:08:19.0160 4452 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
13:08:19.0260 4452 Schedule - ok
13:08:19.0288 4452 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:08:19.0307 4452 SCPolicySvc - ok
13:08:19.0327 4452 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
13:08:19.0361 4452 sdbus - ok
13:08:19.0400 4452 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:08:19.0446 4452 SDRSVC - ok
13:08:19.0477 4452 [ 97EC6C60112EBD40C07FE295A38AB1EA ] SE2Ebus C:\Windows\system32\DRIVERS\SE2Ebus.sys
13:08:19.0500 4452 SE2Ebus - ok
13:08:19.0534 4452 [ ABFE402BA200E82568A5606719397AFA ] SE2Emdfl C:\Windows\system32\DRIVERS\SE2Emdfl.sys
13:08:19.0561 4452 SE2Emdfl - ok
13:08:19.0579 4452 [ 4ACFE8A2A3C1624964429E83BC7148A4 ] SE2Emdm C:\Windows\system32\DRIVERS\SE2Emdm.sys
13:08:19.0592 4452 SE2Emdm - ok
13:08:19.0607 4452 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:08:19.0664 4452 secdrv - ok
13:08:19.0692 4452 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
13:08:19.0719 4452 seclogon - ok
13:08:19.0752 4452 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
13:08:19.0787 4452 SENS - ok
13:08:19.0827 4452 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
13:08:19.0893 4452 Serenum - ok
13:08:19.0912 4452 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
13:08:19.0977 4452 Serial - ok
13:08:19.0989 4452 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:08:20.0018 4452 sermouse - ok
13:08:20.0095 4452 [ C15B813F2FDB44F87F23312472C6E790 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
13:08:20.0118 4452 ServiceLayer - ok
13:08:20.0159 4452 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
13:08:20.0186 4452 SessionEnv - ok
13:08:20.0200 4452 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:08:20.0220 4452 sffdisk - ok
13:08:20.0249 4452 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:08:20.0284 4452 sffp_mmc - ok
13:08:20.0306 4452 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:08:20.0347 4452 sffp_sd - ok
13:08:20.0385 4452 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:08:20.0446 4452 sfloppy - ok
13:08:20.0507 4452 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:08:20.0538 4452 SharedAccess - ok
13:08:20.0576 4452 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:08:20.0648 4452 ShellHWDetection - ok
13:08:20.0666 4452 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
13:08:20.0679 4452 sisagp - ok
13:08:20.0720 4452 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
13:08:20.0734 4452 SiSRaid2 - ok
13:08:20.0751 4452 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:08:20.0765 4452 SiSRaid4 - ok
13:08:20.0830 4452 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
13:08:20.0843 4452 SkypeUpdate - ok
13:08:21.0140 4452 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
13:08:21.0291 4452 slsvc - ok
13:08:21.0320 4452 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
13:08:21.0358 4452 SLUINotify - ok
13:08:21.0391 4452 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:08:21.0428 4452 Smb - ok
13:08:21.0464 4452 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:08:21.0478 4452 SNMPTRAP - ok
13:08:21.0528 4452 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
13:08:21.0543 4452 spldr - ok
13:08:21.0580 4452 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
13:08:21.0628 4452 Spooler - ok
13:08:21.0680 4452 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\Windows\system32\Drivers\sptd.sys
13:08:21.0740 4452 sptd - ok
13:08:21.0790 4452 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:08:21.0831 4452 srv - ok
13:08:21.0865 4452 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:08:21.0894 4452 srv2 - ok
13:08:21.0915 4452 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:08:21.0944 4452 srvnet - ok
13:08:22.0010 4452 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:08:22.0088 4452 SSDPSRV - ok
13:08:22.0112 4452 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:08:22.0128 4452 SstpSvc - ok
13:08:22.0183 4452 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
13:08:22.0268 4452 stisvc - ok
13:08:22.0301 4452 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:08:22.0315 4452 swenum - ok
13:08:22.0348 4452 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
13:08:22.0433 4452 swprv - ok
13:08:22.0455 4452 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
13:08:22.0469 4452 Symc8xx - ok
13:08:22.0517 4452 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
13:08:22.0528 4452 Sym_hi - ok
13:08:22.0545 4452 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
13:08:22.0557 4452 Sym_u3 - ok
13:08:22.0600 4452 [ 32E8B307F0E9F72B66B518FD62EAB91E ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
13:08:22.0613 4452 SynTP - ok
13:08:22.0666 4452 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
13:08:22.0717 4452 SysMain - ok
13:08:22.0752 4452 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:08:22.0776 4452 TabletInputService - ok
13:08:22.0832 4452 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:08:22.0861 4452 TapiSrv - ok
13:08:22.0888 4452 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
13:08:22.0936 4452 TBS - ok
13:08:22.0988 4452 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:08:23.0064 4452 Tcpip - ok
13:08:23.0093 4452 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
13:08:23.0143 4452 Tcpip6 - ok
13:08:23.0210 4452 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:08:23.0237 4452 tcpipreg - ok
13:08:23.0270 4452 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:08:23.0312 4452 TDPIPE - ok
13:08:23.0331 4452 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:08:23.0357 4452 TDTCP - ok
13:08:23.0398 4452 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:08:23.0418 4452 tdx - ok
13:08:23.0436 4452 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:08:23.0452 4452 TermDD - ok
13:08:23.0508 4452 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
13:08:23.0556 4452 TermService - ok
13:08:23.0589 4452 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
13:08:23.0609 4452 Themes - ok
13:08:23.0627 4452 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
13:08:23.0658 4452 THREADORDER - ok
13:08:23.0694 4452 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
13:08:23.0731 4452 TrkWks - ok
13:08:23.0765 4452 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:08:23.0799 4452 TrustedInstaller - ok
13:08:23.0828 4452 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:08:23.0865 4452 tssecsrv - ok
13:08:23.0882 4452 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
13:08:23.0907 4452 tunmp - ok
13:08:23.0935 4452 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:08:23.0948 4452 tunnel - ok
13:08:23.0973 4452 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:08:23.0987 4452 uagp35 - ok
13:08:24.0006 4452 [ F763E070843EE2803DE1395002B42938 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
13:08:24.0015 4452 UBHelper - ok
13:08:24.0076 4452 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:08:24.0105 4452 udfs - ok
13:08:24.0164 4452 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:08:24.0205 4452 UI0Detect - ok
13:08:24.0239 4452 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:08:24.0253 4452 uliagpkx - ok
13:08:24.0284 4452 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
13:08:24.0303 4452 uliahci - ok
13:08:24.0338 4452 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
13:08:24.0351 4452 UlSata - ok
13:08:24.0371 4452 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
13:08:24.0385 4452 ulsata2 - ok
13:08:24.0409 4452 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:08:24.0480 4452 umbus - ok
13:08:24.0503 4452 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
13:08:24.0567 4452 upnphost - ok
13:08:24.0632 4452 [ 47F5F9D837D80FFD5882A14DB9DA0A67 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
13:08:24.0695 4452 upperdev - ok
13:08:24.0756 4452 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:08:24.0785 4452 usbccgp - ok
13:08:24.0878 4452 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:08:24.0935 4452 usbcir - ok
13:08:24.0965 4452 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:08:25.0013 4452 usbehci - ok
13:08:25.0068 4452 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:08:25.0098 4452 usbhub - ok
13:08:25.0110 4452 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:08:25.0155 4452 usbohci - ok
13:08:25.0181 4452 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:08:25.0214 4452 usbprint - ok
13:08:25.0241 4452 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:08:25.0261 4452 usbscan - ok
13:08:25.0309 4452 [ D575246188F63DE0ACCF6EAC5FB59E6A ] usbser C:\Windows\system32\drivers\usbser.sys
13:08:25.0330 4452 usbser - ok
13:08:25.0384 4452 [ E44F0D17BE0908B58DCC99CCB99C6C32 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
13:08:25.0423 4452 UsbserFilt - ok
13:08:25.0466 4452 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:08:25.0500 4452 USBSTOR - ok
13:08:25.0522 4452 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:08:25.0545 4452 usbuhci - ok
13:08:25.0561 4452 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
13:08:25.0619 4452 usbvideo - ok
13:08:25.0639 4452 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
13:08:25.0704 4452 UxSms - ok
13:08:25.0765 4452 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
13:08:25.0804 4452 vds - ok
13:08:25.0862 4452 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:08:25.0908 4452 vga - ok
13:08:25.0926 4452 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
13:08:25.0966 4452 VgaSave - ok
13:08:25.0986 4452 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
13:08:26.0002 4452 viaagp - ok
13:08:26.0015 4452 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
13:08:26.0041 4452 ViaC7 - ok
13:08:26.0062 4452 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
13:08:26.0075 4452 viaide - ok
13:08:26.0091 4452 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:08:26.0104 4452 volmgr - ok
13:08:26.0129 4452 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:08:26.0150 4452 volmgrx - ok
13:08:26.0164 4452 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:08:26.0183 4452 volsnap - ok
13:08:26.0209 4452 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:08:26.0224 4452 vsmraid - ok
13:08:26.0285 4452 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
13:08:26.0367 4452 VSS - ok
13:08:26.0393 4452 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
13:08:26.0501 4452 W32Time - ok
13:08:26.0554 4452 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:08:26.0598 4452 WacomPen - ok
13:08:26.0626 4452 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
13:08:26.0655 4452 Wanarp - ok
13:08:26.0660 4452 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:08:26.0680 4452 Wanarpv6 - ok
13:08:26.0727 4452 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:08:26.0750 4452 wcncsvc - ok
13:08:26.0800 4452 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:08:26.0830 4452 WcsPlugInService - ok
13:08:26.0846 4452 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
13:08:26.0862 4452 Wd - ok
13:08:26.0903 4452 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:08:26.0940 4452 Wdf01000 - ok
13:08:26.0960 4452 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:08:26.0996 4452 WdiServiceHost - ok
13:08:27.0001 4452 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:08:27.0029 4452 WdiSystemHost - ok
13:08:27.0085 4452 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
13:08:27.0118 4452 WebClient - ok
13:08:27.0174 4452 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:08:27.0214 4452 Wecsvc - ok
13:08:27.0263 4452 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:08:27.0289 4452 wercplsupport - ok
13:08:27.0343 4452 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
13:08:27.0370 4452 WerSvc - ok
13:08:27.0425 4452 [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
13:08:27.0505 4452 winachsf - ok
13:08:27.0598 4452 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
13:08:27.0622 4452 WinDefend - ok
13:08:27.0646 4452 WinHttpAutoProxySvc - ok
13:08:27.0706 4452 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:08:27.0749 4452 Winmgmt - ok
13:08:27.0829 4452 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
13:08:27.0900 4452 WinRM - ok
13:08:27.0970 4452 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:08:28.0010 4452 Wlansvc - ok
13:08:28.0066 4452 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
13:08:28.0146 4452 WmiAcpi - ok
13:08:28.0181 4452 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:08:28.0218 4452 wmiApSrv - ok
13:08:28.0283 4452 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
13:08:28.0366 4452 WMPNetworkSvc - ok
13:08:28.0388 4452 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:08:28.0417 4452 WPCSvc - ok
13:08:28.0448 4452 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:08:28.0484 4452 WPDBusEnum - ok
13:08:28.0516 4452 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
13:08:28.0530 4452 WpdUsb - ok
13:08:28.0668 4452 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:08:28.0694 4452 WPFFontCache_v0400 - ok
13:08:28.0718 4452 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:08:28.0750 4452 ws2ifsl - ok
13:08:28.0777 4452 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
13:08:28.0823 4452 wscsvc - ok
13:08:28.0828 4452 WSearch - ok
13:08:28.0936 4452 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
13:08:29.0032 4452 wuauserv - ok
13:08:29.0098 4452 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:08:29.0127 4452 WudfPf - ok
13:08:29.0158 4452 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:08:29.0198 4452 WUDFRd - ok
13:08:29.0231 4452 [ 2C0206FF8D2C75AC027D1096FA2FAFDA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:08:29.0269 4452 wudfsvc - ok
13:08:29.0311 4452 [ 04E268ADFC81964C49DC0C082D520F7E ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
13:08:29.0363 4452 yukonwlh - ok
13:08:29.0374 4452 ================ Scan global ===============================
13:08:29.0437 4452 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
13:08:29.0474 4452 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
13:08:29.0718 4452 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
13:08:29.0748 4452 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
13:08:29.0752 4452 [Global] - ok
13:08:29.0753 4452 ================ Scan MBR ==================================
13:08:29.0767 4452 [ 6FC6F9186C07BCA94E140F63BFE6E9B4 ] \Device\Harddisk0\DR0
13:08:34.0014 4452 \Device\Harddisk0\DR0 - ok
13:08:34.0014 4452 ================ Scan VBR ==================================
13:08:34.0043 4452 [ 5B3A8956EE1022E75044C159784E19FF ] \Device\Harddisk0\DR0\Partition1
13:08:34.0045 4452 \Device\Harddisk0\DR0\Partition1 - ok
13:08:34.0075 4452 [ 7D9A409FABDEA3848DE8B8542E4A7AA8 ] \Device\Harddisk0\DR0\Partition2
13:08:34.0077 4452 \Device\Harddisk0\DR0\Partition2 - ok
13:08:34.0078 4452 ============================================================
13:08:34.0078 4452 Scan finished
13:08:34.0078 4452 ============================================================
13:08:34.0094 4444 Detected object count: 6
13:08:34.0094 4444 Actual detected object count: 6
13:08:41.0076 4444 ASPI ( UnsignedFile.Multi.Generic ) - skipped by user
13:08:41.0076 4444 ASPI ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:08:41.0079 4444 BUNAgentSvc ( UnsignedFile.Multi.Generic ) - skipped by user
13:08:41.0079 4444 BUNAgentSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:08:41.0081 4444 ETService ( UnsignedFile.Multi.Generic ) - skipped by user
13:08:41.0081 4444 ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:08:41.0084 4444 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
13:08:41.0084 4444 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:08:41.0087 4444 NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - skipped by user
13:08:41.0087 4444 NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:08:41.0089 4444 RS_Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:08:41.0089 4444 RS_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:08:43.0431 4144 Deinitialize success

ist richtig.
autorun aus bitte:
http://www.trojaner-board.de/83238-a...sschalten.html
dann sichere bilder, dokumente, musik, vidios, keine ausführbaren dateien.
wenn fertig, bitte melden

Inwiefern sichern? Ich habe noch eine andere Festplatte, die sich auf dem Lappi befindet ("d). Ist das ausreichend, wenn ich immer "kopieren" klicke und auf "d" speicher?

Der Haken bei Autorun habe ich ausgeschaltet.
Schau dir mal das an.

http://img4.fotos-hochladen.net/uplo...ypmku180ce.jpg

Gerade eben kam diese Meldung.

wenn genug platz auf d: ist dann ja

Ok. Letzte Frage. Die ausfürhbare Dateien kann ich wohl nicht kopieren auf "d"?
Müssen die Ordner (zb "ACER", Boot etc) mit verschoben werden?
Ich fange nun mal an, meinen ganzen Kram rüberzuschieben.

hi
nein du sollst persönliche daten sichern.
keine ausführbaren programme bitte.

Erstmal vielen Dank für deine Geduld und deiner Hilfe.
Also persönliches habe ich nun gesichert und drüben raufgehauen. Ein paar ausführbare Datein von Spielen war schon auf "d" positioniert. Das sollte keine Probleme darstellen, oder?
Denn dann wäre ich jetzt soweit.....oh man, hoffentlich geht alles gut.

ok, dann setze den pc zurück und sichere ihn danach ab:
als antimalware programm würde ich emsisoft empfehlen.
diese haben für mich den besten schutz kostet aber etwas.
http://www.trojaner-board.de/103809-...i-malware.html
testversion:
Meine Antivirus-Empfehlung: Emsisoft Anti-Malware
insbesondere wenn du onlinebanking, einkäufe, sonstige zahlungsabwicklungen oder ähnlich wichtiges, wie zb berufliches machst, also sensible daten zu schützen sind, solltest du in sicherheitssoftware investieren.
vor dem aktivieren der lizenz die 30 tage testzeitraum ausnutzen.

kostenlos, aber eben nicht ganz so gut wäre avast zu empfehlen.
http://www.trojaner-board.de/110895-...antivirus.html

sag mir welches du nutzt, dann gebe ich konfigurationshinweise.
bitte dein bisheriges av deinstalieren
die folgende anleitung ist umfangreich, dass ist mir klar, sie sollte aber umgesetzt werden, da nur dann dein pc sicher ist. stelle so viele fragen wie nötig, ich arbeite gern alles mit dir durch!

http://www.trojaner-board.de/96344-a...-rechners.html
Starte bitte mit der Passage, Windows Vista und Windows 7
Bitte beginne damit, Windows Updates zu instalieren.
Am besten geht dies, wenn du über Start, Suchen gehst, und dort Windows Updates eingibst.
Prüfe unter "Einstellungen ändern" dass folgendes ausgewählt ist:
- Updates automatisch Instalieren,
- Täglich
- Uhrzeit wählen
- Bitte den gesammten rest anhaken, außer:
- detailierte benachichtungen anzeigen, wenn neue Microsoft software verfügbar ist.
Klicke jetzt die Schaltfläche "OK"
Klicke jetzt "nach Updates suchen".
Bitte instaliere zunächst wichtige Updates.
Es wird nötig sein, den PC zwischendurch neu zu starten. falls dies der Fall ist, musst du erneut über Start, Suchen, Windows Update aufrufen, auf Updates suchen klicken und die nächsten instalieren.
Mache das selbe bitte mit den optionalen Updates.
Bitte übernimm den rest so, wie es im Abschnitt windows 7 / Vista zu lesen ist.
aus dem Abschnitt xp, bitte den punkt "datenausführungsverhinderung, dep" übernehmen.
als browser rate ich dir zu chrome:
Installation von Google Chrome für mehrere Nutzerkonten - Google Chrome-Hilfe
anleitung lesen bitte
falls du nen andern nutzen willst, sags mir dann muss ich teile der nun folgenden anleitung

Sandboxie
Die devinition einer Sandbox ist hier nachzulesen:
Sandbox
Kurz gesagt, man kann Programme fast 100 %ig isuliert vom System ausführen.

Der Vorteil liegt klar auf der Hand, wenn über den Browser Schadcode eingeschläust wird, kann dieser nicht nach außen dringen.
Download Link:
Sandboxie Download - Sandboxie 3.74

anleitung:
http://www.trojaner-board.de/71542-a...sandboxie.html
ausführliche anleitung als pdf, auch abarbeiten:
Sandbox Einstellungen |

bitte folgende zusatz konfiguration machen:
sandboxie control öffnen, menü sandbox anklicken, defauldbox wählen.
dort klicke auf sandbox einstellungen.
beschrenkungen, bei programm start und internet zugriff schreibe:
chrome.exe
dann gehe auf anwendungen, webbrowser, chrome.
dort aktiviere alles außer gesammten profil ordner freigeben.
Wie du evtl. schon gesehen hast, kannst du einige Funktionen nicht nutzen.
Dies ist nur in der Vollversion nötig, zu deren Kauf ich dir rate.
Du kannst zb unter "Erzwungene Programmstarts" festlegen, dass alle Browser in der Sandbox starten.
Ansonsten musst du immer auf "Sandboxed webbrowser" klicken bzw Rechtsklick, in Sandboxie starten.
Eine lebenslange Lizenz kostet 30 €, und ist auf allen deinen PC's nutzbar.

Weiter mit:
Maßnahmen für ALLE Windows-Versionen
alles komplett durcharbeiten
anmerkung zu file hippo.
in den settings zusätzlich auswählen:
hide beta updates.
Run updateChecker when Windows starts

Backup Programm:
in meiner Anleitung ist bereits ein Backup Programm verlinkt, als Alternative bietet sich auch das Windows eigene Backup Programm an:
http://www.trojaner-board.de/82962-w...en-backup.html
Dies ist aber leider nur für Windows 7 Nutzer vernünftig nutzbar.
Alle Anderen sollten sich aber auf jeden fall auch ein Backup Programm instalieren, denn dies kann unter Umständen sehr wichtig sein, zum Beispiel, wenn die Festplatte einmal kaputt ist.

Zum Schluss, die allgemeinen sicherheitstipps beachten, wenn es dich betrifft, den Tipp zum Onlinebanking beachten und alle Passwörter ändern
bitte auch lesen, wie mache ich programme für alle sichtbar:
Programme für alle Konten nutzbar machen - PCtipp.ch - Praxis & Hilfe
surfe jetzt also nur noch im standard nutzer konto und dort in der sandbox.
wenn du die kostenlose version nutzt, dann mit klick auf sandboxed web browser, wenn du die bezahlversion hast, kannst du erzwungene programm starts festlegen, dann wird sandboxie immer gestartet wenn du nen browser aufrufst.
wenn du mit der maus über den browser fährst sollte der eingerahmt sein, dann bist du im sandboxed web browser

passwort sicherheit:
jeder dienst benötigt ein eigenes, mindestens 12-stelliges passwort
bei der passwort verwaltung und erstellung hilft roboform
Passwort Manager, Formular Ausfueller, Passwort Management | RoboForm Passwort Manager
anleitung:
RoboForm-Bedienungsanleitung: Passwort-Manager, Verwalten von Passwörtern und persönlichen Daten

Soll ich en zuerst zurücksetzen? Wenn ja, wie? Ich arbeite nähmlich gerade deine genannten Schritte ab und habe noch nichts formatiert.

ne natürlich zu erst zurück setzen alles andere ist ja unlogisch oder...?
neustarten, f9 f10 f11 oder alt +f9 bzw alt +f10, alt+f11 drücken, dann auf werkseinstellungen zurück setzen, danach erst die liste durcharbeiten

Ja sorry.
Ok, und ich komme dann ganz sicher wieder rein in den Lappi?
Na dann gehts los.....

Hallo Marcus,

also ich habe nun "C" zurückgesetzt und möchte gleich deine Liste abarbeiten. Jedoch mußt du mir mal bitte Tipps geben, um das Arbeiten zuerleichtern. Mein Internet lahmt extrem, manchmal hängt es sich auf. Was kann ich tun, um wieder an Normalgeschwindigkeit zugelangen?
Vielen Dank. Ich nutze IE8.

hi
gehe mal auf die seite des laptop herstellers und instaliere alle treiber, beginnend mit chipset.

Hi,

meinst du diesen? hxxp://de.official-drivers.com/installer/?seed=acer&local=de&gclid=CICylZbLrbICFQVf3god9VgA3AHi,

direkt von der acer homepage.

Hallo,

ich habe nun zuerst alle Updates installiert, Avast heruntergeladen, Sandboxie auch. Firewall ist an. Benutzerkontosteuerung NOCH aus, weil ich sonst diverse Sachen (u.a. FM 12) nicht installieren kann.
Kannst du zuerst bitte mal Einstellungstipps von Avast preisgeben? Vielen Dank.

hi, avast kann so bleiben.
eig kann man doch mit aktivierter uac instalieren, mann muss halt nur die abfrage bestätigen.