KNeu2014# | 13.11.2014 15:56 | Code:
can result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2014
Ran by klaus (administrator) on PC-KLAUS on 13-11-2014 15:45:20
Running from C:\Users\klaus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z24WCC9V
Loaded Profile: klaus (Available profiles: admin & klaus & jakob)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Check Point Software Technologies LTD) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
() C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
(Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
() C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
(CyberLink Corp.) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(CyberLink) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Windows\PLFSetI.exe
(Seagate Technology LLC) C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
() C:\Acer\Mobility Center\MobilityService.exe
() C:\Program Files\CDBurnerXP\NMSAccessU.exe
(NewTech InfoSystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
() C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
() C:\Program Files\Cyberlink\Shared files\RichVideo.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe
(AVG Technologies) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
(Check Point Software Technologies, Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(AVG Technologies) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
(Ulead Systems, Inc.) C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
(Ulead Systems, Inc.) C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\CalCheck.exe
(Pinnacle Systems) C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
() C:\Program Files\Winamp\winampa.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Seagate LLC) C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
(Nikon Corporation) C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Check Point Software Technologies LTD) C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Gemalto N.V.) C:\Users\klaus\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\AcerVCM.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor Corp.) C:\Users\klaus\AppData\Local\Temp\RtkBtMnt.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Acer Inc.) C:\Program Files\Acer\Acer VCM\acp2HID.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(AVG Technologies) C:\Program Files\AVG\AVG PC TuneUp\OneClickStarter.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1037608 2008-02-22] (Synaptics, Inc.)
HKLM\...\Run: [BkupTray] => C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [34040 2008-04-06] ()
HKLM\...\Run: [ArcadeDeluxeAgent] => C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [147456 2008-04-10] (CyberLink Corp.)
HKLM\...\Run: [CLMLServer] => C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [167936 2008-04-10] (CyberLink)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6139904 2008-05-08] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-11-21] (Realtek Semiconductor Corp.)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2007-10-23] ()
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [809480 2008-07-25] (Dritek System Inc.)
HKLM\...\Run: [eDataSecurity Loader] => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [526896 2008-05-14] (Egis Incorporated)
HKLM\...\Run: [ePower_DMC] => C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [397312 2008-04-30] (Acer Inc.)
HKLM\...\Run: [WarReg_PopUp] => C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [303104 2008-01-29] (Acer Incorporated)
HKLM\...\Run: [Ulead AutoDetector] => C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe [45056 2003-11-19] (Ulead Systems, Inc.)
HKLM\...\Run: [Ulead Photo Express 5 SE Calendar Checker] => C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe [69632 2004-01-12] (Ulead Systems, Inc.)
HKLM\...\Run: [PinnacleDriverCheck] => C:\Windows\system32\PSDrvCheck.exe [406016 2004-03-10] ()
HKLM\...\Run: [USB2Check] => RUNDLL32.EXE "C:\Windows\system32\PCLECoInst.dll",CheckUSBController
HKLM\...\Run: [USBToolTip] => C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe [192512 2004-04-23] (Pinnacle Systems)
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [36352 2008-08-04] ()
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdc.exe [563080 2007-01-24] (Microsoft Corporation)
HKLM\...\Run: [ScheduleSync.Siemens.SmartSync.5.2.exe] => C:\Program Files\Mobile Phone Manager\SmartSync\ScheduleSync.exe [45056 2004-06-21] ()
HKLM\...\Run: [MaxMenuMgr] => C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [185640 2009-09-25] (Seagate LLC)
HKLM\...\Run: [Nikon Transfer Monitor] => C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe [479232 2009-09-15] (Nikon Corporation)
HKLM\...\Run: [ZoneAlarm] => C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [73832 2013-10-25] (Check Point Software Technologies LTD)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3649040 2014-10-16] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-716381979-3132375173-1517245798-1001\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-716381979-3132375173-1517245798-1001\...\Run: [ALBATTTOOL] => C:\Program Files\AkkuLine.de\AkkuLine Batterie-Tool\AL-Batterie-Tool.exe
HKU\S-1-5-21-716381979-3132375173-1517245798-1001\...\Run: [Orb] => C:\Program Files\Winamp Remote\bin\OrbTray.exe [507904 2008-04-01] (Orb Networks)
HKU\S-1-5-21-716381979-3132375173-1517245798-1001\...\Run: [EA Core] => "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-716381979-3132375173-1517245798-1001\...\Run: [SanDiskSecureAccess_Manager.exe] => C:\Users\klaus\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe [30705792 2012-07-09] (Gemalto N.V.)
HKU\S-1-5-21-716381979-3132375173-1517245798-1001\...\Run: [Google Update**.d<*>] => "C:\Users\klaus\AppData\Local\Google\Desktop\Install\{cced714b-348e-29ba-f6a1-1cacf2a4ea0f}\d'x"Ù"\", &h#\. ùû[\{cced714b-348e-29ba-f6a1-1cacf2a4ea0f}\GoogleUpdate.exe" > <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-716381979-3132375173-1517245798-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-716381979-3132375173-1517245798-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-716381979-3132375173-1517245798-1001\...\MountPoints2: {0ffa6dbe-a450-11dd-ba76-806e6f6e6963} - E:\start.exe /auto
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
ShortcutTarget: Acer VCM.lnk -> C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (No File)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1008&m=aspire_5730
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1008&m=aspire_5730
URLSearchHook: HKLM - Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
URLSearchHook: HKLM - Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
URLSearchHook: HKCU - Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
URLSearchHook: HKCU - Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
URLSearchHook: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
SearchScopes: HKLM - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1351351
SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1351351
SearchScopes: HKLM - {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
SearchScopes: HKCU - {31CF9EBE-5755-4a1d-AC25-2834D952D9B4} URL = hxxp://search.pdfcreator-toolbar.org/search?p=Q&ts=ne&w={searchTerms}&csrc=search-field
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE299DE300
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1351351
SearchScopes: HKCU - {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
BHO: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Winamp Toolbar Loader -> {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} -> C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
BHO: Zonealarm Helper Object -> {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} -> C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll (Check Point Software Technologies LTD)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ShowBarObj Class -> {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} -> C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
BHO: Softonic Deutsch Toolbar -> {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} -> C:\Program Files\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
BHO: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
Toolbar: HKLM - Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
Toolbar: HKLM - Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll (Check Point Software Technologies LTD)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/F/D/9/FD9E437D-5BC8-4264-A093-DFA2C39D197E/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
Handler: haufereader - No CLSID Value -
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fj408btt.default
FF SelectedSearchEngine: Claro Search
FF Homepage: hxxp://www.t-online.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.13.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF user.js: detected! => C:\Users\klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fj408btt.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: Toolbar fuer eBay - C:\Program Files\Mozilla Firefox\extensions\ebay.xpi [2008-09-09]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-22]
Chrome:
=======
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3487248 2014-10-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [298080 2014-10-16] (AVG Technologies CZ, s.r.o.)
R2 BUNAgentSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [16384 2008-03-03] (NewTech Infosystems, Inc.) [File not signed]
R2 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [81504 2008-01-16] () [File not signed]
R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-03-21] () [File not signed]
R2 FreeAgentGoNext Service; C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe [189736 2009-09-25] (Seagate Technology LLC)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R3 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-12-06] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed]
R2 NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2009-11-12] ()
R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072 2008-04-04] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files\Cyberlink\Shared files\RichVideo.exe [272024 2007-01-09] ()
R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [233472 2008-01-10] (Acer Incorporated) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2166584 2014-10-17] (AVG Technologies)
R2 vsmon; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2445816 2013-10-25] (Check Point Software Technologies LTD)
S2 Winmgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
R2 ZAPrivacyService; C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [50704 2013-10-15] (Check Point Software Technologies, Ltd.)
S2 *etadpug; "C:\Program Files\Google\Desktop\Install\{cced714b-348e-29ba-f6a1-1cacf2a4ea0f}\ \...\???\{cced714b-348e-29ba-f6a1-1cacf2a4ea0f}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 ASAPIW2k; C:\Windows\System32\drivers\ASAPIW2k.sys [11264 2004-03-10] (Pinnacle Systems GmbH) [File not signed]
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [213272 2014-10-07] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [200984 2014-10-10] (AVG Technologies CZ, s.r.o.)
S3 DCamUSBEMPIA; C:\Windows\System32\DRIVERS\emDevice.sys [100957 2004-04-06] (eMPIA Technology, Inc.)
S3 FiltUSBEMPIA; C:\Windows\System32\DRIVERS\emFilter.sys [5245 2004-04-06] (eMPIA Technology, Inc.)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [136024 2012-11-15] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [589144 2013-02-21] (Kaspersky Lab)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2014-11-13] (Malwarebytes Corporation)
R2 NTIPPKernel; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [122368 2008-01-16] (Cyberlink Corp.) [File not signed]
R1 PCLEPCI; C:\Windows\system32\drivers\pclepci.sys [14165 2004-07-16] (Pinnacle Systems GmbH) [File not signed]
S3 ScanUSBEMPIA; C:\Windows\System32\DRIVERS\emScan.sys [4493 2004-04-06] (eMPIA Technology, Inc.)
S3 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [7168 2009-11-12] () [File not signed]
R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2014-09-09] (TuneUp Software)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [452120 2013-06-13] (Check Point Software Technologies LTD)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [61424 2008-04-18] (Cyberlink Corp.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [75608 2013-02-21] (Kaspersky Lab)
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-13 15:42 - 2014-11-13 15:45 - 00000000 ____D () C:\FRST
2014-11-13 14:27 - 2014-11-13 14:27 - 00000000 ____D () C:\MGADiagToolOutput
2014-11-13 14:19 - 2014-11-13 14:19 - 00000000 ____D () C:\ProgramData\Office Genuine Advantage
2014-11-13 14:17 - 2003-03-25 06:00 - 00009216 _____ (Microsoft Corporation) C:\Windows\proxycfg.exe
2014-11-13 14:12 - 2014-11-13 14:12 - 00000130 _____ () C:\Descriptors.txt
2014-11-13 13:32 - 2014-11-13 13:32 - 00000000 ____D () C:\Users\klaus\AppData\Roaming\AVG
2014-11-13 13:10 - 2014-11-13 13:10 - 00000000 ____D () C:\Users\klaus\AppData\Local\Avg
2014-11-13 12:34 - 2014-11-13 12:34 - 00000326 _____ () C:\Windows\Tasks\1114avtUpdateInfo.job
2014-11-13 12:34 - 2014-11-13 12:34 - 00000000 ____D () C:\ProgramData\Avg_Update_1114avt
2014-11-07 17:23 - 2014-11-07 17:23 - 00001897 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk
2014-11-07 17:23 - 2014-11-07 17:23 - 00001889 _____ () C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk
2014-11-07 17:23 - 2014-11-07 17:23 - 00001885 _____ () C:\Users\Public\Desktop\AVG PC TuneUp 2015.lnk
2014-11-07 17:23 - 2014-11-07 17:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015
2014-11-07 17:23 - 2014-10-17 12:34 - 00036152 _____ (AVG Technologies) C:\Windows\system32\TURegOpt.exe
2014-11-07 17:23 - 2014-10-17 12:34 - 00025400 _____ (AVG Technologies) C:\Windows\system32\authuitu.dll
2014-11-07 17:19 - 2014-11-07 17:19 - 00000000 ____D () C:\Users\admin\AppData\Roaming\AVG
2014-11-07 17:13 - 2014-11-07 17:13 - 00000000 ____D () C:\Users\admin\AppData\Local\Avg
2014-11-07 17:10 - 2014-11-07 16:59 - 90754872 _____ (AVG Technologies) C:\Users\admin\Downloads\avg_tuh_stf_all_2015_185_24c4.exe
2014-11-07 16:59 - 2014-11-07 17:24 - 00000000 ____D () C:\ProgramData\AVG
2014-11-07 16:52 - 2014-11-07 16:59 - 90754872 _____ (AVG Technologies) C:\Users\klaus\Downloads\avg_tuh_stf_all_2015_185_24c4.exe
2014-11-07 16:48 - 2014-11-07 16:48 - 00000000 ____D () C:\Users\klaus\AppData\Roaming\TuneUp Software
2014-11-07 16:43 - 2014-11-07 16:43 - 00000000 ____D () C:\Users\klaus\AppData\Roaming\AVG2015
2014-11-07 16:41 - 2014-11-13 15:08 - 00000000 ____D () C:\Users\klaus\AppData\Local\Avg2015
2014-11-07 16:37 - 2014-11-07 16:37 - 00000000 ____D () C:\Users\admin\AppData\Roaming\AVG2015
2014-11-07 16:36 - 2014-11-07 16:36 - 00000862 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2014-11-07 16:36 - 2014-11-07 16:36 - 00000000 ____D () C:\Users\admin\AppData\Roaming\TuneUp Software
2014-11-07 16:36 - 2014-11-07 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-11-07 16:35 - 2014-11-07 16:36 - 00000000 ____D () C:\ProgramData\AVG2015
2014-11-07 16:35 - 2014-11-07 16:35 - 00000000 ___HD () C:\$AVG
2014-11-07 16:33 - 2014-11-07 17:16 - 00000000 ____D () C:\Program Files\AVG
2014-11-07 16:27 - 2014-11-13 15:27 - 00000000 ____D () C:\ProgramData\MFAData
2014-11-07 16:27 - 2014-11-07 20:26 - 00000000 ____D () C:\Users\admin\AppData\Local\Avg2015
2014-11-07 16:27 - 2014-11-07 16:27 - 04578024 _____ (AVG Technologies) C:\Users\admin\Downloads\avg_avct_stb_all_2015_5315_ppc17.exe
2014-11-07 16:27 - 2014-11-07 16:27 - 00000000 ____D () C:\Users\admin\AppData\Local\MFAData
2014-11-07 16:19 - 2014-11-07 16:19 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-07 16:18 - 2014-11-07 16:41 - 00000000 ____D () C:\OETemp
2014-11-07 16:18 - 2014-11-07 16:20 - 04583464 _____ (Avira Operations GmbH & Co. KG) C:\Users\klaus\Downloads\avira_de_av___ws.exe
2014-10-21 07:38 - 2014-09-16 17:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-13 15:45 - 2013-09-25 09:14 - 01801184 _____ () C:\Windows\WindowsUpdate.log
2014-11-13 15:13 - 2014-08-11 11:33 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-13 14:36 - 2008-05-07 19:04 - 00000147 _____ () C:\Windows\system32\agent.log
2014-11-13 14:36 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-13 14:36 - 2006-11-02 13:47 - 00003344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-13 14:36 - 2006-11-02 13:47 - 00003344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-13 14:35 - 2013-09-27 05:57 - 00709826 _____ () C:\Windows\PFRO.log
2014-11-13 14:30 - 2009-02-04 09:48 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-11-13 14:30 - 2006-11-02 14:01 - 00032530 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-13 13:14 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\rescache
2014-11-13 13:11 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-11-13 12:52 - 2006-11-02 13:47 - 00427112 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 12:49 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-11-07 17:46 - 2009-01-12 21:12 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-07 17:42 - 2011-11-05 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-11-07 17:42 - 2008-05-07 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GameZone
2014-11-07 17:40 - 2008-10-31 09:15 - 00000000 ____D () C:\Users\admin\AppData\Local\Microsoft Help
2014-11-07 17:38 - 2010-02-11 14:46 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Skype
2014-11-07 17:38 - 2009-01-12 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-11-07 17:38 - 2008-11-26 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Studio 9 QuickStart
2014-11-07 17:38 - 2008-05-07 18:51 - 00000000 ____D () C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
2014-11-07 17:33 - 2008-12-02 11:11 - 00000826 _____ () C:\Users\admin\Desktop\pwsafe.lnk
2014-11-07 17:33 - 2008-11-21 09:47 - 00000657 _____ () C:\Users\admin\Desktop\Microsoft Rechner-Plus.lnk
2014-11-07 16:26 - 2013-10-11 11:35 - 00000000 ____D () C:\Users\admin\AppData\Local\DoNotTrackPlus
2014-11-07 16:23 - 2011-11-22 07:59 - 00000000 ____D () C:\Users\admin\AppData\Local\CrashDumps
2014-11-07 16:20 - 2011-10-24 12:27 - 00000000 ____D () C:\Users\klaus\AppData\Local\CrashDumps
2014-11-07 16:19 - 2012-03-28 09:49 - 00000000 ____D () C:\ProgramData\Avira
2014-11-04 15:46 - 2013-10-11 16:44 - 00001822 _____ () C:\Users\klaus\Desktop\Entfernen des Avira EU-Cleaners.lnk
2014-11-04 15:46 - 2013-10-11 16:44 - 00001766 _____ () C:\Users\klaus\Desktop\Avira EU-Cleaner.lnk
2014-11-04 15:38 - 2012-10-24 10:32 - 00000000 ____D () C:\Program Files\Claro LTD
2014-11-04 15:09 - 2014-08-11 11:33 - 00000903 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-04 15:09 - 2014-08-11 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-04 15:09 - 2014-08-11 11:32 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-10-21 08:34 - 2008-05-07 18:46 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-21 08:22 - 2013-08-14 16:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-21 07:40 - 2006-11-02 11:24 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
ZeroAccess:
C:\Users\klaus\AppData\Local\Google\Desktop\Install
ZeroAccess:
C:\Program Files\Google\Desktop\Install
Some content of TEMP:
====================
C:\Users\admin\AppData\Local\Temp\RtkBtMnt.exe
C:\Users\jakob\AppData\Local\Temp\AskSLib.dll
C:\Users\jakob\AppData\Local\Temp\RtkBtMnt.exe
C:\Users\klaus\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\klaus\AppData\Local\Temp\RtkBtMnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-13 14:41
==================== End Of Log ============================ |