Hallo,

ich bräuchte dringend Hilfe. Ich hab vor 3 Wochen Probleme mit meinen PC (habe Windows Vista), das System ist immer wieder eingefroren einfach so. Dann stellte ich fest, dass ein Account von mir gehackt wurde. Nach mehreren Virenscans (habe Microsoft Forefont) habe ich 10 Trojaner gefunden und sie gelöscht und als Verstärkung habe ich mir den Microsaoft Safety Scanner gedownloadet. PC ging danach wieder, dachte alles ist wieder in Ordnung. Nun mein Problem ich habe in unregelmäßigen Abständen immer wieder den gleichen Virusbefall.
Es handelt sich um folgende Viren wobei sich immer die hintere Zahl ändert.

Exploit:Java/Blacole.FE
Exploit:Java/CVE-2010-0840.QI
Exploit:Java/CVE-2012-0507.R
Exploit:Java/CVE-2011-3544.CU
Exploit:Java/CVE-2012-0507.R!ld

Bitte kann mir wer helfen, weiß nicht mehr weiter.

Danke im voraus
maxwell88

Zitat:

Bitte kann mir wer helfen, weiß nicht mehr weiter.

Ohne die Logs der Virenscanner wird das hier nichts.
Alles muss hier gepostet werden.

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code: Alles auswählenAufklappen

ATTFilter

 hier steht das Log
         

Danke, für die schnelle Antwort. Leider weiß ich ned wie ich Logs von meinen Virus scann mache. Kannst mir da helfen?

Zitat:

Zitat von cosinus

Ohne die Logs der Virenscanner wird das hier nichts.
Alles muss hier gepostet werden.

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code: Alles auswählenAufklappen

ATTFilter

 hier steht das Log
         

Hallo, so habs geschafft eine Logfile zu erstellen. Ich hoff das ist richtig so. Was sagst dazu?

mfg
maxwell88

OTL Logfile:

Code: Alles auswählenAufklappen

ATTFilter

OTL logfile created on: 17.04.2012 17:25:51 - Run 1
OTL by OldTimer - Version 3.2.39.2     Folder = C:\Users\xxx\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 0,98 Gb Available Physical Memory | 32,69% Memory free
6,22 Gb Paging File | 4,09 Gb Available in Paging File | 65,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 290,83 Gb Total Space | 131,15 Gb Free Space | 45,09% Space Free | Partition Type: NTFS
Drive D: | 290,69 Gb Total Space | 198,72 Gb Free Space | 68,36% Space Free | Partition Type: NTFS
 
Computer Name: xxx-PC | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.04.17 17:24:36 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
PRC - [2012.04.17 13:55:45 | 073,073,656 | ---- | M] (Microsoft Corporation) -- C:\Users\xxx\Desktop\msert.exe
PRC - [2012.03.19 13:58:54 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.03.13 06:37:52 | 003,331,872 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\xxx\AppData\Local\Akamai\netsession_win.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.11.22 19:16:18 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Real\RealPlayer\Update\realsched.exe
PRC - [2011.02.25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.02.02 12:23:08 | 001,033,600 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Forefront\Client Security\Client\Antimalware\MSASCui.exe
PRC - [2011.01.08 18:06:56 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Forefront\Client Security\Client\Antimalware\MsMpEng.exe
PRC - [2010.10.27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010.08.25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010.06.22 14:22:52 | 000,138,752 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2010.06.14 15:07:14 | 000,615,936 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010.06.09 01:47:48 | 001,531,904 | ---- | M] (Nokia) -- C:\Programme\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010.04.16 23:12:28 | 003,872,080 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Live\Messenger\msnmsgr.exe
PRC - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009.10.27 10:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009.04.11 08:28:06 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\ink\TabTip.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.12.11 11:12:00 | 000,159,528 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\WTablet\Pen_TabletUser.exe
PRC - [2008.12.11 11:11:30 | 002,749,736 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\Pen_Tablet.exe
PRC - [2008.05.20 17:50:50 | 000,269,448 | ---- | M] (CyberLink) -- C:\Programme\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
PRC - [2008.03.26 07:21:30 | 005,369,856 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.03.05 00:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008.03.05 00:38:28 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.21 04:25:32 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\ink\InputPersonalization.exe
PRC - [2008.01.09 19:43:28 | 000,323,584 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
PRC - [2008.01.09 19:43:26 | 000,326,176 | ---- | M] () -- C:\Acer\Empowering Technology\SysMonitor.exe
PRC - [2007.12.19 19:09:22 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2007.10.17 11:38:20 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
PRC - [2007.09.10 16:28:18 | 000,057,344 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007.09.06 13:02:04 | 000,393,216 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.04.15 00:56:08 | 008,797,344 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_233.dll
MOD - [2012.04.12 12:45:57 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\86f6e2383ca898849c321080b32b66f8\System.ServiceProcess.ni.dll
MOD - [2012.04.12 12:45:56 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\48302596a8c8f2ab396b3be518dbd800\System.Web.ni.dll
MOD - [2012.04.12 12:21:10 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\09b9cd1c630210237b5b46d9943e1946\System.Windows.Forms.ni.dll
MOD - [2012.04.12 12:21:00 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\61759b9905aed9a87347d04b5fad046b\System.Drawing.ni.dll
MOD - [2012.03.19 13:58:53 | 001,969,080 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.02.16 18:09:10 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\8b5f54e3b382fc1720c76557ef8c8bc3\System.Management.ni.dll
MOD - [2012.02.16 18:08:54 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5c3bfd69e0c268baff0d169e11a6a784\System.Runtime.Remoting.ni.dll
MOD - [2012.02.16 18:08:39 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7fd6c62196829d1e2dce5a253145d51a\System.Configuration.ni.dll
MOD - [2012.02.16 17:55:13 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d9f0f1dc8cbdb81f1ba122d77a6ab710\System.Xml.ni.dll
MOD - [2012.02.16 17:53:47 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c50133cb67d7c013fa31e1ffb942060b\System.ni.dll
MOD - [2011.10.16 12:19:48 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\bcb66dbad2b45d05235b37a02f737eb5\Accessibility.ni.dll
MOD - [2011.10.15 12:06:07 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2009.09.04 23:15:06 | 000,067,872 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009.03.30 06:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.03.30 06:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.02.02 15:11:40 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HydraVision.Wizard\2.0.3300.40238__90ba9c70f846762e\CLI.Aspect.HydraVision.Wizard.dll
MOD - [2009.02.02 15:11:40 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3300.40230__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2009.02.02 15:11:40 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3300.40229__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2009.02.02 15:11:40 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3300.40235__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2009.02.02 15:11:40 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3300.40230__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2009.02.02 15:11:39 | 001,691,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3300.40123__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2009.02.02 15:11:39 | 000,466,944 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3300.40212__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2009.02.02 15:11:39 | 000,286,720 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3300.40106__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2009.02.02 15:11:39 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3300.40125__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2009.02.02 15:11:39 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3300.40213__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2009.02.02 15:11:39 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3300.40173__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2009.02.02 15:11:39 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3300.40188__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2009.02.02 15:11:39 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3300.40113__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2009.02.02 15:11:39 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3300.40166__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2009.02.02 15:11:39 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3300.40120__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2009.02.02 15:11:39 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3300.40150__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2009.02.02 15:11:39 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3300.40114__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2009.02.02 15:11:38 | 000,671,744 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3300.40228__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
MOD - [2009.02.02 15:11:38 | 000,376,832 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3300.40172__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2009.02.02 15:11:38 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3300.40228__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll
MOD - [2009.02.02 15:11:38 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3300.40171__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2009.02.02 15:11:38 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3300.40210__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2009.02.02 15:11:37 | 000,811,008 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3300.40153__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2009.02.02 15:11:37 | 000,712,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3300.40115__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2009.02.02 15:11:37 | 000,589,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3300.40126__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2009.02.02 15:11:37 | 000,450,560 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3300.40146__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2009.02.02 15:11:37 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3300.40151__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2009.02.02 15:11:37 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3300.40182__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2009.02.02 15:11:37 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3300.40125__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2009.02.02 15:11:37 | 000,126,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3300.40163__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2009.02.02 15:11:37 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3300.40152__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2009.02.02 15:11:37 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3300.40150__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2009.02.02 15:11:37 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3300.40129__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2009.02.02 15:11:37 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3300.40162__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2009.02.02 15:11:37 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3300.40164__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2009.02.02 15:11:36 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3300.40151__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2009.02.02 15:11:36 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3246.34290__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2009.02.02 15:11:35 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3246.34233__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2009.02.02 15:11:35 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3246.34194__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2009.02.02 15:11:35 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3246.34445__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2009.02.02 15:11:35 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3246.34278__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2009.02.02 15:11:35 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3246.34443__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2009.02.02 15:11:35 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2009.02.02 15:11:34 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2009.02.02 15:11:34 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3246.34138__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2009.02.02 15:11:34 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3246.34145__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2009.02.02 15:11:34 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3246.34574__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2009.02.02 15:11:34 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3246.34297__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2009.02.02 15:11:34 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll
MOD - [2009.02.02 15:11:34 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3246.34264__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2009.02.02 15:11:34 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3246.34295__90ba9c70f846762e\DEM.OS.dll
MOD - [2009.02.02 15:11:34 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2009.02.02 15:11:34 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3246.34300__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2009.02.02 15:11:34 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2009.02.02 15:11:33 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3246.34155__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2009.02.02 15:11:33 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3246.34242__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2009.02.02 15:11:33 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3246.34459__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll
MOD - [2009.02.02 15:11:33 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3246.34337__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2009.02.02 15:11:33 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3246.34346__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2009.02.02 15:11:33 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3246.34407__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2009.02.02 15:11:33 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3246.34401__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2009.02.02 15:11:33 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3246.34251__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2009.02.02 15:11:33 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3246.34236__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2009.02.02 15:11:33 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3246.34198__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2009.02.02 15:11:33 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3246.34229__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2009.02.02 15:11:33 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3246.34316__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2009.02.02 15:11:33 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3246.34304__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2009.02.02 15:11:32 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3246.34350__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2009.02.02 15:11:32 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3246.34335__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2009.02.02 15:11:32 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3246.34333__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2009.02.02 15:11:32 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3300.40222__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2009.02.02 15:11:32 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3246.34345__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2009.02.02 15:11:32 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3246.34279__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2009.02.02 15:11:32 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3246.34319__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2009.02.02 15:11:32 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3246.34305__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2009.02.02 15:11:32 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3246.34282__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2009.02.02 15:11:32 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3246.34340__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2009.02.02 15:11:32 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2009.02.02 15:11:32 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3246.34307__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2009.02.02 15:11:32 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3246.34274__90ba9c70f846762e\APM.Foundation.dll
MOD - [2009.02.02 15:11:32 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3246.34235__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2009.02.02 15:11:32 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3300.40231__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2009.02.02 15:11:32 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3300.40101__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009.02.02 15:11:31 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3300.40119__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2009.02.02 15:11:31 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3300.40205__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2009.02.02 15:11:31 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3300.40203__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2009.02.02 15:11:31 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3246.34183__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2009.02.02 15:11:31 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3246.34205__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2009.02.02 15:11:31 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3246.34258__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2009.02.02 15:11:31 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3246.34292__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2009.02.02 15:11:31 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3246.34174__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2009.02.02 15:11:31 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2009.02.02 15:11:31 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2009.02.02 15:11:30 | 001,077,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3300.40110__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2009.02.02 15:11:30 | 000,540,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3300.40197__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2009.02.02 15:11:30 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3300.40103__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2009.02.02 15:11:30 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3300.40105__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2009.02.02 15:11:30 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3246.34261__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2009.02.02 15:11:30 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3246.34289__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2009.02.02 15:11:29 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3300.40104__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2009.02.02 15:11:29 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3300.40103__90ba9c70f846762e\APM.Server.dll
MOD - [2009.02.02 15:11:29 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3300.40102__90ba9c70f846762e\AEM.Server.dll
MOD - [2009.02.02 15:11:29 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3246.34227__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2009.02.02 15:11:29 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009.02.02 15:11:29 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3300.40205__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2009.02.02 15:11:29 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3246.34356__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2009.01.14 07:02:07 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008.10.30 15:39:12 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2008.09.16 21:18:06 | 000,132,608 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2008.03.05 00:38:16 | 000,227,888 | ---- | M] () -- C:\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll
MOD - [2008.01.09 19:43:26 | 000,326,176 | ---- | M] () -- C:\Acer\Empowering Technology\SysMonitor.exe
MOD - [2008.01.09 19:43:12 | 000,057,344 | ---- | M] () -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.DialogManager.dll
MOD - [2008.01.09 19:42:54 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.PasswordSetting.dll
MOD - [2007.12.19 19:09:40 | 000,003,584 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\de\eSettings.Plugin.resources.dll
MOD - [2007.12.19 19:09:38 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\eSettings.Plugin.dll
MOD - [2007.12.19 19:08:56 | 000,010,752 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\de\eSettings.Presenter.resources.dll
MOD - [2007.12.19 19:08:54 | 000,155,648 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\eSettings.Presenter.dll
MOD - [2007.12.19 19:08:28 | 003,420,160 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\eSettings.View.dll
MOD - [2007.12.19 19:08:10 | 000,032,768 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings.Model.ComputerInterfaces.dll
MOD - [2007.10.17 11:38:22 | 000,003,584 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\de\ePerformance.Plugin.resources.dll
MOD - [2007.10.17 11:38:20 | 000,045,056 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Plugin.dll
MOD - [2007.10.17 11:38:00 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Model.dll
MOD - [2007.10.17 11:38:00 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Presenter.dll
MOD - [2007.10.17 11:37:58 | 000,040,960 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Library.dll
MOD - [2007.10.17 10:55:10 | 000,020,480 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Model.Interface.dll
MOD - [2007.10.17 10:55:10 | 000,016,384 | ---- | M] () -- C:\Acer\Empowering Technology\MemCheck.Interface.dll
MOD - [2007.02.13 07:26:30 | 000,016,384 | ---- | M] () -- C:\Acer\Empowering Technology\eRecovery\ServiceInterface.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.04.15 00:56:09 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.03.27 19:09:30 | 003,417,376 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_6c825ce.dll -- (Akamai)
SRV - [2012.02.29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.02.28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Programme\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.02.25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011.01.08 18:06:56 | 000,016,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Forefront\Client Security\Client\Antimalware\MsMpEng.exe -- (FCSAM)
SRV - [2010.06.14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.01.12 20:38:36 | 000,077,944 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Programme\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2008.12.11 11:11:30 | 002,749,736 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Windows\System32\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2008.05.20 17:50:50 | 000,269,448 | ---- | M] (CyberLink) [Auto | Running] -- C:\Programme\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)
SRV - [2008.03.05 00:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.12.19 19:09:22 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007.10.17 11:38:20 | 000,028,672 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2007.09.10 16:28:18 | 000,057,344 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva370.sys -- (XDva370)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva289.sys -- (XDva289)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\WG111Tv.sys -- (WG111T)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - [2010.02.26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.02.26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.02.26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.11.12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009.06.26 22:55:12 | 000,066,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009.01.14 09:15:40 | 004,235,776 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.10.06 11:53:24 | 000,015,656 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.08.18 15:45:00 | 000,013,352 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2008.05.06 09:53:20 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008.05.06 09:53:20 | 000,132,128 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2007.12.21 17:51:08 | 007,629,632 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007.11.18 03:39:50 | 001,040,544 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007.11.06 10:30:48 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\zntport.sys -- (zntport)
DRV - [2007.11.06 10:30:46 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TVicPort.sys -- (tvicport)
DRV - [2007.07.07 15:13:10 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007.07.03 04:05:20 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - [2007.02.16 11:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2007.02.15 16:11:28 | 000,011,440 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WacomVKHid.sys -- (WacomVKHid)
DRV - [2006.11.16 15:36:28 | 000,020,480 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DNISP50.sys -- (DNISp50)
DRV - [2006.11.16 15:36:18 | 000,021,504 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DNIMP50.sys -- (DNIMp50)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0c07&s=1&o=vp32&d=0109&m=aspire_m3641
IE - HKLM\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2206084
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0c07&s=1&o=vp32&d=0109&m=aspire_m3641
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?FORM=IEFM1&q={searchTerms}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2206084
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "Softonic Deutsch FF Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2206084&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://yahoo.de/"
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.7
FF - prefs.js..extensions.enabledItems: {9d81af43-de53-48d0-a199-42c2a226b24c}:3.8.0.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..network.proxy.http: "74.86.121.230"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.no_proxies_on: "*.local,127.0.0.1:9421,"
FF - prefs.js..network.proxy.ssl: "66.229.205.251"
FF - prefs.js..network.proxy.ssl_port: 9090
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@logitech.com/HarmonyRemote,version=1.0.0: C:\Program Files\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\xxx\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\xxx\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\xxx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}: C:\Program Files\ArcSoft\Media Converter for Philips\Internet Video Downloader\Plugin_FireFox [2010.05.11 15:40:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010.07.25 21:44:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.08.06 11:28:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.04.05 19:40:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.03.19 13:58:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.12 00:37:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.08.06 11:28:46 | 000,000,000 | ---D | M]
 
[2009.05.27 20:40:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Extensions
[2012.03.06 16:40:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\jebo5yec.default\extensions
[2010.08.16 13:23:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\jebo5yec.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.03.06 16:40:51 | 000,000,000 | ---D | M] (Softonic Deutsch FF Community Toolbar) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\jebo5yec.default\extensions\{9d81af43-de53-48d0-a199-42c2a226b24c}
[2010.05.14 12:12:49 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\jebo5yec.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.03.02 13:51:22 | 000,000,000 | ---D | M] (German Dictionary, extended for Austria) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\jebo5yec.default\extensions\de-AT@dictionaries.addons.mozilla.org
[2012.03.19 13:58:59 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.04.16 22:11:02 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.03.19 13:58:54 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.03.02 16:30:12 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.02.16 20:31:36 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.16 20:31:36 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.02.16 20:31:36 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.16 20:31:36 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.16 20:31:36 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.16 20:31:36 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\xxx\AppData\Local\Google\Chrome\Application\18.0.1025.142\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\xxx\AppData\Local\Google\Chrome\Application\18.0.1025.142\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\xxx\AppData\Local\Google\Chrome\Application\18.0.1025.142\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Harmony Firefox Plugin (Enabled) = C:\Program Files\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\xxx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\xxx\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Skype Click to Call = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (IEPlugin Class) - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\Programme\ArcSoft\Media Converter for Philips\Internet Video Downloader\ArcURLRecord.dll (ArcSoft, Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Softonic Deutsch FF Toolbar) - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Softonic Deutsch FF Toolbar) - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic Deutsch FF Toolbar) - {9D81AF43-DE53-48D0-A199-42C2A226B24C} - C:\Programme\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe ()
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apanel] C:\ACERSW\config\SetApanel.cmd File not found
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKLM..\Run: [Microsoft Forefront Client Security Antimalware Service] C:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Programme\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\xxx\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKCU..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.)
O4 - HKCU..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"  /MINIMIZED File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Users\xxx\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\xxx\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: pokemon-gl.com ([de] https in Vertrauenswürdige Sites)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1288993282860 (MUCatalogWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2FC76DB2-719C-4570-9177-8E5A30E0FE49}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\xxx\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\xxx\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{99220827-1bd9-11e0-9319-0021856e3d39}\Shell\AutoRun\command - "" = WDSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.04.17 17:24:31 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
[2012.04.17 13:52:03 | 073,073,656 | ---- | C] (Microsoft Corporation) -- C:\Users\xxx\Desktop\msert.exe
[2012.04.16 22:10:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.04.16 22:10:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.04.12 12:33:38 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.04.12 12:33:36 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.04.12 12:33:36 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.04.12 12:33:35 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.04.12 12:33:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.04.12 12:33:35 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.04.12 12:33:14 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.04.12 12:33:14 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.04.03 17:06:12 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.03.29 22:04:21 | 000,000,000 | ---D | C] -- C:\Users\xxx\Documents\herz
[2012.03.24 02:34:11 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
[2012.03.23 14:10:12 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\Pokemon Gameboy Sound Collection (Red and Blue)
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.04.17 17:24:36 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
[2012.04.17 16:56:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.04.17 16:38:00 | 000,001,136 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3559759172-3097272205-1206507809-1000UA.job
[2012.04.17 15:50:10 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.17 15:50:10 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.17 13:56:17 | 000,628,504 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.04.17 13:56:17 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.04.17 13:56:17 | 000,126,248 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.04.17 13:56:17 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.04.17 13:55:45 | 073,073,656 | ---- | M] (Microsoft Corporation) -- C:\Users\xxx\Desktop\msert.exe
[2012.04.17 13:49:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.17 13:49:47 | 3220,365,312 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.16 22:10:45 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.04.16 18:14:01 | 000,387,436 | ---- | M] () -- C:\Users\xxx\Desktop\Bewerbungsunterlagen.rar
[2012.04.16 13:38:00 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3559759172-3097272205-1206507809-1000Core.job
[2012.04.15 17:40:02 | 000,002,066 | ---- | M] () -- C:\Users\xxx\Desktop\Google Chrome.lnk
[2012.04.15 00:56:09 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.04.15 00:56:09 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.04.13 20:29:59 | 009,879,349 | ---- | M] () -- C:\Users\xxx\Desktop\yugi.mov
[2012.04.12 15:05:43 | 016,248,932 | ---- | M] () -- C:\Users\xxx\Desktop\Nisemono 2.rar
[2012.04.12 12:36:43 | 000,289,518 | ---- | M] () -- C:\Users\xxx\Desktop\Abschlusszeugnis.jpg
[2012.04.12 12:34:12 | 000,472,861 | ---- | M] () -- C:\Users\xxx\Desktop\LAP.jpg
[2012.04.12 01:03:55 | 030,527,508 | ---- | M] () -- C:\Users\xxx\Desktop\Nisemono 1.rar
[2012.04.10 20:31:04 | 000,002,665 | ---- | M] () -- C:\Users\xxx\Desktop\Microsoft Office Excel 2003.lnk
[2012.04.10 07:46:23 | 016,848,492 | ---- | M] () -- C:\Users\xxx\Desktop\Naruto Nisemono - part 2.flv
[2012.04.09 23:59:04 | 000,142,848 | ---- | M] () -- C:\Users\xxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.04.07 01:40:06 | 000,002,637 | ---- | M] () -- C:\Users\xxx\Desktop\Microsoft Office Word 2003.lnk
[2012.04.06 15:18:16 | 000,001,356 | ---- | M] () -- C:\Users\xxx\AppData\Local\d3d9caps.dat
[2012.04.05 14:10:58 | 001,820,449 | ---- | M] () -- C:\Users\xxx\Desktop\P4050699.JPG
[2012.04.03 21:56:10 | 267,776,000 | ---- | M] () -- C:\Users\xxx\Desktop\Naruto_Shippuuden_242.rar
[2012.04.02 23:34:12 | 314,809,239 | ---- | M] () -- C:\Users\xxx\Desktop\Naruto_Shippuuden_241.rar
[2012.04.02 20:33:11 | 314,734,852 | ---- | M] () -- C:\Users\xxx\Desktop\Naruto_Shippuuden_240.rar
[2012.04.02 12:35:51 | 004,238,498 | ---- | M] () -- C:\Users\xxx\Desktop\Unterlagen.zip
[2012.03.29 23:39:00 | 314,721,653 | ---- | M] () -- C:\Users\xxx\Desktop\Naruto_Shippuuden_239.rar
[2012.03.29 20:43:02 | 314,713,876 | ---- | M] () -- C:\Users\xxx\Desktop\Naruto_Shippuuden_238.rar
[2012.03.27 23:29:43 | 314,794,434 | ---- | M] () -- C:\Users\xxx\Desktop\Naruto_Shippuuden_236.rar
[2012.03.26 21:59:00 | 262,447,638 | ---- | M] () -- C:\Users\xxx\Desktop\[AKA] One Piece 539 [x264,720p][C03C8F88].mp4
[2012.03.24 02:34:11 | 000,000,995 | ---- | M] () -- C:\Users\xxx\Desktop\Format Factory.lnk
[2012.03.19 23:44:07 | 000,179,110 | ---- | M] () -- C:\Users\xxx\Desktop\lol.jpg
[2012.03.19 15:48:15 | 237,243,139 | ---- | M] () -- C:\Users\xxx\Desktop\[AKA] One Piece 538 [x264,720p][Hi10P][C85C54EB].mkv
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.04.16 18:12:37 | 000,387,436 | ---- | C] () -- C:\Users\xxx\Desktop\Bewerbungsunterlagen.rar
[2012.04.13 20:25:14 | 009,879,349 | ---- | C] () -- C:\Users\xxx\Desktop\yugi.mov
[2012.04.12 15:06:36 | 016,848,492 | ---- | C] () -- C:\Users\xxx\Desktop\Naruto Nisemono - part 2.flv
[2012.04.12 15:00:28 | 016,248,932 | ---- | C] () -- C:\Users\xxx\Desktop\Nisemono 2.rar
[2012.04.12 12:32:13 | 000,472,861 | ---- | C] () -- C:\Users\xxx\Desktop\LAP.jpg
[2012.04.12 12:32:13 | 000,384,173 | ---- | C] () -- C:\Users\xxx\Desktop\Foto.jpg
[2012.04.12 12:32:13 | 000,289,518 | ---- | C] () -- C:\Users\xxx\Desktop\Abschlusszeugnis.jpg
[2012.04.12 00:54:03 | 030,527,508 | ---- | C] () -- C:\Users\xxx\Desktop\Nisemono 1.rar
[2012.04.06 16:30:46 | 3220,365,312 | -HS- | C] () -- C:\hiberfil.sys
[2012.04.05 15:15:23 | 001,820,449 | ---- | C] () -- C:\Users\xxx\Desktop\P4050699.JPG
[2012.04.03 19:24:57 | 267,776,000 | ---- | C] () -- C:\Users\xxx\Desktop\Naruto_Shippuuden_242.rar
[2012.04.03 17:06:12 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.04.02 20:39:22 | 314,809,239 | ---- | C] () -- C:\Users\xxx\Desktop\Naruto_Shippuuden_241.rar
[2012.04.02 17:30:15 | 314,734,852 | ---- | C] () -- C:\Users\xxx\Desktop\Naruto_Shippuuden_240.rar
[2012.04.02 12:35:26 | 004,238,498 | ---- | C] () -- C:\Users\xxx\Desktop\Unterlagen.zip
[2012.03.29 20:44:06 | 314,721,653 | ---- | C] () -- C:\Users\xxx\Desktop\Naruto_Shippuuden_239.rar
[2012.03.29 17:48:08 | 314,713,876 | ---- | C] () -- C:\Users\xxx\Desktop\Naruto_Shippuuden_238.rar
[2012.03.27 20:34:13 | 314,794,434 | ---- | C] () -- C:\Users\xxx\Desktop\Naruto_Shippuuden_236.rar
[2012.03.26 21:27:06 | 262,447,638 | ---- | C] () -- C:\Users\xxx\Desktop\[AKA] One Piece 539 [x264,720p][C03C8F88].mp4
[2012.03.24 02:34:11 | 000,000,995 | ---- | C] () -- C:\Users\xxx\Desktop\Format Factory.lnk
[2012.03.19 23:44:07 | 000,179,110 | ---- | C] () -- C:\Users\xxx\Desktop\lol.jpg
[2012.03.19 15:46:09 | 237,243,139 | ---- | C] () -- C:\Users\xxx\Desktop\[AKA] One Piece 538 [x264,720p][Hi10P][C85C54EB].mkv
[2011.08.13 12:59:48 | 000,000,044 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\wklnhst.dat
[2011.04.10 20:42:27 | 000,017,604 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\UserTile.png
[2010.10.23 00:08:53 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
 
========== LOP Check ==========
 
[2009.01.10 04:02:25 | 000,000,000 | -HSD | M] -- C:\Users\xxx\AppData\Roaming\.#
[2009.10.31 11:57:24 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Acer Arcade Live
[2008.03.21 15:57:57 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Acer GameZone Console
[2009.04.29 19:39:31 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Acer HomeMedia
[2011.11.07 14:57:43 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Aquamarin Haushaltsbuch
[2009.01.12 20:43:42 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Autodesk
[2010.02.21 16:18:47 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Canneverbe Limited
[2010.10.20 18:40:15 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\ChessJam.808D34EF1AE2806F00104989FE66F8BDE6B323D7.1
[2010.02.21 16:12:11 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\DeepBurner Pro
[2012.01.09 00:55:06 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\DirektFotoSystem3
[2010.05.14 12:12:48 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.01.12 20:17:39 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\e frontier
[2009.03.23 22:57:27 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Ebner
[2009.01.10 02:02:54 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\eSobi
[2009.01.10 02:31:20 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\FloodLightGames
[2010.10.04 23:21:48 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\GrabPro
[2010.02.21 16:02:38 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\gtk-2.0
[2009.09.27 20:19:32 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Image Zone Express
[2011.07.03 12:08:53 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\IrfanView
[2011.02.03 15:38:38 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Nokia
[2009.11.01 15:25:18 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Nseries
[2010.10.04 23:45:36 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Orbit
[2010.08.01 22:14:09 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\PC Suite
[2011.04.10 20:42:27 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\PeerNetworking
[2010.02.25 19:21:53 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\PianoBooster
[2009.04.29 19:39:25 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\PowerCinema
[2009.01.17 23:06:28 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Printer Info Cache
[2010.10.04 23:21:51 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\ProgSense
[2011.11.01 19:18:10 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Shareaza
[2009.04.09 20:57:32 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\sldIM
[2009.01.26 12:50:44 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Sony
[2011.02.24 21:56:46 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\TeamViewer
[2011.08.13 12:59:51 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Template
[2012.04.17 01:50:22 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2010.05.11 15:58:59 | 000,000,164 | ---- | M] ()(C:\Windows\System32\Ä!?!??) -- C:\Windows\System32\Ä!㳘!ʓ
[2010.05.11 15:58:59 | 000,000,164 | ---- | C] ()(C:\Windows\System32\Ä!?!??) -- C:\Windows\System32\Ä!㳘!ʓ
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 16 bytes -> C:\Users\xxx\Downloads:Shareaza.GUID
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:8AB6C1D7
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:193426B4
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:580E04D8
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:8173A019
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:FEBEC560

< End of report >
         

--- --- ---
[/QUOTE]

Zitat:

Danke, für die schnelle Antwort. Leider weiß ich ned wie ich Logs von meinen Virus scann mache. Kannst mir da helfen?

Sry ich kann hier nicht zu jedem der zig Virenscanner (in allen Versionen) die auf dem Markt sind wie aus der Pistole geschossen eine bebilderte Anleitung dazu gleich liefern. Üblicherweise findest du die Logs im Hauptmenü des Virenscanners in der Navigation.

Diese Java-Dinger sehen aber danach aus, als wurden die im JavaCache gefunden


Bitte erstmal routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

• Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
• Lade und starte Eset Online Scanner
• Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
• Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
• Klicke auf Starten.
• Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
• Klicke am Ende des Suchlaufs auf Fertig stellen.
• Schließe das Fenster von ESET.
• Explorer öffnen.
• C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
• Logfile hier posten.
• Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
• Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code: Alles auswählenAufklappen

ATTFilter

 hier steht das Log
         

Zitat:

Zitat von cosinus

Sry ich kann hier nicht zu jedem der zig Virenscanner (in allen Versionen) die auf dem Markt sind wie aus der Pistole geschossen eine bebilderte Anleitung dazu gleich liefern. Üblicherweise findest du die Logs im Hauptmenü des Virenscanners in der Navigation.

Hallo, vielen Dank erstmal, dass du dir soviel Zeit für mich nimmst.

Also Malwarebytes Scan hat folgendes ergeben.

Code: Alles auswählenAufklappen

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.04.17.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
XXX :: XXX-PC [Administrator]

Schutz: Aktiviert

17.04.2012 19:49:26
malware

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 520043
Laufzeit: 1 Stunde(n), 32 Minute(n), 53 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NeoSteam_DE (PUP.SuperSilentManager) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\GAMIGO\NeoSteam_DE\uninst.exe (PUP.SuperSilentManager) -> Keine Aktion durchgeführt.

(Ende)
         

Der Esets Scan folgendes Ergebnis, da sind 2 Files die sehr verdächtig aussehen aber das Programm konnte sie nicht löschen. Kann ich die irgendwie entfernen?

Code: Alles auswählenAufklappen

ATTFilter

 ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=9b390ca8b024dd468409775e962b506f
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-04-17 09:31:46
# local_time=2012-04-17 11:31:46 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=4096 16777215 100 0 85214638 85214638 0 0
# compatibility_mode=5892 16776574 100 100 45724050 172223639 0 0
# compatibility_mode=8192 67108863 100 0 103 103 0 0
# scanned=353081
# found=2
# cleaned=0
# scan_time=7395
C:\Users\xxx\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\A75U3EUV\frame_ads_inner[1].htm	HTML/Iframe.B.Gen virus (unable to clean)	00000000000000000000000000000000	I
C:\Users\xxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\435b256a-3d83e268	Java/Exploit.Agent.NAU trojan (unable to clean)	00000000000000000000000000000000	I
         

Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code: Alles auswählenAufklappen

ATTFilter

 hier steht das Log
         

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

• Starte bitte die OTL.exe.
  Vista und Win7 User mit Rechtsklick "als Administrator starten"
• Setze oben mittig den Haken bei Scanne alle Benutzer
• Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code: Alles auswählenAufklappen

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
         

• Schliesse bitte nun alle Programme. (Wichtig)
• Klicke nun bitte auf den Quick Scan Button.
• Klick auf .
• Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Zitat:

Zitat von cosinus

Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Hallo Cosinus,

hab alles so gemacht wie du gesagt hast. Habe den Log als Zip gespeichert ist leider zu lange um ihn zu posten.

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!!

Code: Alles auswählenAufklappen

ATTFilter

:OTL
IE - HKLM\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2206084
IE - HKU\S-1-5-21-3559759172-3097272205-1206507809-1000\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3559759172-3097272205-1206507809-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3559759172-3097272205-1206507809-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2206084
IE - HKU\S-1-5-21-3559759172-3097272205-1206507809-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3559759172-3097272205-1206507809-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>
FF - prefs.js..browser.search.defaultthis.engineName: "Softonic Deutsch FF Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2206084&SearchSource=3&q={searchTerms}"
FF - prefs.js..network.proxy.http: "74.86.121.230"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.no_proxies_on: "*.local,127.0.0.1:9421,"
FF - prefs.js..network.proxy.ssl: "66.229.205.251"
FF - prefs.js..network.proxy.ssl_port: 9090
FF - user.js - File not found
[2010.08.16 13:23:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\jebo5yec.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.04.18 00:39:49 | 000,000,000 | ---D | M] (ST Deutsch FF Community Toolbar) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\jebo5yec.default\extensions\{9d81af43-de53-48d0-a199-42c2a226b24c}
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Softonic Deutsch FF Toolbar) - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Softonic Deutsch FF Toolbar) - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
O4 - HKU\S-1-5-21-3559759172-3097272205-1206507809-1000..\Run: []  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{99220827-1bd9-11e0-9319-0021856e3d39}\Shell\AutoRun\command - "" = WDSetup.exe
[2009.01.10 04:02:25 | 000,000,000 | -HSD | M] -- C:\Users\xxx\AppData\Roaming\.#
@Alternate Data Stream - 16 bytes -> C:\Users\xxx\Downloads:Shareaza.GUID
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:8AB6C1D7
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:193426B4
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:580E04D8
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:8173A019
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:FEBEC560
:Files
C:\Users\xxx\AppData\LocalLow\Sun\Java\Deployment\cache
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
         

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Zitat:

Zitat von cosinus

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hallo, ich hab es so gemacht wie beschrieben, danach stand das ein Fehler aufgetreten ist und OTL beendet wird. Rechner hat sich neu gestartet und ich hab das File bekommen dass ich dir poste. Soll ich OTL nochmals ausführen oder hat der Log seine Richtigkeit?

Code: Alles auswählenAufklappen

ATTFilter

 Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...
         

Wiederhol den Fix im abgesicherten Modus bitte

Zitat:

Zitat von cosinus

Wiederhol den Fix im abgesicherten Modus bitte

Habe den Fix jetzt im Abgesicherten Modus wiederholt. Diesmal keine Fehlermeldung und hab dieses Logfile erhalten nach dem Neustart. Was muss ich als nächstes tun?

Code: Alles auswählenAufklappen

ATTFilter

 All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{9d81af43-de53-48d0-a199-42c2a226b24c} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9d81af43-de53-48d0-a199-42c2a226b24c}\ not found.
File C:\Programme\Softonic_Deutsch_FF\tbSoft.dll not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry value HKEY_USERS\S-1-5-21-3559759172-3097272205-1206507809-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{9d81af43-de53-48d0-a199-42c2a226b24c} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9d81af43-de53-48d0-a199-42c2a226b24c}\ not found.
File C:\Programme\Softonic_Deutsch_FF\tbSoft.dll not found.
HKEY_USERS\S-1-5-21-3559759172-3097272205-1206507809-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3559759172-3097272205-1206507809-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
HKU\S-1-5-21-3559759172-3097272205-1206507809-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-21-3559759172-3097272205-1206507809-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: "Softonic Deutsch FF Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2206084&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "74.86.121.230" removed from network.proxy.http
Prefs.js: 3128 removed from network.proxy.http_port
Prefs.js: "*.local,127.0.0.1:9421," removed from network.proxy.no_proxies_on
Prefs.js: "66.229.205.251" removed from network.proxy.ssl
Prefs.js: 9090 removed from network.proxy.ssl_port
Folder C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\jebo5yec.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\ not found.
Folder C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\jebo5yec.default\extensions\{9d81af43-de53-48d0-a199-42c2a226b24c}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9d81af43-de53-48d0-a199-42c2a226b24c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9d81af43-de53-48d0-a199-42c2a226b24c}\ not found.
File C:\Programme\Softonic_Deutsch_FF\tbSoft.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\ not found.
File C:\Program Files\Microsoft\BingBar\BingExt.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{9d81af43-de53-48d0-a199-42c2a226b24c} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9d81af43-de53-48d0-a199-42c2a226b24c}\ not found.
File C:\Programme\Softonic_Deutsch_FF\tbSoft.dll not found.
Registry value HKEY_USERS\S-1-5-21-3559759172-3097272205-1206507809-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File C:\autoexec.bat not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99220827-1bd9-11e0-9319-0021856e3d39}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99220827-1bd9-11e0-9319-0021856e3d39}\ not found.
File WDSetup.exe not found.
Folder C:\Users\xxx\AppData\Roaming\.#\ not found.
Unable to delete ADS C:\Users\xxx\Downloads:Shareaza.GUID .
Unable to delete ADS C:\ProgramData\TEMP:8AB6C1D7 .
Unable to delete ADS C:\ProgramData\TEMP:193426B4 .
Unable to delete ADS C:\ProgramData\TEMP:580E04D8 .
Unable to delete ADS C:\ProgramData\TEMP:8173A019 .
Unable to delete ADS C:\ProgramData\TEMP:FEBEC560 .
========== FILES ==========
File\Folder C:\Users\xxx\AppData\LocalLow\Sun\Java\Deployment\cache not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: xxx
->Temp folder emptied: 368856 bytes
->Temporary Internet Files folder emptied: 47123 bytes
->FireFox cache emptied: 22216024 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 456 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1373818077 bytes
RecycleBin emptied: 10014492855 bytes
 
Total Files Cleaned = 10.882,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
->Flash cache emptied: 0 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: xxx
->Flash cache emptied: 0 bytes
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.40.0 log created on 04182012_222006

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
         

Zitat:

File\Folder C:\Users\xxx\AppData\LocalLow\Sun\Java\Deployment\cache not found.

Die unkenntlichen gemachten Namen ( xxx ) solltest du VOR DEM FIX wieder in den richtigen Text zurückeditieren!

Zitat:

Zitat von cosinus

Die unkenntlichen gemachten Namen ( xxx ) solltest du VOR DEM FIX wieder in den richtigen Text zurückeditieren!

Ich habe "xxx" durch den Benutzernamen ersetzt überall eigentlich. soll ich es nochmals probieren?

Ok, wenn du das schon gemacht hast dann wurden die schon im ersten Lauf gelöscht, nur stand das eben nicht im ersten OTL-Fixlog. Du brauchst also nicht nochmal zu wiederholen

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

Zitat:

Zitat von cosinus

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-a...entfernen.html

Hat alles gut geklappt, TDSS- Killer hat 17 Dateien gefunden die er als Risiko einstuft, hab die mal geskipt wie beschrieben und hier ist der Log zur Überprüfung.

Code: Alles auswählenAufklappen

ATTFilter

 22:56:43.0772 5188	TDSS rootkit removing tool 2.7.29.0 Apr 18 2012 16:44:20
22:56:43.0898 5188	============================================================
22:56:43.0898 5188	Current date / time: 2012/04/18 22:56:43.0898
22:56:43.0898 5188	SystemInfo:
22:56:43.0898 5188	
22:56:43.0898 5188	OS Version: 6.0.6002 ServicePack: 2.0
22:56:43.0898 5188	Product type: Workstation
22:56:43.0898 5188	ComputerName: xxx-PC
22:56:43.0898 5188	UserName: xxx
22:56:43.0898 5188	Windows directory: C:\Windows
22:56:43.0898 5188	System windows directory: C:\Windows
22:56:43.0898 5188	Processor architecture: Intel x86
22:56:43.0898 5188	Number of processors: 4
22:56:43.0898 5188	Page size: 0x1000
22:56:43.0899 5188	Boot type: Normal boot
22:56:43.0899 5188	============================================================
22:56:44.0789 5188	Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:56:44.0804 5188	\Device\Harddisk0\DR0:
22:56:44.0804 5188	MBR partitions:
22:56:44.0804 5188	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x6, StartLBA 0x1D4B800, BlocksNum 0x245AB000
22:56:44.0804 5188	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x262F6800, BlocksNum 0x24561000
22:56:44.0828 5188	C: <-> \Device\Harddisk0\DR0\Partition0
22:56:44.0874 5188	D: <-> \Device\Harddisk0\DR0\Partition1
22:56:44.0875 5188	Initialize success
22:56:44.0875 5188	============================================================
22:58:01.0210 4052	============================================================
22:58:01.0210 4052	Scan started
22:58:01.0210 4052	Mode: Manual; SigCheck; TDLFS; 
22:58:01.0210 4052	============================================================
22:58:01.0566 4052	ACDaemon        (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
22:58:01.0711 4052	ACDaemon - ok
22:58:01.0760 4052	Acer HomeMedia Connect Service (517d30057c726c797764bfd70a55d82a) C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
22:58:01.0844 4052	Acer HomeMedia Connect Service ( UnsignedFile.Multi.Generic ) - warning
22:58:01.0845 4052	Acer HomeMedia Connect Service - detected UnsignedFile.Multi.Generic (1)
22:58:01.0903 4052	AcerMemUsageCheckService (e91f2444df54e725ddbbddb7fbce71f5) C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
22:58:01.0925 4052	AcerMemUsageCheckService ( UnsignedFile.Multi.Generic ) - warning
22:58:01.0925 4052	AcerMemUsageCheckService - detected UnsignedFile.Multi.Generic (1)
22:58:02.0011 4052	ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
22:58:02.0046 4052	ACPI - ok
22:58:02.0111 4052	AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:58:02.0146 4052	AdobeARMservice - ok
22:58:02.0197 4052	AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:58:02.0297 4052	AdobeFlashPlayerUpdateSvc - ok
22:58:02.0331 4052	adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
22:58:02.0392 4052	adp94xx - ok
22:58:02.0423 4052	adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
22:58:02.0480 4052	adpahci - ok
22:58:02.0497 4052	adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
22:58:02.0559 4052	adpu160m - ok
22:58:02.0575 4052	adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
22:58:02.0653 4052	adpu320 - ok
22:58:02.0678 4052	AeLookupSvc     (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
22:58:02.0756 4052	AeLookupSvc - ok
22:58:02.0793 4052	AFD             (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
22:58:02.0878 4052	AFD - ok
22:58:02.0904 4052	agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
22:58:02.0960 4052	agp440 - ok
22:58:02.0996 4052	aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
22:58:03.0052 4052	aic78xx - ok
22:58:03.0184 4052	Akamai          (1125c7d9fb8898015829c387c1bc87c7) c:\program files\common files\akamai/netsession_win_6c825ce.dll
22:58:03.0184 4052	Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_6c825ce.dll. md5: 1125c7d9fb8898015829c387c1bc87c7
22:58:03.0193 4052	Akamai ( HiddenFile.Multi.Generic ) - warning
22:58:03.0193 4052	Akamai - detected HiddenFile.Multi.Generic (1)
22:58:03.0204 4052	ALG             (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
22:58:03.0338 4052	ALG - ok
22:58:03.0353 4052	aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
22:58:03.0404 4052	aliide - ok
22:58:03.0433 4052	amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
22:58:03.0492 4052	amdagp - ok
22:58:03.0509 4052	amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
22:58:03.0542 4052	amdide - ok
22:58:03.0555 4052	AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
22:58:03.0630 4052	AmdK7 - ok
22:58:03.0642 4052	AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
22:58:03.0714 4052	AmdK8 - ok
22:58:03.0742 4052	Appinfo         (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
22:58:03.0784 4052	Appinfo - ok
22:58:03.0803 4052	arc             (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
22:58:03.0862 4052	arc - ok
22:58:03.0878 4052	arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
22:58:03.0942 4052	arcsas - ok
22:58:03.0967 4052	AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
22:58:04.0026 4052	AsyncMac - ok
22:58:04.0041 4052	atapi           (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
22:58:04.0063 4052	atapi - ok
22:58:04.0103 4052	Ati External Event Utility (8c260202f8124ea7aa5c4d75b691351a) C:\Windows\system32\Ati2evxx.exe
22:58:04.0307 4052	Ati External Event Utility - ok
22:58:04.0400 4052	atikmdag        (a3387b24d17a68fa12a9282481ce6eec) C:\Windows\system32\DRIVERS\atikmdag.sys
22:58:04.0659 4052	atikmdag - ok
22:58:04.0719 4052	AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
22:58:04.0773 4052	AudioEndpointBuilder - ok
22:58:04.0810 4052	Audiosrv        (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
22:58:04.0861 4052	Audiosrv - ok
22:58:04.0945 4052	Autodesk Licensing Service (32a5defddc3562bf89d73586f5915b34) C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
22:58:05.0705 4052	Autodesk Licensing Service - ok
22:58:05.0768 4052	BBSvc           (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
22:58:05.0885 4052	BBSvc - ok
22:58:05.0945 4052	Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
22:58:06.0004 4052	Beep - ok
22:58:06.0059 4052	BFE             (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
22:58:06.0127 4052	BFE - ok
22:58:06.0202 4052	BITS            (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
22:58:06.0331 4052	BITS - ok
22:58:06.0355 4052	blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
22:58:06.0431 4052	blbdrive - ok
22:58:06.0498 4052	Bonjour Service (a065f048e9e23e6c026a7bb548d126a7) C:\Program Files\Bonjour\mDNSResponder.exe
22:58:06.0569 4052	Bonjour Service - ok
22:58:06.0589 4052	bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
22:58:06.0659 4052	bowser - ok
22:58:06.0682 4052	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
22:58:06.0738 4052	BrFiltLo - ok
22:58:06.0758 4052	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
22:58:06.0816 4052	BrFiltUp - ok
22:58:06.0836 4052	Browser         (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
22:58:06.0887 4052	Browser - ok
22:58:06.0904 4052	Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
22:58:07.0093 4052	Brserid - ok
22:58:07.0113 4052	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
22:58:07.0212 4052	BrSerWdm - ok
22:58:07.0227 4052	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
22:58:07.0298 4052	BrUsbMdm - ok
22:58:07.0315 4052	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
22:58:07.0387 4052	BrUsbSer - ok
22:58:07.0405 4052	BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
22:58:07.0494 4052	BTHMODEM - ok
22:58:07.0520 4052	cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
22:58:07.0573 4052	cdfs - ok
22:58:07.0613 4052	cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
22:58:07.0700 4052	cdrom - ok
22:58:07.0743 4052	CertPropSvc     (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
22:58:07.0804 4052	CertPropSvc - ok
22:58:07.0819 4052	circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
22:58:07.0889 4052	circlass - ok
22:58:07.0933 4052	CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
22:58:07.0970 4052	CLFS - ok
22:58:08.0027 4052	clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:58:08.0100 4052	clr_optimization_v2.0.50727_32 - ok
22:58:08.0189 4052	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:58:08.0216 4052	clr_optimization_v4.0.30319_32 - ok
22:58:08.0229 4052	cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
22:58:08.0268 4052	cmdide - ok
22:58:08.0285 4052	Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
22:58:08.0318 4052	Compbatt - ok
22:58:08.0326 4052	COMSysApp - ok
22:58:08.0337 4052	crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
22:58:08.0360 4052	crcdisk - ok
22:58:08.0374 4052	Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
22:58:08.0446 4052	Crusoe - ok
22:58:08.0464 4052	CryptSvc        (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
22:58:08.0509 4052	CryptSvc - ok
22:58:08.0562 4052	DcomLaunch      (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
22:58:08.0628 4052	DcomLaunch - ok
22:58:08.0658 4052	DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
22:58:08.0767 4052	DfsC - ok
22:58:08.0838 4052	DFSR            (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
22:58:09.0067 4052	DFSR - ok
22:58:09.0124 4052	Dhcp            (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
22:58:09.0165 4052	Dhcp - ok
22:58:09.0189 4052	disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
22:58:09.0225 4052	disk - ok
22:58:09.0258 4052	DNIMp50         (2782a4549cc6558c52b0753126b2a833) C:\Windows\system32\Drivers\DNIMp50.sys
22:58:09.0305 4052	DNIMp50 ( UnsignedFile.Multi.Generic ) - warning
22:58:09.0305 4052	DNIMp50 - detected UnsignedFile.Multi.Generic (1)
22:58:09.0323 4052	DNISp50         (b222622709a919c91cb54a90cf7ceefc) C:\Windows\system32\Drivers\DNISp50.sys
22:58:09.0370 4052	DNISp50 ( UnsignedFile.Multi.Generic ) - warning
22:58:09.0370 4052	DNISp50 - detected UnsignedFile.Multi.Generic (1)
22:58:09.0397 4052	Dnscache        (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
22:58:09.0465 4052	Dnscache - ok
22:58:09.0497 4052	dot3svc         (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
22:58:09.0561 4052	dot3svc - ok
22:58:09.0591 4052	Dot4            (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
22:58:09.0653 4052	Dot4 - ok
22:58:09.0668 4052	Dot4Print       (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
22:58:09.0725 4052	Dot4Print - ok
22:58:09.0748 4052	dot4usb         (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
22:58:09.0812 4052	dot4usb - ok
22:58:09.0836 4052	DPS             (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
22:58:09.0884 4052	DPS - ok
22:58:09.0914 4052	drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
22:58:09.0943 4052	drmkaud - ok
22:58:09.0987 4052	DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
22:58:10.0057 4052	DXGKrnl - ok
22:58:10.0079 4052	E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
22:58:10.0174 4052	E1G60 - ok
22:58:10.0194 4052	EagleNT - ok
22:58:10.0205 4052	EagleXNt - ok
22:58:10.0228 4052	EapHost         (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
22:58:10.0284 4052	EapHost - ok
22:58:10.0336 4052	Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
22:58:10.0373 4052	Ecache - ok
22:58:10.0429 4052	eDataSecurity Service (b7dc2580425225c320ceda78de55a3d0) C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
22:58:10.0515 4052	eDataSecurity Service - ok
22:58:10.0551 4052	ehRecvr         (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
22:58:10.0674 4052	ehRecvr - ok
22:58:10.0683 4052	ehSched         (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
22:58:10.0777 4052	ehSched - ok
22:58:10.0786 4052	ehstart         (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
22:58:10.0812 4052	ehstart - ok
22:58:10.0834 4052	elxstor         (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
22:58:10.0900 4052	elxstor - ok
22:58:10.0938 4052	EMDMgmt         (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
22:58:11.0050 4052	EMDMgmt - ok
22:58:11.0133 4052	eRecoveryService (59fccaf915ba89dd98cadf08da91afee) C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
22:58:11.0165 4052	eRecoveryService ( UnsignedFile.Multi.Generic ) - warning
22:58:11.0165 4052	eRecoveryService - detected UnsignedFile.Multi.Generic (1)
22:58:11.0192 4052	ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
22:58:11.0232 4052	ErrDev - ok
22:58:11.0256 4052	eSettingsService (a9745687a57cdd71237915859aba8dac) C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
22:58:11.0278 4052	eSettingsService ( UnsignedFile.Multi.Generic ) - warning
22:58:11.0278 4052	eSettingsService - detected UnsignedFile.Multi.Generic (1)
22:58:11.0302 4052	EventSystem     (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
22:58:11.0354 4052	EventSystem - ok
22:58:11.0400 4052	exfat           (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
22:58:11.0487 4052	exfat - ok
22:58:11.0516 4052	fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
22:58:11.0563 4052	fastfat - ok
22:58:11.0655 4052	FCSAM           (8cab6b589f6610bf0e20780e153248c1) C:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MsMpEng.exe
22:58:11.0689 4052	FCSAM - ok
22:58:11.0726 4052	fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
22:58:11.0787 4052	fdc - ok
22:58:11.0804 4052	fdPHost         (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
22:58:11.0842 4052	fdPHost - ok
22:58:11.0850 4052	FDResPub        (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
22:58:11.0919 4052	FDResPub - ok
22:58:11.0939 4052	FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
22:58:11.0975 4052	FileInfo - ok
22:58:11.0989 4052	Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
22:58:12.0055 4052	Filetrace - ok
22:58:12.0073 4052	flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
22:58:12.0135 4052	flpydisk - ok
22:58:12.0170 4052	FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
22:58:12.0204 4052	FltMgr - ok
22:58:12.0258 4052	FontCache       (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
22:58:12.0343 4052	FontCache - ok
22:58:12.0403 4052	FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:58:12.0437 4052	FontCache3.0.0.0 - ok
22:58:12.0459 4052	Fs_Rec          (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
22:58:12.0515 4052	Fs_Rec - ok
22:58:12.0539 4052	gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
22:58:12.0599 4052	gagp30kx - ok
22:58:12.0655 4052	GEARAspiWDM     (f2f431d1573ee632975c524418655b84) C:\Windows\system32\drivers\GEARAspiWDM.sys
22:58:12.0701 4052	GEARAspiWDM - ok
22:58:12.0744 4052	gpsvc           (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
22:58:12.0817 4052	gpsvc - ok
22:58:12.0868 4052	HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
22:58:12.0946 4052	HdAudAddService - ok
22:58:12.0976 4052	HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:58:13.0092 4052	HDAudBus - ok
22:58:13.0114 4052	HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
22:58:13.0195 4052	HidBth - ok
22:58:13.0210 4052	HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
22:58:13.0286 4052	HidIr - ok
22:58:13.0318 4052	hidserv         (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
22:58:13.0357 4052	hidserv - ok
22:58:13.0375 4052	HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
22:58:13.0425 4052	HidUsb - ok
22:58:13.0438 4052	hkmsvc          (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
22:58:13.0507 4052	hkmsvc - ok
22:58:13.0519 4052	HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
22:58:13.0560 4052	HpCISSs - ok
22:58:13.0590 4052	HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
22:58:13.0660 4052	HTTP - ok
22:58:13.0678 4052	i2omp           (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
22:58:13.0716 4052	i2omp - ok
22:58:13.0743 4052	i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
22:58:13.0821 4052	i8042prt - ok
22:58:13.0842 4052	iaStor          (580bfec487c55264bfe3d60c3c24eee1) C:\Windows\system32\drivers\iastor.sys
22:58:13.0904 4052	iaStor - ok
22:58:13.0925 4052	iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
22:58:13.0998 4052	iaStorV - ok
22:58:14.0066 4052	idsvc           (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:58:14.0300 4052	idsvc - ok
22:58:14.0316 4052	iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
22:58:14.0364 4052	iirsp - ok
22:58:14.0402 4052	IKEEXT          (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
22:58:14.0482 4052	IKEEXT - ok
22:58:14.0561 4052	int15           (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Acer\Empowering Technology\eRecovery\int15.sys
22:58:14.0580 4052	int15 - ok
22:58:14.0647 4052	IntcAzAudAddService (4c01298060cf930d26a75a86b874b6ae) C:\Windows\system32\drivers\RTKVHDA.sys
22:58:14.0831 4052	IntcAzAudAddService - ok
22:58:14.0898 4052	intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
22:58:14.0926 4052	intelide - ok
22:58:14.0960 4052	intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
22:58:15.0027 4052	intelppm - ok
22:58:15.0050 4052	IPBusEnum       (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
22:58:15.0123 4052	IPBusEnum - ok
22:58:15.0140 4052	IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:58:15.0218 4052	IpFilterDriver - ok
22:58:15.0252 4052	iphlpsvc        (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
22:58:15.0305 4052	iphlpsvc - ok
22:58:15.0313 4052	IpInIp - ok
22:58:15.0331 4052	IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
22:58:15.0420 4052	IPMIDRV - ok
22:58:15.0438 4052	IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
22:58:15.0497 4052	IPNAT - ok
22:58:15.0509 4052	IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
22:58:15.0571 4052	IRENUM - ok
22:58:15.0588 4052	isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
22:58:15.0641 4052	isapnp - ok
22:58:15.0672 4052	iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
22:58:15.0703 4052	iScsiPrt - ok
22:58:15.0723 4052	iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
22:58:15.0766 4052	iteatapi - ok
22:58:15.0788 4052	iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
22:58:15.0829 4052	iteraid - ok
22:58:15.0855 4052	kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
22:58:15.0899 4052	kbdclass - ok
22:58:15.0916 4052	kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
22:58:15.0982 4052	kbdhid - ok
22:58:16.0000 4052	KeyIso          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
22:58:16.0069 4052	KeyIso - ok
22:58:16.0107 4052	KSecDD          (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
22:58:16.0148 4052	KSecDD - ok
22:58:16.0169 4052	KtmRm           (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
22:58:16.0232 4052	KtmRm - ok
22:58:16.0262 4052	LanmanServer    (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
22:58:16.0308 4052	LanmanServer - ok
22:58:16.0342 4052	LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
22:58:16.0390 4052	LanmanWorkstation - ok
22:58:16.0442 4052	LightScribeService (793ff718477345cd5d232c50bed1e452) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
22:58:16.0516 4052	LightScribeService ( UnsignedFile.Multi.Generic ) - warning
22:58:16.0517 4052	LightScribeService - detected UnsignedFile.Multi.Generic (1)
22:58:16.0549 4052	lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
22:58:16.0627 4052	lltdio - ok
22:58:16.0660 4052	lltdsvc         (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
22:58:16.0736 4052	lltdsvc - ok
22:58:16.0757 4052	lmhosts         (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
22:58:16.0818 4052	lmhosts - ok
22:58:16.0839 4052	LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
22:58:16.0913 4052	LSI_FC - ok
22:58:16.0954 4052	LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
22:58:17.0021 4052	LSI_SAS - ok
22:58:17.0038 4052	LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
22:58:17.0107 4052	LSI_SCSI - ok
22:58:17.0122 4052	luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
22:58:17.0218 4052	luafv - ok
22:58:17.0237 4052	Mcx2Svc         (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
22:58:17.0294 4052	Mcx2Svc - ok
22:58:17.0314 4052	megasas         (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
22:58:17.0369 4052	megasas - ok
22:58:17.0408 4052	MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
22:58:17.0524 4052	MegaSR - ok
22:58:17.0541 4052	MMCSS           (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
22:58:17.0600 4052	MMCSS - ok
22:58:17.0614 4052	Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
22:58:17.0678 4052	Modem - ok
22:58:17.0695 4052	monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
22:58:17.0743 4052	monitor - ok
22:58:17.0761 4052	mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
22:58:17.0804 4052	mouclass - ok
22:58:17.0824 4052	mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
22:58:17.0891 4052	mouhid - ok
22:58:17.0911 4052	MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
22:58:17.0947 4052	MountMgr - ok
22:58:17.0988 4052	MpFilter        (356842aac621ab40f18992c01a590f71) C:\Windows\system32\DRIVERS\MpFilter.sys
22:58:18.0024 4052	MpFilter - ok
22:58:18.0054 4052	mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
22:58:18.0133 4052	mpio - ok
22:58:18.0151 4052	mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
22:58:18.0190 4052	mpsdrv - ok
22:58:18.0235 4052	MpsSvc          (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
22:58:18.0288 4052	MpsSvc - ok
22:58:18.0304 4052	Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
22:58:18.0342 4052	Mraid35x - ok
22:58:18.0379 4052	MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
22:58:18.0408 4052	MRxDAV - ok
22:58:18.0448 4052	mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:58:18.0493 4052	mrxsmb - ok
22:58:18.0516 4052	mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:58:18.0553 4052	mrxsmb10 - ok
22:58:18.0567 4052	mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:58:18.0614 4052	mrxsmb20 - ok
22:58:18.0631 4052	msahci          (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
22:58:18.0665 4052	msahci - ok
22:58:18.0686 4052	msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
22:58:18.0729 4052	msdsm - ok
22:58:18.0755 4052	MSDTC           (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
22:58:18.0817 4052	MSDTC - ok
22:58:18.0837 4052	Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
22:58:18.0896 4052	Msfs - ok
22:58:18.0919 4052	msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
22:58:18.0941 4052	msisadrv - ok
22:58:18.0971 4052	MSiSCSI         (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
22:58:19.0044 4052	MSiSCSI - ok
22:58:19.0052 4052	msiserver - ok
22:58:19.0071 4052	MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
22:58:19.0126 4052	MSKSSRV - ok
22:58:19.0151 4052	MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
22:58:19.0189 4052	MSPCLOCK - ok
22:58:19.0209 4052	MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
22:58:19.0243 4052	MSPQM - ok
22:58:19.0280 4052	MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
22:58:19.0339 4052	MsRPC - ok
22:58:19.0358 4052	mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
22:58:19.0387 4052	mssmbios - ok
22:58:19.0398 4052	MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
22:58:19.0436 4052	MSTEE - ok
22:58:19.0446 4052	Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
22:58:19.0484 4052	Mup - ok
22:58:19.0524 4052	napagent        (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
22:58:19.0582 4052	napagent - ok
22:58:19.0627 4052	NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
22:58:19.0689 4052	NativeWifiP - ok
22:58:19.0733 4052	NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
22:58:19.0786 4052	NDIS - ok
22:58:19.0806 4052	NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
22:58:19.0858 4052	NdisTapi - ok
22:58:19.0873 4052	Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
22:58:19.0926 4052	Ndisuio - ok
22:58:19.0975 4052	NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
22:58:20.0024 4052	NdisWan - ok
22:58:20.0040 4052	NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
22:58:20.0114 4052	NDProxy - ok
22:58:20.0156 4052	Net Driver HPZ12 (2969d26eee289be7422aa46fc55f4e38) C:\Windows\system32\HPZinw12.dll
22:58:20.0186 4052	Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
22:58:20.0186 4052	Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
22:58:20.0202 4052	NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
22:58:20.0272 4052	NetBIOS - ok
22:58:20.0311 4052	netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
22:58:20.0405 4052	netbt - ok
22:58:20.0425 4052	Netlogon        (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
22:58:20.0459 4052	Netlogon - ok
22:58:20.0488 4052	Netman          (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
22:58:20.0563 4052	Netman - ok
22:58:20.0580 4052	netprofm        (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
22:58:20.0641 4052	netprofm - ok
22:58:20.0691 4052	NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:58:20.0739 4052	NetTcpPortSharing - ok
22:58:20.0754 4052	nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
22:58:20.0803 4052	nfrd960 - ok
22:58:20.0823 4052	NlaSvc          (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
22:58:20.0873 4052	NlaSvc - ok
22:58:20.0919 4052	nmwcd           (c3963d85b721a7f80d8a55f4e2867a3a) C:\Windows\system32\drivers\ccdcmb.sys
22:58:20.0985 4052	nmwcd - ok
22:58:21.0010 4052	nmwcdc          (3859c69a77793180548802dac9f34a38) C:\Windows\system32\drivers\ccdcmbo.sys
22:58:21.0096 4052	nmwcdc - ok
22:58:21.0128 4052	Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
22:58:21.0195 4052	Npfs - ok
22:58:21.0209 4052	nsi             (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
22:58:21.0270 4052	nsi - ok
22:58:21.0281 4052	nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
22:58:21.0336 4052	nsiproxy - ok
22:58:21.0387 4052	Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
22:58:21.0618 4052	Ntfs - ok
22:58:21.0654 4052	NTIDrvr         (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\Windows\system32\DRIVERS\NTIDrvr.sys
22:58:21.0667 4052	NTIDrvr ( UnsignedFile.Multi.Generic ) - warning
22:58:21.0668 4052	NTIDrvr - detected UnsignedFile.Multi.Generic (1)
22:58:21.0684 4052	ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
22:58:21.0754 4052	ntrigdigi - ok
22:58:21.0763 4052	Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
22:58:21.0796 4052	Null - ok
22:58:21.0840 4052	NVENETFD        (d668632606d1cebf0b6ec64c1df7ed6f) C:\Windows\system32\DRIVERS\nvmfdx32.sys
22:58:21.0936 4052	NVENETFD - ok
22:58:21.0961 4052	NVHDA           (d2f4c4b22969236382ca853b8daa2d4e) C:\Windows\system32\drivers\nvhda32v.sys
22:58:22.0020 4052	NVHDA - ok
22:58:22.0161 4052	nvlddmkm        (23c24fdbc46b61a828db3779a808a68b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:58:22.0613 4052	nvlddmkm - ok
22:58:22.0636 4052	nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
22:58:22.0680 4052	nvraid - ok
22:58:22.0707 4052	nvrd32          (73f84853274c0f633425b102b4edd631) C:\Windows\system32\drivers\nvrd32.sys
22:58:22.0756 4052	nvrd32 - ok
22:58:22.0765 4052	nvsmu           (7ec12a73067baca25a8e3e2a58ae83d8) C:\Windows\system32\DRIVERS\nvsmu.sys
22:58:22.0799 4052	nvsmu - ok
22:58:22.0820 4052	nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
22:58:22.0869 4052	nvstor - ok
22:58:22.0880 4052	nvstor32        (a136ba7eb1eebe4b2469f123f4607518) C:\Windows\system32\drivers\nvstor32.sys
22:58:22.0926 4052	nvstor32 - ok
22:58:22.0952 4052	nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
22:58:22.0998 4052	nv_agp - ok
22:58:23.0007 4052	NwlnkFlt - ok
22:58:23.0019 4052	NwlnkFwd - ok
22:58:23.0062 4052	ohci1394        (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
22:58:23.0109 4052	ohci1394 - ok
22:58:23.0176 4052	ose             (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:58:23.0273 4052	ose - ok
22:58:23.0317 4052	p2pimsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
22:58:23.0458 4052	p2pimsvc - ok
22:58:23.0470 4052	p2psvc          (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
22:58:23.0533 4052	p2psvc - ok
22:58:23.0556 4052	Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
22:58:23.0677 4052	Parport - ok
22:58:23.0714 4052	partmgr         (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
22:58:23.0751 4052	partmgr - ok
22:58:23.0763 4052	Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
22:58:23.0835 4052	Parvdm - ok
22:58:23.0857 4052	PcaSvc          (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
22:58:23.0898 4052	PcaSvc - ok
22:58:23.0947 4052	pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
22:58:24.0000 4052	pccsmcfd - ok
22:58:24.0022 4052	pci             (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
22:58:24.0051 4052	pci - ok
22:58:24.0078 4052	pciide          (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
22:58:24.0101 4052	pciide - ok
22:58:24.0117 4052	pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
22:58:24.0170 4052	pcmcia - ok
22:58:24.0205 4052	PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
22:58:24.0368 4052	PEAUTH - ok
22:58:24.0426 4052	pla             (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
22:58:24.0556 4052	pla - ok
22:58:24.0599 4052	PlugPlay        (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
22:58:26.0455 4052	PlugPlay - ok
22:58:26.0493 4052	Pml Driver HPZ12 (bafc9706bdf425a02b66468ab2605c59) C:\Windows\system32\HPZipm12.dll
22:58:26.0520 4052	Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
22:58:26.0520 4052	Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
22:58:26.0559 4052	PNRPAutoReg     (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
22:58:26.0627 4052	PNRPAutoReg - ok
22:58:26.0650 4052	PNRPsvc         (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
22:58:26.0705 4052	PNRPsvc - ok
22:58:26.0740 4052	PolicyAgent     (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
22:58:26.0803 4052	PolicyAgent - ok
22:58:26.0828 4052	PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
22:58:26.0913 4052	PptpMiniport - ok
22:58:26.0934 4052	Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
22:58:27.0001 4052	Processor - ok
22:58:27.0038 4052	ProfSvc         (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
22:58:27.0095 4052	ProfSvc - ok
22:58:27.0125 4052	ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
22:58:27.0158 4052	ProtectedStorage - ok
22:58:27.0194 4052	PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
22:58:27.0283 4052	PSched - ok
22:58:27.0295 4052	PSDFilter       (ab94285ff6c6bc5433407d8d182a4bb4) C:\Windows\system32\DRIVERS\psdfilter.sys
22:58:27.0320 4052	PSDFilter - ok
22:58:27.0332 4052	PSDNServ        (2aaf9a5d7a63d26bfaea853c5f2292bc) C:\Windows\system32\DRIVERS\PSDNServ.sys
22:58:27.0351 4052	PSDNServ - ok
22:58:27.0365 4052	psdvdisk        (0eb8cec99855beae5b0d02c2302619ef) C:\Windows\system32\DRIVERS\PSDVdisk.sys
22:58:27.0376 4052	psdvdisk - ok
22:58:27.0414 4052	PxHelp20        (feffcfdc528764a04c8ed63d5fa6e711) C:\Windows\system32\Drivers\PxHelp20.sys
22:58:27.0436 4052	PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
22:58:27.0436 4052	PxHelp20 - detected UnsignedFile.Multi.Generic (1)
22:58:27.0481 4052	ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
22:58:27.0590 4052	ql2300 - ok
22:58:27.0610 4052	ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
22:58:27.0695 4052	ql40xx - ok
22:58:27.0722 4052	QWAVE           (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
22:58:27.0825 4052	QWAVE - ok
22:58:27.0844 4052	QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
22:58:27.0901 4052	QWAVEdrv - ok
22:58:27.0915 4052	RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
22:58:27.0965 4052	RasAcd - ok
22:58:27.0986 4052	RasAuto         (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
22:58:28.0055 4052	RasAuto - ok
22:58:28.0073 4052	Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:58:28.0181 4052	Rasl2tp - ok
22:58:28.0228 4052	RasMan          (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
22:58:28.0283 4052	RasMan - ok
22:58:28.0319 4052	RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
22:58:28.0388 4052	RasPppoe - ok
22:58:28.0460 4052	RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
22:58:28.0539 4052	RasSstp - ok
22:58:28.0626 4052	rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
22:58:28.0734 4052	rdbss - ok
22:58:28.0743 4052	RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:58:28.0776 4052	RDPCDD - ok
22:58:28.0830 4052	rdpdr           (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
22:58:28.0871 4052	rdpdr - ok
22:58:28.0880 4052	RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
22:58:28.0913 4052	RDPENCDD - ok
22:58:28.0943 4052	RDPWD           (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
22:58:29.0076 4052	RDPWD - ok
22:58:29.0111 4052	RemoteAccess    (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
22:58:29.0185 4052	RemoteAccess - ok
22:58:29.0221 4052	RemoteRegistry  (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
22:58:29.0299 4052	RemoteRegistry - ok
22:58:29.0361 4052	RichVideo       (a035a7bf5132682f53f1e7b955690ce7) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
22:58:29.0432 4052	RichVideo ( UnsignedFile.Multi.Generic ) - warning
22:58:29.0432 4052	RichVideo - detected UnsignedFile.Multi.Generic (1)
22:58:29.0455 4052	RpcLocator      (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
22:58:29.0511 4052	RpcLocator - ok
22:58:29.0554 4052	RpcSs           (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
22:58:29.0605 4052	RpcSs - ok
22:58:29.0635 4052	rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
22:58:29.0717 4052	rspndr - ok
22:58:29.0742 4052	SamSs           (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
22:58:29.0775 4052	SamSs - ok
22:58:29.0810 4052	sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
22:58:29.0882 4052	sbp2port - ok
22:58:29.0923 4052	SCardSvr        (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
22:58:29.0984 4052	SCardSvr - ok
22:58:30.0022 4052	Schedule        (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
22:58:30.0133 4052	Schedule - ok
22:58:30.0160 4052	SCPolicySvc     (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
22:58:30.0196 4052	SCPolicySvc - ok
22:58:30.0220 4052	SDRSVC          (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
22:58:30.0278 4052	SDRSVC - ok
22:58:30.0340 4052	SeaPort         (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
22:58:30.0434 4052	SeaPort - ok
22:58:30.0457 4052	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:58:30.0525 4052	secdrv - ok
22:58:30.0543 4052	seclogon        (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
22:58:30.0585 4052	seclogon - ok
22:58:30.0600 4052	SENS            (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
22:58:30.0656 4052	SENS - ok
22:58:30.0674 4052	Serenum         (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
22:58:30.0729 4052	Serenum - ok
22:58:30.0747 4052	Serial          (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
22:58:30.0883 4052	Serial - ok
22:58:30.0899 4052	sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
22:58:30.0949 4052	sermouse - ok
22:58:31.0010 4052	ServiceLayer    (2d841b7b7f6dec32162edfcc69d61f42) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
22:58:31.0167 4052	ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
22:58:31.0167 4052	ServiceLayer - detected UnsignedFile.Multi.Generic (1)
22:58:31.0202 4052	SessionEnv      (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
22:58:31.0250 4052	SessionEnv - ok
22:58:31.0264 4052	sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
22:58:31.0312 4052	sffdisk - ok
22:58:31.0332 4052	sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
22:58:31.0378 4052	sffp_mmc - ok
22:58:31.0387 4052	sffp_sd         (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
22:58:31.0437 4052	sffp_sd - ok
22:58:31.0450 4052	sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
22:58:31.0514 4052	sfloppy - ok
22:58:31.0534 4052	SharedAccess    (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
22:58:31.0641 4052	SharedAccess - ok
22:58:31.0692 4052	ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
22:58:31.0744 4052	ShellHWDetection - ok
22:58:31.0765 4052	sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
22:58:31.0825 4052	sisagp - ok
22:58:31.0839 4052	SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
22:58:31.0880 4052	SiSRaid2 - ok
22:58:31.0897 4052	SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
22:58:31.0959 4052	SiSRaid4 - ok
22:58:32.0021 4052	SkypeUpdate     (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe
22:58:32.0179 4052	SkypeUpdate - ok
22:58:32.0260 4052	slsvc           (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
22:58:32.0511 4052	slsvc - ok
22:58:32.0559 4052	SLUINotify      (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
22:58:32.0619 4052	SLUINotify - ok
22:58:32.0654 4052	Smb             (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
22:58:32.0748 4052	Smb - ok
22:58:32.0781 4052	SNMPTRAP        (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
22:58:32.0818 4052	SNMPTRAP - ok
22:58:32.0829 4052	spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
22:58:32.0854 4052	spldr - ok
22:58:32.0877 4052	Spooler         (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
22:58:32.0919 4052	Spooler - ok
22:58:32.0948 4052	srv             (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
22:58:33.0002 4052	srv - ok
22:58:33.0030 4052	srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
22:58:33.0069 4052	srv2 - ok
22:58:33.0088 4052	srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
22:58:33.0126 4052	srvnet - ok
22:58:33.0152 4052	SSDPSRV         (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
22:58:33.0210 4052	SSDPSRV - ok
22:58:33.0229 4052	SstpSvc         (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
22:58:33.0263 4052	SstpSvc - ok
22:58:33.0293 4052	StarOpen        (f92254b0bcfcd10caac7bccc7cb7f467) C:\Windows\system32\drivers\StarOpen.sys
22:58:33.0317 4052	StarOpen ( UnsignedFile.Multi.Generic ) - warning
22:58:33.0317 4052	StarOpen - detected UnsignedFile.Multi.Generic (1)
22:58:33.0362 4052	stisvc          (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
22:58:33.0430 4052	stisvc - ok
22:58:33.0453 4052	swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
22:58:33.0484 4052	swenum - ok
22:58:33.0526 4052	swprv           (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
22:58:33.0612 4052	swprv - ok
22:58:33.0631 4052	Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
22:58:33.0675 4052	Symc8xx - ok
22:58:33.0689 4052	Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
22:58:33.0727 4052	Sym_hi - ok
22:58:33.0746 4052	Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
22:58:33.0791 4052	Sym_u3 - ok
22:58:33.0837 4052	SysMain         (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
22:58:33.0898 4052	SysMain - ok
22:58:33.0930 4052	TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
22:58:33.0993 4052	TabletInputService - ok
22:58:34.0089 4052	TabletServicePen (ded6145ca9a7c7f2bbbf1e4cecd48114) C:\Windows\system32\Pen_Tablet.exe
22:58:34.0281 4052	TabletServicePen - ok
22:58:34.0313 4052	TapiSrv         (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
22:58:34.0368 4052	TapiSrv - ok
22:58:34.0384 4052	TBS             (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
22:58:34.0429 4052	TBS - ok
22:58:34.0478 4052	Tcpip           (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
22:58:34.0628 4052	Tcpip - ok
22:58:34.0661 4052	Tcpip6          (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
22:58:34.0752 4052	Tcpip6 - ok
22:58:34.0781 4052	tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
22:58:34.0820 4052	tcpipreg - ok
22:58:34.0841 4052	TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
22:58:34.0895 4052	TDPIPE - ok
22:58:34.0909 4052	TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
22:58:34.0966 4052	TDTCP - ok
22:58:35.0004 4052	tdx             (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
22:58:35.0093 4052	tdx - ok
22:58:35.0118 4052	TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
22:58:35.0177 4052	TermDD - ok
22:58:35.0216 4052	TermService     (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
22:58:35.0275 4052	TermService - ok
22:58:35.0317 4052	Themes          (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
22:58:35.0352 4052	Themes - ok
22:58:35.0374 4052	THREADORDER     (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
22:58:35.0412 4052	THREADORDER - ok
22:58:35.0437 4052	TrkWks          (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
22:58:35.0486 4052	TrkWks - ok
22:58:35.0531 4052	TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
22:58:35.0581 4052	TrustedInstaller - ok
22:58:35.0601 4052	tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:58:35.0652 4052	tssecsrv - ok
22:58:35.0673 4052	tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
22:58:35.0727 4052	tunmp - ok
22:58:35.0764 4052	tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
22:58:35.0814 4052	tunnel - ok
22:58:35.0836 4052	tvicport        (97dd70feca64fb4f63de7bb7e66a80b1) C:\Windows\system32\drivers\tvicport.sys
22:58:35.0862 4052	tvicport ( UnsignedFile.Multi.Generic ) - warning
22:58:35.0862 4052	tvicport - detected UnsignedFile.Multi.Generic (1)
22:58:35.0878 4052	uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
22:58:35.0938 4052	uagp35 - ok
22:58:35.0983 4052	udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
22:58:36.0034 4052	udfs - ok
22:58:36.0052 4052	UI0Detect       (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
22:58:36.0125 4052	UI0Detect - ok
22:58:36.0145 4052	uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
22:58:36.0211 4052	uliagpkx - ok
22:58:36.0237 4052	uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
22:58:36.0361 4052	uliahci - ok
22:58:36.0382 4052	UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
22:58:36.0418 4052	UlSata - ok
22:58:36.0433 4052	ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
22:58:36.0475 4052	ulsata2 - ok
22:58:36.0488 4052	umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
22:58:36.0559 4052	umbus - ok
22:58:36.0575 4052	upnphost        (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
22:58:36.0627 4052	upnphost - ok
22:58:36.0673 4052	upperdev        (0ccadc7391021376edbb8aa649d04e68) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
22:58:36.0719 4052	upperdev - ok
22:58:36.0738 4052	USBAAPL - ok
22:58:36.0767 4052	usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
22:58:36.0845 4052	usbccgp - ok
22:58:36.0861 4052	usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
22:58:36.0961 4052	usbcir - ok
22:58:36.0978 4052	usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
22:58:37.0034 4052	usbehci - ok
22:58:37.0073 4052	usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
22:58:37.0136 4052	usbhub - ok
22:58:37.0161 4052	usbohci         (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
22:58:37.0212 4052	usbohci - ok
22:58:37.0238 4052	usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
22:58:37.0296 4052	usbprint - ok
22:58:37.0312 4052	usbscan         (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
22:58:37.0387 4052	usbscan - ok
22:58:37.0403 4052	usbser          (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\DRIVERS\usbser.sys
22:58:37.0462 4052	usbser - ok
22:58:37.0481 4052	USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:58:37.0560 4052	USBSTOR - ok
22:58:37.0572 4052	usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
22:58:37.0623 4052	usbuhci - ok
22:58:37.0677 4052	usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
22:58:37.0722 4052	usbvideo - ok
22:58:37.0754 4052	UxSms           (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
22:58:37.0810 4052	UxSms - ok
22:58:37.0850 4052	vds             (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
22:58:37.0945 4052	vds - ok
22:58:37.0968 4052	vga             (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
22:58:38.0025 4052	vga - ok
22:58:38.0043 4052	VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
22:58:38.0101 4052	VgaSave - ok
22:58:38.0120 4052	viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
22:58:38.0178 4052	viaagp - ok
22:58:38.0191 4052	ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
22:58:38.0252 4052	ViaC7 - ok
22:58:38.0269 4052	viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
22:58:38.0304 4052	viaide - ok
22:58:38.0318 4052	volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
22:58:38.0353 4052	volmgr - ok
22:58:38.0395 4052	volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
22:58:38.0429 4052	volmgrx - ok
22:58:38.0451 4052	volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
22:58:38.0484 4052	volsnap - ok
22:58:38.0501 4052	vsmraid         (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
22:58:38.0590 4052	vsmraid - ok
22:58:38.0641 4052	VSS             (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
22:58:38.0802 4052	VSS - ok
22:58:38.0830 4052	W32Time         (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
22:58:38.0876 4052	W32Time - ok
22:58:38.0911 4052	wacmoumonitor   (9a03558c37e919b9d6a50864aea0a168) C:\Windows\system32\DRIVERS\wacmoumonitor.sys
22:58:38.0940 4052	wacmoumonitor - ok
22:58:38.0988 4052	wacommousefilter (427a8bc96f16c40df81c2d2f4edd32dd) C:\Windows\system32\DRIVERS\wacommousefilter.sys
22:58:39.0030 4052	wacommousefilter - ok
22:58:39.0056 4052	WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
22:58:39.0125 4052	WacomPen - ok
22:58:39.0145 4052	wacomvhid       (d412d2cc82c3d469415758cab44875a4) C:\Windows\system32\DRIVERS\wacomvhid.sys
22:58:39.0173 4052	wacomvhid - ok
22:58:39.0193 4052	WacomVKHid      (889459833432b161cb99cfdf84a1a9bb) C:\Windows\system32\DRIVERS\WacomVKHid.sys
22:58:39.0225 4052	WacomVKHid - ok
22:58:39.0237 4052	Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:58:39.0320 4052	Wanarp - ok
22:58:39.0325 4052	Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:58:39.0373 4052	Wanarpv6 - ok
22:58:39.0396 4052	wcncsvc         (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
22:58:39.0555 4052	wcncsvc - ok
22:58:39.0576 4052	WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
22:58:39.0635 4052	WcsPlugInService - ok
22:58:39.0656 4052	Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
22:58:39.0681 4052	Wd - ok
22:58:39.0723 4052	Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
22:58:39.0762 4052	Wdf01000 - ok
22:58:39.0782 4052	WdiServiceHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
22:58:39.0825 4052	WdiServiceHost - ok
22:58:39.0829 4052	WdiSystemHost   (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
22:58:39.0872 4052	WdiSystemHost - ok
22:58:39.0912 4052	WebClient       (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
22:58:39.0957 4052	WebClient - ok
22:58:39.0987 4052	Wecsvc          (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
22:58:40.0058 4052	Wecsvc - ok
22:58:40.0071 4052	wercplsupport   (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
22:58:40.0122 4052	wercplsupport - ok
22:58:40.0160 4052	WerSvc          (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
22:58:40.0214 4052	WerSvc - ok
22:58:40.0229 4052	WG111T - ok
22:58:40.0274 4052	WinDefend       (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
22:58:40.0344 4052	WinDefend - ok
22:58:40.0351 4052	WinHttpAutoProxySvc - ok
22:58:40.0408 4052	Winmgmt         (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
22:58:40.0450 4052	Winmgmt - ok
22:58:40.0502 4052	WinRM           (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
22:58:40.0692 4052	WinRM - ok
22:58:40.0747 4052	Wlansvc         (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
22:58:40.0857 4052	Wlansvc - ok
22:58:40.0893 4052	WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
22:58:40.0921 4052	WmiAcpi - ok
22:58:40.0971 4052	wmiApSrv        (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
22:58:41.0058 4052	wmiApSrv - ok
22:58:41.0112 4052	WMPNetworkSvc   (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
22:58:41.0471 4052	WMPNetworkSvc - ok
22:58:41.0493 4052	WPCSvc          (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
22:58:41.0558 4052	WPCSvc - ok
22:58:41.0598 4052	WPDBusEnum      (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
22:58:41.0641 4052	WPDBusEnum - ok
22:58:41.0687 4052	WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
22:58:41.0751 4052	WpdUsb - ok
22:58:41.0851 4052	WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:58:41.0929 4052	WPFFontCache_v0400 - ok
22:58:41.0956 4052	ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
22:58:42.0015 4052	ws2ifsl - ok
22:58:42.0044 4052	wscsvc          (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
22:58:42.0116 4052	wscsvc - ok
22:58:42.0124 4052	WSearch - ok
22:58:42.0198 4052	wuauserv        (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
22:58:42.0299 4052	wuauserv - ok
22:58:42.0328 4052	WudfPf          (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
22:58:42.0423 4052	WudfPf - ok
22:58:42.0438 4052	WUDFRd          (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:58:42.0467 4052	WUDFRd - ok
22:58:42.0480 4052	wudfsvc         (2c0206ff8d2c75ac027d1096fa2fafda) C:\Windows\System32\WUDFSvc.dll
22:58:42.0544 4052	wudfsvc - ok
22:58:42.0571 4052	XDva289 - ok
22:58:42.0582 4052	XDva370 - ok
22:58:42.0598 4052	zntport         (40ac8590cc9006dbb99ffcb37879d4c6) C:\Windows\system32\drivers\zntport.sys
22:58:42.0630 4052	zntport ( UnsignedFile.Multi.Generic ) - warning
22:58:42.0630 4052	zntport - detected UnsignedFile.Multi.Generic (1)
22:58:42.0648 4052	MBR (0x1B8)     (a863475757cc50891aa8458c415e4b25) \Device\Harddisk0\DR0
22:58:45.0227 4052	\Device\Harddisk0\DR0 - ok
22:58:45.0252 4052	Boot (0x1200)   (90030752e898c3ee7a0ff6e2209fb1e0) \Device\Harddisk0\DR0\Partition0
22:58:45.0253 4052	\Device\Harddisk0\DR0\Partition0 - ok
22:58:45.0271 4052	Boot (0x1200)   (1caa08655c80866ef3e33dc640284374) \Device\Harddisk0\DR0\Partition1
22:58:45.0273 4052	\Device\Harddisk0\DR0\Partition1 - ok
22:58:45.0273 4052	============================================================
22:58:45.0273 4052	Scan finished
22:58:45.0273 4052	============================================================
22:58:45.0285 4768	Detected object count: 17
22:58:45.0285 4768	Actual detected object count: 17
22:59:56.0695 4768	Acer HomeMedia Connect Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0695 4768	Acer HomeMedia Connect Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:59:56.0697 4768	AcerMemUsageCheckService ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0697 4768	AcerMemUsageCheckService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:59:56.0701 4768	Akamai ( HiddenFile.Multi.Generic ) - skipped by user
22:59:56.0701 4768	Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 
22:59:56.0704 4768	DNIMp50 ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0704 4768	DNIMp50 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:59:56.0706 4768	DNISp50 ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0706 4768	DNISp50 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:59:56.0709 4768	eRecoveryService ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0709 4768	eRecoveryService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:59:56.0712 4768	eSettingsService ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0713 4768	eSettingsService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:59:56.0715 4768	LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0715 4768	LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:59:56.0717 4768	Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0718 4768	Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:59:56.0720 4768	NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0720 4768	NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:59:56.0722 4768	Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0723 4768	Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:59:56.0725 4768	PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0725 4768	PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:59:56.0728 4768	RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0728 4768	RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:59:56.0730 4768	ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0731 4768	ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:59:56.0733 4768	StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0733 4768	StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:59:56.0736 4768	tvicport ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0736 4768	tvicport ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:59:56.0739 4768	zntport ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0739 4768	zntport ( UnsignedFile.Multi.Generic ) - User select action: Skip