Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 06.07.2013, 15:23   #16
markusg
/// Malware-holic
 
Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren - Standard

Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren



das aus der code box in otl reinkopieren, und noch mal scannen dann das Log posten.
die weitere Konfiguration von otl entnimmst du dem Post von oben
(post12)
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 06.07.2013, 15:33   #17
Lisa88
 
Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren - Standard

Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren



Ich hoffe das war jetzt richtig...OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 7/6/2013 5:28:03 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.10.9200.16618)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 87.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files (x86)
Drive C: | 100.00 Mb Total Space | 74.34 Mb Free Space | 74.35% Space Free | Partition Type: NTFS
Drive D: | 286.27 Gb Total Space | 162.61 Gb Free Space | 56.80% Space Free | Partition Type: NTFS
Drive E: | 3.76 Gb Total Space | 0.01 Gb Free Space | 0.33% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto] -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009/09/30 08:44:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto] -- D:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/03 21:47:12 | 000,240,160 | ---- | M] (Acer) [Auto] -- D:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/03/27 22:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto] -- D:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2013/06/03 05:57:49 | 003,085,264 | ---- | M] () [Auto] -- D:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect)
SRV - [2013/05/28 09:05:16 | 000,163,328 | ---- | M] (Adobe Systems Incorporated) [Auto] -- D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/26 03:45:20 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand] -- D:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/03/06 08:36:52 | 000,093,984 | ---- | M] (Conduit) [Auto] -- D:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2010/03/18 08:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/24 18:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto] -- D:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009/09/11 01:42:46 | 000,305,448 | ---- | M] () [On_Demand] -- D:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009/08/28 05:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto] -- D:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 22:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto] -- D:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013/05/09 04:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System] -- D:\Windows\System32\Drivers\aswrdr2.sys -- (aswRdr)
DRV:64bit: - [2013/05/09 04:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto] -- D:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/04/25 06:11:36 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/12/07 08:23:02 | 000,034,304 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\lgandmodem64.sys -- (ANDModem)
DRV:64bit: - [2010/12/07 08:23:00 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\lganddiag64.sys -- (AndDiag)
DRV:64bit: - [2010/12/07 08:23:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\lgandgps64.sys -- (AndGps)
DRV:64bit: - [2010/12/07 08:22:58 | 000,019,456 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\lgandbus64.sys -- (Andbus)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 06:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009/09/21 15:00:44 | 001,537,024 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/08/21 17:24:04 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009/06/20 07:35:00 | 000,317,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2009/06/19 22:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- D:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 16:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/04 20:46:50 | 000,216,064 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/06/02 23:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System] -- D:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/02 23:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System] -- D:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/02 23:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System] -- D:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009/05/24 23:57:42 | 000,243,760 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/04/06 21:31:08 | 001,208,320 | ---- | M] (LSI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2008/08/28 05:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand] -- D:\Windows\System32\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2007/05/14 10:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand] -- D:\Windows\System32\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2009/08/27 01:30:17 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto] -- D:\Windows\SysWOW64\drivers\SSPORT.SYS -- (SSPORT)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Dering_ON_D\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = 
IE - HKU\Dering_ON_D\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7736&r=27360510g116l0418z1l5t5571a069
IE - HKU\Dering_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?ctid=CT3281675&octid=CT3281675&SearchSource=61&CUI=UN15546393371845519&UM=UM_ID&UP=SPD52FEFB4-9B24-4C4C-80F6-0982B4EFFA52
IE - HKU\Dering_ON_D\..\URLSearchHook: {e44a1809-4d10-4ab8-b343-3326b64c7cdd} - Reg Error: Key error. File not found
IE - HKU\Dering_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Dering_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\Gast_ON_D\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7736&r=27360510g116l0418z1l5t5571a069
IE - HKU\Gast_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7736&r=27360510g116l0418z1l5t5571a069
IE - HKU\Gast_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Gast_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
 
 
IE - HKU\TGF_ON_D\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7736&r=27360510g116l0418z1l5t5571a069
IE - HKU\TGF_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7736&r=27360510g116l0418z1l5t5571a069
IE - HKU\TGF_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\TGF_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "entrusted Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3281675&CUI=UN36289850181548933&UM=2&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Delta Search"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "www.google.de"
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\System32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE:  File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=:  
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0:  File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin: D:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: D:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: D:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE:  
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: D:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: D:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3:  File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9:  File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: D:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/05/31 05:41:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011/12/30 11:38:30 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Dering\AppData\Roaming\Mozilla\Extensions
[2013/05/02 03:51:59 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Dering\AppData\Roaming\Mozilla\Firefox\Profiles\arn92git.default\extensions
[2013/05/02 03:51:59 | 000,000,000 | ---D | M] (Delta Toolbar) -- D:\Users\Dering\AppData\Roaming\Mozilla\Firefox\Profiles\arn92git.default\extensions\ffxtlbr@delta.com
[2012/06/23 06:25:51 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Dering\AppData\Roaming\Mozilla\Firefox\Profiles\rwh12oly.default\extensions
[2010/08/08 23:17:40 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- D:\Users\Dering\AppData\Roaming\Mozilla\Firefox\Profiles\rwh12oly.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2012/06/23 06:25:51 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- D:\Users\Dering\AppData\Roaming\Mozilla\Firefox\Profiles\rwh12oly.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2013/05/02 03:52:12 | 000,006,473 | ---- | M] () -- D:\Users\Dering\AppData\Roaming\Mozilla\Firefox\Profiles\arn92git.default\searchplugins\babylon.xml
[2013/05/02 03:52:12 | 000,006,473 | ---- | M] () -- D:\Users\Dering\AppData\Roaming\Mozilla\Firefox\Profiles\arn92git.default\searchplugins\BrowserProtect.xml
[2013/03/10 14:15:17 | 000,000,995 | ---- | M] () -- D:\Users\Dering\AppData\Roaming\Mozilla\Firefox\Profiles\arn92git.default\searchplugins\conduit.xml
[2013/05/02 03:52:01 | 000,001,294 | ---- | M] () -- D:\Users\Dering\AppData\Roaming\Mozilla\Firefox\Profiles\arn92git.default\searchplugins\delta.xml
[2013/05/26 03:45:27 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files (x86)\Mozilla Firefox\extensions
[2013/05/02 03:51:56 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com
[2013/05/26 03:45:26 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/05/26 03:45:26 | 000,000,000 | ---D | M] (Default) -- D:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- 
[2013/05/02 03:51:52 | 000,006,470 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (entrusted Toolbar) - {e44a1809-4d10-4ab8-b343-3326b64c7cdd} - D:\Program Files (x86)\entrusted\prxtbentr.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (entrusted Toolbar) - {e44a1809-4d10-4ab8-b343-3326b64c7cdd} - D:\Program Files (x86)\entrusted\prxtbentr.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\Dering_ON_D\..\Toolbar\WebBrowser: (entrusted Toolbar) - {E44A1809-4D10-4AB8-B343-3326B64C7CDD} - D:\Program Files (x86)\entrusted\prxtbentr.dll (Conduit Ltd.)
O3 - HKU\TGF_ON_D\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\TGF_ON_D\..\Toolbar\WebBrowser: (entrusted Toolbar) - {E44A1809-4D10-4AB8-B343-3326B64C7CDD} - D:\Program Files (x86)\entrusted\prxtbentr.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Acer ePower Management] D:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [IAAnotif] D:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] D:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [APSDaemon] D:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] D:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LManager] D:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Samsung PanelMgr] D:\Windows\Samsung\PanelMgr\ssmmgr.exe ()
O4 - HKLM..\Run: [SearchProtectAll] D:\Program Files (x86)\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKU\.DEFAULT..\Run: [SearchProtect]  File not found
O4 - HKU\Dering_ON_D..\Run: [SearchProtect] D:\Users\Dering\AppData\Roaming\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKU\Gast_ON_D..\Run: [RESTART_STICKY_NOTES]  File not found
O4 - HKU\LocalService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\TGF_ON_D..\Run: [RESTART_STICKY_NOTES]  File not found
O4 - HKU\TGF_ON_D..\Run: [SearchProtect] D:\Users\TGF\AppData\Roaming\SearchProtect\bin\cltmng.exe (Conduit)
O4:64bit: - HKLM..\RunOnce: [*Restore] D:\Windows\System32\rstrui.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_D..\RunOnce: [mctadmin]  File not found
O4 - HKU\NetworkService_ON_D..\RunOnce: [mctadmin]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - D:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - D:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} Reg Error: Value error. (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll) - D:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/07/06 17:04:31 | 000,000,000 | -HSD | C] -- D:\RECYCLER
[2013/07/06 16:41:50 | 000,000,000 | ---D | C] -- D:\FRST
[2013/07/06 09:13:25 | 000,000,000 | ---D | C] -- D:\Program Files\HitmanPro
[2013/07/06 08:45:15 | 000,000,000 | ---D | C] -- D:\ProgramData\HitmanPro
[2013/06/25 13:50:33 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\DVDVideoSoft
[2013/06/25 13:50:32 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\DVDVideoSoft
[2013/06/25 13:12:19 | 003,958,784 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jscript9.dll
[2013/06/25 13:12:19 | 002,877,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript9.dll
[2013/06/25 13:12:19 | 001,509,376 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\inetcpl.cpl
[2013/06/25 13:12:19 | 001,441,280 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\inetcpl.cpl
[2013/06/25 13:12:19 | 001,400,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dat
[2013/06/25 13:12:19 | 001,400,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dat
[2013/06/25 13:12:19 | 001,054,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MsSpellCheckingFacility.exe
[2013/06/25 13:12:19 | 000,905,728 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtmlmedia.dll
[2013/06/25 13:12:19 | 000,855,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jscript.dll
[2013/06/25 13:12:19 | 000,762,368 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dll
[2013/06/25 13:12:19 | 000,719,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmlmedia.dll
[2013/06/25 13:12:19 | 000,690,688 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript.dll
[2013/06/25 13:12:19 | 000,629,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dll
[2013/06/25 13:12:19 | 000,603,136 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeeds.dll
[2013/06/25 13:12:19 | 000,599,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vbscript.dll
[2013/06/25 13:12:19 | 000,526,336 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieui.dll
[2013/06/25 13:12:19 | 000,493,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeeds.dll
[2013/06/25 13:12:19 | 000,452,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dxtmsft.dll
[2013/06/25 13:12:19 | 000,441,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\html.iec
[2013/06/25 13:12:19 | 000,391,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieui.dll
[2013/06/25 13:12:19 | 000,361,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\html.iec
[2013/06/25 13:12:19 | 000,357,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtmsft.dll
[2013/06/25 13:12:19 | 000,281,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dxtrans.dll
[2013/06/25 13:12:19 | 000,235,008 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\url.dll
[2013/06/25 13:12:19 | 000,232,960 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\url.dll
[2013/06/25 13:12:19 | 000,226,816 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtrans.dll
[2013/06/25 13:12:19 | 000,226,304 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\elshyph.dll
[2013/06/25 13:12:19 | 000,216,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msls31.dll
[2013/06/25 13:12:19 | 000,197,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msrating.dll
[2013/06/25 13:12:19 | 000,185,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\elshyph.dll
[2013/06/25 13:12:19 | 000,173,568 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieUnatt.exe
[2013/06/25 13:12:19 | 000,167,424 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iexpress.exe
[2013/06/25 13:12:19 | 000,163,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msrating.dll
[2013/06/25 13:12:19 | 000,158,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msls31.dll
[2013/06/25 13:12:19 | 000,150,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iexpress.exe
[2013/06/25 13:12:19 | 000,149,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\occache.dll
[2013/06/25 13:12:19 | 000,144,896 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wextract.exe
[2013/06/25 13:12:19 | 000,138,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wextract.exe
[2013/06/25 13:12:19 | 000,137,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieUnatt.exe
[2013/06/25 13:12:19 | 000,136,704 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iesysprep.dll
[2013/06/25 13:12:19 | 000,136,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iepeers.dll
[2013/06/25 13:12:19 | 000,135,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\IEAdvpack.dll
[2013/06/25 13:12:19 | 000,125,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\occache.dll
[2013/06/25 13:12:19 | 000,117,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iepeers.dll
[2013/06/25 13:12:19 | 000,110,592 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\IEAdvpack.dll
[2013/06/25 13:12:19 | 000,109,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iesysprep.dll
[2013/06/25 13:12:19 | 000,102,912 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\inseng.dll
[2013/06/25 13:12:19 | 000,097,280 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtmled.dll
[2013/06/25 13:12:19 | 000,092,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\SetIEInstalledDate.exe
[2013/06/25 13:12:19 | 000,089,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\RegisterIEPKEYs.exe
[2013/06/25 13:12:19 | 000,082,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\inseng.dll
[2013/06/25 13:12:19 | 000,081,408 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\icardie.dll
[2013/06/25 13:12:19 | 000,079,872 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmled.dll
[2013/06/25 13:12:19 | 000,077,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tdc.ocx
[2013/06/25 13:12:19 | 000,073,728 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/06/25 13:12:19 | 000,071,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/06/25 13:12:19 | 000,069,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\icardie.dll
[2013/06/25 13:12:19 | 000,067,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iesetup.dll
[2013/06/25 13:12:19 | 000,062,976 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\pngfilt.dll
[2013/06/25 13:12:19 | 000,061,952 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\tdc.ocx
[2013/06/25 13:12:19 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iesetup.dll
[2013/06/25 13:12:19 | 000,057,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\pngfilt.dll
[2013/06/25 13:12:19 | 000,051,712 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ie4uinit.exe
[2013/06/25 13:12:19 | 000,051,200 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\imgutil.dll
[2013/06/25 13:12:19 | 000,048,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmler.dll
[2013/06/25 13:12:19 | 000,048,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtmler.dll
[2013/06/25 13:12:19 | 000,039,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iernonce.dll
[2013/06/25 13:12:19 | 000,038,400 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\imgutil.dll
[2013/06/25 13:12:19 | 000,033,280 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iernonce.dll
[2013/06/25 13:12:19 | 000,027,648 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\licmgr10.dll
[2013/06/25 13:12:19 | 000,023,040 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\licmgr10.dll
[2013/06/25 13:12:19 | 000,013,824 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshta.exe
[2013/06/25 13:12:19 | 000,012,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeedssync.exe
[2013/06/25 13:12:19 | 000,011,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeedssync.exe
[2013/06/25 13:10:11 | 003,928,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d2d1.dll
[2013/06/25 13:10:11 | 003,419,136 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d2d1.dll
[2013/06/25 13:10:11 | 002,776,576 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msmpeg2vdec.dll
[2013/06/25 13:10:11 | 002,565,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10warp.dll
[2013/06/25 13:10:11 | 002,284,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msmpeg2vdec.dll
[2013/06/25 13:10:11 | 001,988,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10warp.dll
[2013/06/25 13:10:11 | 001,682,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XpsPrint.dll
[2013/06/25 13:10:11 | 001,643,520 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\DWrite.dll
[2013/06/25 13:10:11 | 001,424,384 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WindowsCodecs.dll
[2013/06/25 13:10:11 | 001,247,744 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\DWrite.dll
[2013/06/25 13:10:11 | 001,238,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10.dll
[2013/06/25 13:10:11 | 001,158,144 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XpsPrint.dll
[2013/06/25 13:10:11 | 001,080,832 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10.dll
[2013/06/25 13:10:11 | 000,648,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10level9.dll
[2013/06/25 13:10:11 | 000,604,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10level9.dll
[2013/06/25 13:10:11 | 000,522,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XpsGdiConverter.dll
[2013/06/25 13:10:11 | 000,465,920 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WMPhoto.dll
[2013/06/25 13:10:11 | 000,417,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\WMPhoto.dll
[2013/06/25 13:10:11 | 000,364,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XpsGdiConverter.dll
[2013/06/25 13:10:11 | 000,363,008 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dxgi.dll
[2013/06/25 13:10:11 | 000,333,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10_1core.dll
[2013/06/25 13:10:11 | 000,296,960 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10core.dll
[2013/06/25 13:10:11 | 000,293,376 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dxgi.dll
[2013/06/25 13:10:11 | 000,249,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10_1core.dll
[2013/06/25 13:10:11 | 000,245,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WindowsCodecsExt.dll
[2013/06/25 13:10:11 | 000,221,184 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\UIAnimation.dll
[2013/06/25 13:10:11 | 000,220,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10core.dll
[2013/06/25 13:10:11 | 000,207,872 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\WindowsCodecsExt.dll
[2013/06/25 13:10:11 | 000,194,560 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10_1.dll
[2013/06/25 13:10:11 | 000,187,392 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\UIAnimation.dll
[2013/06/25 13:10:11 | 000,161,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10_1.dll
[2013/06/25 13:10:11 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/06/25 13:10:11 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/06/25 13:10:11 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/06/25 13:10:11 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/06/25 13:10:11 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/06/25 13:10:11 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/06/25 13:10:11 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/06/25 13:10:11 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/06/25 13:10:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/06/25 13:10:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/06/25 13:10:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/06/25 13:10:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/06/25 13:10:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/06/25 13:10:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013/06/25 13:10:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/06/25 13:10:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/06/25 13:10:11 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/06/25 13:10:11 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/06/25 12:57:25 | 000,163,328 | ---- | C] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerUpdateService.exe
[2013/06/25 12:57:23 | 000,000,000 | ---D | C] -- D:\Users\Dering\AppData\Roaming\File Scout
[2013/06/24 14:27:24 | 000,000,000 | ---D | C] -- D:\Users\TGF\AppData\Local\Apple Computer
[2013/06/24 13:43:33 | 000,000,000 | ---D | C] -- D:\Users\TGF\Desktop\Arbeitsbeschreibung Parkhausgesellschaft Stadt Kassel
[2013/06/12 01:00:12 | 001,887,232 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d11.dll
[2013/06/12 01:00:11 | 001,505,280 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d11.dll
[2013/06/12 00:58:18 | 000,751,104 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\win32spl.dll
[2013/06/12 00:58:17 | 000,492,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\win32spl.dll
[2013/06/12 00:58:11 | 000,030,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\cryptdlg.dll
[2013/06/12 00:58:11 | 000,024,576 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\cryptdlg.dll
[2013/06/12 00:57:58 | 001,192,448 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\certutil.exe
[2013/06/12 00:57:57 | 001,464,320 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\crypt32.dll
[2013/06/12 00:57:57 | 000,903,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\certutil.exe
[2013/06/12 00:57:56 | 000,139,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\cryptnet.dll
[2013/06/12 00:57:55 | 000,052,224 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\certenc.dll
[2013/06/12 00:57:54 | 000,043,008 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\certenc.dll
[2009/10/29 01:58:47 | 000,036,136 | ---- | C] (Oberon Media) -- D:\ProgramData\FullRemove.exe
 
========== Files - Modified Within 30 Days ==========
 
[2013/07/06 09:15:41 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2013/07/06 09:12:23 | 3217,199,104 | -HS- | M] () -- D:\hiberfil.sys
[2013/06/26 17:28:54 | 275,295,072 | ---- | M] () -- D:\Windows\MEMORY.DMP
[2013/06/26 10:30:02 | 000,000,884 | ---- | M] () -- D:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/26 06:14:18 | 000,659,672 | ---- | M] () -- D:\Windows\System32\perfh007.dat
[2013/06/26 06:14:18 | 000,621,514 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2013/06/26 06:14:18 | 000,132,708 | ---- | M] () -- D:\Windows\System32\perfc007.dat
[2013/06/26 06:14:18 | 000,109,090 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2013/06/26 06:02:27 | 000,022,832 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/26 06:02:27 | 000,022,832 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/25 13:51:10 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2013/06/25 13:51:09 | 000,001,243 | ---- | M] () -- D:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
[2013/06/25 13:51:08 | 000,001,306 | ---- | M] () -- D:\Users\Public\Desktop\Free YouTube Download.lnk
[2013/06/25 13:12:19 | 003,958,784 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\jscript9.dll
[2013/06/25 13:12:19 | 002,877,440 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript9.dll
[2013/06/25 13:12:19 | 001,509,376 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\inetcpl.cpl
[2013/06/25 13:12:19 | 001,441,280 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\inetcpl.cpl
[2013/06/25 13:12:19 | 001,400,416 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dat
[2013/06/25 13:12:19 | 001,400,416 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dat
[2013/06/25 13:12:19 | 001,054,720 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\MsSpellCheckingFacility.exe
[2013/06/25 13:12:19 | 000,905,728 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\mshtmlmedia.dll
[2013/06/25 13:12:19 | 000,855,552 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\jscript.dll
[2013/06/25 13:12:19 | 000,762,368 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dll
[2013/06/25 13:12:19 | 000,719,360 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmlmedia.dll
[2013/06/25 13:12:19 | 000,690,688 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript.dll
[2013/06/25 13:12:19 | 000,629,248 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dll
[2013/06/25 13:12:19 | 000,603,136 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msfeeds.dll
[2013/06/25 13:12:19 | 000,599,552 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\vbscript.dll
[2013/06/25 13:12:19 | 000,526,336 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieui.dll
[2013/06/25 13:12:19 | 000,493,056 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeeds.dll
[2013/06/25 13:12:19 | 000,452,096 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\dxtmsft.dll
[2013/06/25 13:12:19 | 000,441,856 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\html.iec
[2013/06/25 13:12:19 | 000,391,168 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieui.dll
[2013/06/25 13:12:19 | 000,361,984 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\html.iec
[2013/06/25 13:12:19 | 000,357,888 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtmsft.dll
[2013/06/25 13:12:19 | 000,281,600 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\dxtrans.dll
[2013/06/25 13:12:19 | 000,235,008 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\url.dll
[2013/06/25 13:12:19 | 000,232,960 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\url.dll
[2013/06/25 13:12:19 | 000,226,816 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtrans.dll
[2013/06/25 13:12:19 | 000,226,304 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\elshyph.dll
[2013/06/25 13:12:19 | 000,216,064 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msls31.dll
[2013/06/25 13:12:19 | 000,197,120 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msrating.dll
[2013/06/25 13:12:19 | 000,185,344 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\elshyph.dll
[2013/06/25 13:12:19 | 000,173,568 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieUnatt.exe
[2013/06/25 13:12:19 | 000,167,424 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iexpress.exe
[2013/06/25 13:12:19 | 000,163,840 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msrating.dll
[2013/06/25 13:12:19 | 000,158,720 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msls31.dll
[2013/06/25 13:12:19 | 000,150,528 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\iexpress.exe
[2013/06/25 13:12:19 | 000,149,504 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\occache.dll
[2013/06/25 13:12:19 | 000,144,896 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\wextract.exe
[2013/06/25 13:12:19 | 000,138,752 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\wextract.exe
[2013/06/25 13:12:19 | 000,137,216 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieUnatt.exe
[2013/06/25 13:12:19 | 000,136,704 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iesysprep.dll
[2013/06/25 13:12:19 | 000,136,192 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iepeers.dll
[2013/06/25 13:12:19 | 000,135,680 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\IEAdvpack.dll
[2013/06/25 13:12:19 | 000,125,440 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\occache.dll
[2013/06/25 13:12:19 | 000,117,248 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\iepeers.dll
[2013/06/25 13:12:19 | 000,110,592 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\IEAdvpack.dll
[2013/06/25 13:12:19 | 000,109,056 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\iesysprep.dll
[2013/06/25 13:12:19 | 000,102,912 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\inseng.dll
[2013/06/25 13:12:19 | 000,097,280 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\mshtmled.dll
[2013/06/25 13:12:19 | 000,092,160 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\SetIEInstalledDate.exe
[2013/06/25 13:12:19 | 000,089,600 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\RegisterIEPKEYs.exe
[2013/06/25 13:12:19 | 000,082,432 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\inseng.dll
[2013/06/25 13:12:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\icardie.dll
[2013/06/25 13:12:19 | 000,079,872 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmled.dll
[2013/06/25 13:12:19 | 000,077,312 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\tdc.ocx
[2013/06/25 13:12:19 | 000,073,728 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/06/25 13:12:19 | 000,071,680 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/06/25 13:12:19 | 000,069,120 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\icardie.dll
[2013/06/25 13:12:19 | 000,067,072 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iesetup.dll
[2013/06/25 13:12:19 | 000,062,976 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\pngfilt.dll
[2013/06/25 13:12:19 | 000,061,952 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\tdc.ocx
[2013/06/25 13:12:19 | 000,061,440 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\iesetup.dll
[2013/06/25 13:12:19 | 000,057,344 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\pngfilt.dll
[2013/06/25 13:12:19 | 000,051,712 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ie4uinit.exe
[2013/06/25 13:12:19 | 000,051,200 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\imgutil.dll
[2013/06/25 13:12:19 | 000,048,640 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmler.dll
[2013/06/25 13:12:19 | 000,048,640 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\mshtmler.dll
[2013/06/25 13:12:19 | 000,039,936 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iernonce.dll
[2013/06/25 13:12:19 | 000,038,400 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\imgutil.dll
[2013/06/25 13:12:19 | 000,033,280 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\iernonce.dll
[2013/06/25 13:12:19 | 000,027,648 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\licmgr10.dll
[2013/06/25 13:12:19 | 000,025,185 | ---- | M] () -- D:\Windows\SysWow64\ieuinit.inf
[2013/06/25 13:12:19 | 000,025,185 | ---- | M] () -- D:\Windows\System32\ieuinit.inf
[2013/06/25 13:12:19 | 000,023,040 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\licmgr10.dll
[2013/06/25 13:12:19 | 000,013,824 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\mshta.exe
[2013/06/25 13:12:19 | 000,012,800 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msfeedssync.exe
[2013/06/25 13:12:19 | 000,011,776 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeedssync.exe
[2013/06/25 13:10:11 | 003,928,064 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d2d1.dll
[2013/06/25 13:10:11 | 003,419,136 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d2d1.dll
[2013/06/25 13:10:11 | 002,776,576 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msmpeg2vdec.dll
[2013/06/25 13:10:11 | 002,565,120 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10warp.dll
[2013/06/25 13:10:11 | 002,284,544 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msmpeg2vdec.dll
[2013/06/25 13:10:11 | 001,988,096 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10warp.dll
[2013/06/25 13:10:11 | 001,682,432 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\XpsPrint.dll
[2013/06/25 13:10:11 | 001,643,520 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\DWrite.dll
[2013/06/25 13:10:11 | 001,424,384 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\WindowsCodecs.dll
[2013/06/25 13:10:11 | 001,247,744 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\DWrite.dll
[2013/06/25 13:10:11 | 001,238,528 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10.dll
[2013/06/25 13:10:11 | 001,158,144 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\XpsPrint.dll
[2013/06/25 13:10:11 | 001,080,832 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10.dll
[2013/06/25 13:10:11 | 000,648,192 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10level9.dll
[2013/06/25 13:10:11 | 000,604,160 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10level9.dll
[2013/06/25 13:10:11 | 000,522,752 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\XpsGdiConverter.dll
[2013/06/25 13:10:11 | 000,465,920 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\WMPhoto.dll
[2013/06/25 13:10:11 | 000,417,792 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\WMPhoto.dll
[2013/06/25 13:10:11 | 000,364,544 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\XpsGdiConverter.dll
[2013/06/25 13:10:11 | 000,363,008 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\dxgi.dll
[2013/06/25 13:10:11 | 000,333,312 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10_1core.dll
[2013/06/25 13:10:11 | 000,296,960 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10core.dll
[2013/06/25 13:10:11 | 000,293,376 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\dxgi.dll
[2013/06/25 13:10:11 | 000,249,856 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10_1core.dll
[2013/06/25 13:10:11 | 000,245,248 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\WindowsCodecsExt.dll
[2013/06/25 13:10:11 | 000,221,184 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\UIAnimation.dll
[2013/06/25 13:10:11 | 000,220,160 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10core.dll
[2013/06/25 13:10:11 | 000,207,872 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\WindowsCodecsExt.dll
[2013/06/25 13:10:11 | 000,194,560 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10_1.dll
[2013/06/25 13:10:11 | 000,187,392 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\UIAnimation.dll
[2013/06/25 13:10:11 | 000,161,792 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10_1.dll
[2013/06/25 13:10:11 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/06/25 13:10:11 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/06/25 13:10:11 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/06/25 13:10:11 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/06/25 13:10:11 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/06/25 13:10:11 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/06/25 13:10:11 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/06/25 13:10:11 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/06/25 13:10:11 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/06/25 13:10:11 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/06/25 13:10:11 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/06/25 13:10:11 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/06/25 13:10:11 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/06/25 13:10:11 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013/06/25 13:10:11 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/06/25 13:10:11 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/06/25 13:10:11 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/06/25 13:10:11 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/06/25 13:07:25 | 000,001,021 | ---- | M] () -- D:\Users\Public\Desktop\CCleaner.lnk
[2013/06/25 12:58:58 | 000,001,926 | ---- | M] () -- D:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/06/25 12:58:50 | 000,000,000 | ---- | M] () -- D:\Windows\SysWow64\config.nt
[2013/06/12 09:32:15 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerApp.exe
[2013/06/12 09:32:14 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerCPLApp.cpl
 
========== Files Created - No Company Name ==========
 
[2013/06/26 17:28:54 | 275,295,072 | ---- | C] () -- D:\Windows\MEMORY.DMP
[2013/06/25 13:51:09 | 000,001,243 | ---- | C] () -- D:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
[2013/06/25 13:51:08 | 000,001,306 | ---- | C] () -- D:\Users\Public\Desktop\Free YouTube Download.lnk
[2013/06/25 13:12:19 | 000,025,185 | ---- | C] () -- D:\Windows\SysWow64\ieuinit.inf
[2013/06/25 13:12:19 | 000,025,185 | ---- | C] () -- D:\Windows\System32\ieuinit.inf
[2013/04/14 13:07:16 | 000,000,063 | ---- | C] () -- D:\Windows\wininit.ini
[2013/02/18 13:56:33 | 000,000,057 | ---- | C] () -- D:\ProgramData\Ament.ini
[2013/01/09 04:34:34 | 000,002,918 | ---- | C] () -- D:\ProgramData\dsgsdgdsgdsgw.js
[2012/12/08 06:57:01 | 000,001,453 | ---- | C] () -- D:\Users\Dering\AppData\Local\recently-used.xbel
[2012/02/14 10:01:32 | 001,456,640 | ---- | C] () -- D:\Program Files (x86)\Common Files\Falk Navi-Manager.msi
[2011/12/15 11:30:13 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{1DDB9783-CE94-4ECB-89A1-8C362A9DF922}
[2011/12/15 01:13:41 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{52B52355-5DFD-4D50-B371-DB08B18B0887}
[2011/12/14 03:22:41 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{D9907929-9510-4658-B2DB-5941CE94C9AD}
[2011/12/10 06:45:05 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{BDA0F482-7997-4722-9547-27C61B1D89D0}
[2011/12/09 10:57:27 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{128C8FD9-055B-4B96-8EB7-CE04F088CFFE}
[2011/12/07 09:32:04 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{8A3E6A7C-F122-4CBF-8C02-C0C5A74D9A55}
[2011/12/07 07:02:52 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{7C4EC87C-FA47-40ED-8630-05D41DC44A66}
[2011/11/21 10:03:30 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{D536E06A-85E8-4689-8CFC-EA5D4FF55583}
[2011/11/14 13:35:59 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{D64CD1DD-F621-466F-A280-36E3D08D6E5C}
[2011/11/14 13:22:39 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{CA496DC1-EC49-4993-A9FF-7EBDD029F2E8}
[2011/11/14 00:19:46 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{D0392F49-AA52-4D67-9A34-0E8B08663C19}
[2011/11/13 11:04:47 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{01A69873-4AAD-4646-A45A-73FB4A463529}
[2011/11/09 07:18:11 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{460DDFA1-3F8C-4EAE-B641-7308C269A428}
[2011/11/02 13:04:41 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{32C30D43-7B70-43CF-B0A7-68DFD29F22BA}
[2011/10/30 13:44:25 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{5F19DD9B-AE0F-4461-BBFC-7A74760927EE}
[2011/10/30 04:46:52 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{6170A097-C28E-40DF-A800-814BFF246185}
[2011/10/23 14:32:31 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{E7B73B1D-5BA1-48FB-B6E8-406B83F5C39C}
[2011/10/23 14:19:27 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{2AE83C55-69DA-4133-A32F-79FF7D9720ED}
[2011/10/23 06:50:56 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{6A33DB10-EDF3-4ED3-81E3-4A1C625D4ADE}
[2011/10/23 03:21:07 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{2CC1D5EF-14FB-4DEB-B1B6-0D74351EE10A}
[2011/10/20 13:23:51 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{E0135E79-D6D9-4288-8AE1-75474B26854E}
[2011/10/16 23:53:27 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{05911F29-EA20-47D4-B63F-1BB93897EF72}
[2011/10/04 11:58:12 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{B033988B-6BAA-4252-AB7C-12198EFB7306}
[2011/09/22 13:59:03 | 000,006,144 | ---- | C] () -- D:\Users\Dering\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/09/19 14:18:47 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{83ADFF90-3BD2-4B1A-879A-A981C423676A}
[2011/09/19 04:05:18 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{50BC20CF-DEEF-4352-849F-2563DAC3480E}
[2011/09/17 03:25:55 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{05D17433-36F9-4826-9007-57161425891F}
[2011/09/13 11:36:28 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{CC2A56B2-D340-498C-B3B4-58EDD8F12C86}
[2011/09/13 04:32:13 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{20E3CC42-28A0-41F1-8D1F-D176DA32204B}
[2011/09/12 03:45:22 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{402AC76F-C600-4A86-BDAE-6265231CF5F1}
[2011/09/07 12:27:54 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{5D5DFB8A-D971-4A7C-AC1B-8FABFFD48AEF}
[2011/08/30 02:54:54 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{2053A0A0-A632-4823-9FE7-D70E28BBE453}
[2011/08/29 06:22:36 | 001,552,498 | ---- | C] () -- D:\Windows\SysWow64\PerfStringBackup.INI
[2011/08/14 06:04:47 | 000,053,248 | ---- | C] () -- D:\Windows\SysWow64\CommonDL.dll
[2011/08/14 06:04:47 | 000,002,413 | ---- | C] () -- D:\Windows\SysWow64\lgAxconfig.ini
[2011/07/23 05:27:18 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{64B0CD9C-83AE-44AB-9DE1-17A8B0A39EC2}
[2011/07/04 09:48:50 | 000,000,000 | ---- | C] () -- D:\Users\Dering\AppData\Local\{AD843891-0F2F-4FFB-8C8B-4AEB08C37EB2}
[2011/06/14 01:33:15 | 000,252,928 | ---- | C] () -- D:\Windows\SysWow64\DShowRdpFilter.dll
[2011/02/26 14:58:36 | 000,000,741 | ---- | C] () -- D:\Windows\wiso.ini
[2010/11/16 14:03:25 | 000,482,408 | ---- | C] () -- D:\Windows\ssndii.exe
[2010/07/01 14:20:42 | 000,000,000 | ---- | C] () -- D:\Windows\nsreg.dat
[2010/04/12 19:49:22 | 000,001,744 | ---- | C] () -- D:\Windows\WPatchProgress.ini
[2010/04/12 10:28:41 | 000,000,033 | ---- | C] () -- D:\Windows\LaunApp.ini
[2010/04/12 10:15:12 | 000,200,704 | ---- | C] () -- D:\Windows\PLFSetI.exe
[2010/04/12 10:15:12 | 000,000,188 | ---- | C] () -- D:\Windows\PidList.ini
[2010/04/12 10:15:11 | 000,106,496 | ---- | C] () -- D:\Windows\FixUVC.exe
[2009/10/28 13:54:34 | 000,000,193 | ---- | C] () -- D:\Windows\Prelaunch.ini
[2009/10/28 13:54:34 | 000,000,168 | ---- | C] () -- D:\Windows\WisLangCode.ini
[2009/10/28 13:54:34 | 000,000,147 | ---- | C] () -- D:\Windows\WisPriority.ini
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- D:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- D:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- D:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:59:36 | 000,982,196 | ---- | C] () -- D:\Windows\SysWow64\igkrng500.bin
[2009/07/13 17:59:36 | 000,139,824 | ---- | C] () -- D:\Windows\SysWow64\igfcg500.bin
[2009/07/13 17:59:36 | 000,097,448 | ---- | C] () -- D:\Windows\SysWow64\igfcg500m.bin
[2009/07/13 17:59:35 | 000,417,344 | ---- | C] () -- D:\Windows\SysWow64\igcompkrng500.bin
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- D:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\SysWow64\mlang.dat
[2008/10/07 03:13:30 | 000,197,912 | ---- | C] () -- D:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 03:13:22 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelFrench.dll
 
========== LOP Check ==========
 
[2009/10/28 13:36:55 | 000,000,000 | ---D | M] -- D:\ProgramData\Acer
[2010/06/03 10:41:59 | 000,000,000 | ---D | M] -- D:\ProgramData\Alawar Entertainment
[2010/05/15 07:23:09 | 000,000,000 | ---D | M] -- D:\ProgramData\Alwil Software
[2010/05/15 05:12:30 | 000,000,000 | -HSD | M] -- D:\ProgramData\Anwendungsdaten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Application Data
[2010/05/15 10:33:08 | 000,000,000 | ---D | M] -- D:\ProgramData\Arcade Lab
[2013/01/09 05:07:09 | 000,000,000 | ---D | M] -- D:\ProgramData\AVAST Software
[2013/05/02 03:51:37 | 000,000,000 | ---D | M] -- D:\ProgramData\Babylon
[2009/10/29 02:10:22 | 000,000,000 | ---D | M] -- D:\ProgramData\BackupManager
[2010/06/03 04:21:26 | 000,000,000 | ---D | M] -- D:\ProgramData\BanzaiInteractive
[2010/06/02 14:20:38 | 000,000,000 | ---D | M] -- D:\ProgramData\BC Soft Games
[2010/06/04 12:40:45 | 000,000,000 | ---D | M] -- D:\ProgramData\Becky Brogan
[2013/06/04 08:25:31 | 000,000,000 | ---D | M] -- D:\ProgramData\BrowserProtect
[2012/03/08 05:36:56 | 000,000,000 | ---D | M] -- D:\ProgramData\Buhl Data Service GmbH
[2011/04/30 10:08:00 | 000,000,000 | ---D | M] -- D:\ProgramData\Canneverbe Limited
[2012/05/08 14:21:47 | 000,000,000 | -H-D | M] -- D:\ProgramData\Common Files
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Documents
[2010/05/15 05:12:30 | 000,000,000 | -HSD | M] -- D:\ProgramData\Dokumente
[2010/04/12 10:14:31 | 000,000,000 | ---D | M] -- D:\ProgramData\EgisTec
[2009/10/29 03:46:17 | 000,000,000 | ---D | M] -- D:\ProgramData\eSobi
[2012/12/13 15:02:33 | 000,000,000 | ---D | M] -- D:\ProgramData\f-secure
[2010/07/11 13:35:24 | 000,000,000 | ---D | M] -- D:\ProgramData\FarmFrenzy2
[2010/05/15 05:12:30 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favoriten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favorites
[2010/06/28 04:04:37 | 000,000,000 | ---D | M] -- D:\ProgramData\Flood Light Games
[2010/06/01 05:54:59 | 000,000,000 | ---D | M] -- D:\ProgramData\Friends Games
[2012/12/08 06:31:28 | 000,000,000 | ---D | M] -- D:\ProgramData\fssg
[2010/06/03 14:55:05 | 000,000,000 | ---D | M] -- D:\ProgramData\fullscreen=true
[2013/07/06 08:45:15 | 000,000,000 | ---D | M] -- D:\ProgramData\HitmanPro
[2010/06/28 05:29:09 | 000,000,000 | ---D | M] -- D:\ProgramData\Intenium
[2010/06/05 16:04:30 | 000,000,000 | ---D | M] -- D:\ProgramData\JollyBear
[2011/08/14 06:10:39 | 000,000,000 | ---D | M] -- D:\ProgramData\LGMOBILEAX
[2010/05/15 05:14:44 | 000,000,000 | ---D | M] -- D:\ProgramData\McQcModifier-5c47-a7b0
[2012/04/05 13:07:52 | 000,000,000 | ---D | M] -- D:\ProgramData\Nokia
[2011/09/22 13:22:46 | 000,000,000 | ---D | M] -- D:\ProgramData\NokiaInstallerCache
[2010/05/15 05:12:50 | 000,000,000 | ---D | M] -- D:\ProgramData\OEM
[2010/07/02 01:17:34 | 000,000,000 | ---D | M] -- D:\ProgramData\Partner
[2011/11/13 11:06:09 | 000,000,000 | ---D | M] -- D:\ProgramData\PC Suite
[2010/06/01 07:07:26 | 000,000,000 | ---D | M] -- D:\ProgramData\PlayFirst
[2010/06/27 07:05:33 | 000,000,000 | ---D | M] -- D:\ProgramData\Playrix Entertainment
[2010/05/26 19:27:06 | 000,000,000 | ---D | M] -- D:\ProgramData\Sandlot Games
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Start Menu
[2010/05/15 05:12:30 | 000,000,000 | -HSD | M] -- D:\ProgramData\Startmenü
[2010/06/04 12:46:09 | 000,000,000 | ---D | M] -- D:\ProgramData\SugarGames
[2011/05/08 08:26:16 | 000,000,000 | ---D | M] -- D:\ProgramData\Temp
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Templates
[2012/05/08 14:22:24 | 000,000,000 | ---D | M] -- D:\ProgramData\TuneUp Software
[2010/05/15 05:12:30 | 000,000,000 | -HSD | M] -- D:\ProgramData\Vorlagen
[2012/05/08 14:21:47 | 000,000,000 | -HSD | M] -- D:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012/06/13 10:55:07 | 000,000,000 | ---D | M] -- D:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2013/05/31 05:33:36 | 000,032,632 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 171 bytes -> D:\ProgramData\Temp:E2458802
@Alternate Data Stream - 153 bytes -> D:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 148 bytes -> D:\ProgramData\Temp:C22674B6
@Alternate Data Stream - 146 bytes -> D:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 144 bytes -> D:\ProgramData\Temp:78E0DF72
@Alternate Data Stream - 137 bytes -> D:\ProgramData\Temp:2556A8A0
@Alternate Data Stream - 133 bytes -> D:\ProgramData\Temp:93DE1838
@Alternate Data Stream - 129 bytes -> D:\ProgramData\Temp:4673E9EA
@Alternate Data Stream - 125 bytes -> D:\ProgramData\Temp:E3C56885
@Alternate Data Stream - 124 bytes -> D:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 122 bytes -> D:\ProgramData\Temp:ABE89FFE
@Alternate Data Stream - 122 bytes -> D:\ProgramData\Temp:444C53BA
@Alternate Data Stream - 121 bytes -> D:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 118 bytes -> D:\ProgramData\Temp:4CF61E54
< End of report >
         
--- --- ---

OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 7/6/2013 5:28:03 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.10.9200.16618)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 87.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files (x86)
Drive C: | 100.00 Mb Total Space | 74.34 Mb Free Space | 74.35% Space Free | Partition Type: NTFS
Drive D: | 286.27 Gb Total Space | 162.61 Gb Free Space | 56.80% Space Free | Partition Type: NTFS
Drive E: | 3.76 Gb Total Space | 0.01 Gb Free Space | 0.33% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- D:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- D:\Windows\System32\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- D:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- D:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Dering\AppData\Roaming\File Scout\filescout.exe" /open "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Dering\AppData\Roaming\File Scout\filescout.exe" /open "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}" = Broadcom Gigabit NetLink Controller
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{AF43C18E-693D-4126-B190-8F55E3623D5D}" = HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät
"{F28BD099-9FC0-4A03-A605-E069B8D17D47}" = HP Officejet 6500 E710a-f - Grundlegende Software für das Gerät
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"LSI Soft Modem" = LSI HDA Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}" = Broadcom Gigabit NetLink Controller
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{AF43C18E-693D-4126-B190-8F55E3623D5D}" = HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät
"{F28BD099-9FC0-4A03-A605-E069B8D17D47}" = HP Officejet 6500 E710a-f - Grundlegende Software für das Gerät
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"LSI Soft Modem" = LSI HDA Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
 
< End of report >
         
--- --- ---
__________________


Alt 06.07.2013, 15:39   #18
markusg
/// Malware-holic
 
Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren - Standard

Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren



auf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort
rein:
Code:
ATTFilter
:OTL
O4 - HKU\TGF_ON_D..\Run: [RESTART_STICKY_NOTES]  File not found
O4 - HKU\TGF_ON_D..\Run: [SearchProtect] D:\Users\TGF\AppData\Roaming\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKU\TGF_ON_D..\Run: [SearchProtect] D:\Users\TGF\AppData\Roaming\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKU\TGF_ON_D..\Run: [RESTART_STICKY_NOTES]  File not found
O4 - HKU\Gast_ON_D..\Run: [RESTART_STICKY_NOTES]  File not found
O4 - HKU\Dering_ON_D..\Run: [SearchProtect] D:\Users\Dering\AppData\Roaming\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKU\.DEFAULT..\Run: [SearchProtect]  File not found
O4 - HKLM..\Run: [SearchProtectAll] D:\Program Files (x86)\SearchProtect\bin\cltmng.exe (Conduit)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll) - D:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll
()
:Files
:Commands
[EMPTYFLASH] 
[emptytemp]
         


dieses speicherst du auf nem usb stick als fix.txt
nutze nun wieder OTLPENet.exe (starte also von der erstellten cd) und hake alles an, wie es bereits im post zu OTLPENet.exe beschrieben ist.
• Klicke nun bitte auf den Fix Button.
es sollte nun eine meldung ähnlich dieser: "load fix from file" erscheinen, lade also die fix.txt von deinem stick.
wenn dies nicht funktioniert, bitte den fix manuell eintragen.
dann klicke erneut den fix buton. pc startet evtl. neu. wenn ja, nimm die cd aus dem laufwerk, windows sollte nun normal starten und die otl.txt öffnen,
log posten bitte.
__________________
__________________

Alt 06.07.2013, 15:54   #19
Lisa88
 
Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren - Standard

Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren



========== OTL ==========
Registry key HKEY_USERS\TGF_ON_D\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_USERS\TGF_ON_D\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.
D:\Users\TGF\AppData\Roaming\SearchProtect\bin\cltmng.exe moved successfully.
Registry key HKEY_USERS\TGF_ON_D\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.
File D:\Users\TGF\AppData\Roaming\SearchProtect\bin\cltmng.exe not found.
Registry key HKEY_USERS\TGF_ON_D\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_USERS\Gast_ON_D\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_USERS\Dering_ON_D\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.
D:\Users\Dering\AppData\Roaming\SearchProtect\bin\cltmng.exe moved successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.
Registry value HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\SearchProtectAll deleted successfully.
D:\Program Files (x86)\SearchProtect\bin\cltmng.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll deleted successfully.
D:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll moved successfully.
========== FILES ==========
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Dering

User: Gast

User: Public

User: TGF

Total Flash Files Cleaned = 0.00 mb


[EMPTYTEMP]

User: All Users

User: Default

User: Default User

User: Dering

User: Gast

User: Public

User: TGF

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 109694351 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42310318 bytes

Total Files Cleaned = 145.00 mb


OTLPE by OldTimer - Version 3.1.48.0 log created on 07062013_174945


Da der Rechner nicht von selbst runter gefahren ist, habe ich ihn mal runter gefahren und ohne CD gestartet. Kommt leider immernoch nach dem Windows-Symbol das schwarze Fenster mit Pfeil. :-(

Alt 06.07.2013, 15:56   #20
markusg
/// Malware-holic
 
Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren - Standard

Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren



kannst du mal neustarten und über f8 die Systemstart reperatur starten?

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 06.07.2013, 15:58   #21
Lisa88
 
Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren - Standard

Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren



"Die Starthilfe hat kein Problem erkannt"

Aber Systemwiederherstellung ginge jetzt wieder. Wäre das eine Option?

Alt 06.07.2013, 16:05   #22
markusg
/// Malware-holic
 
Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren - Standard

Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren



du meinst über f8 versuchs mal
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 06.07.2013, 16:14   #23
Lisa88
 
Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren - Standard

Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren



Ach Mensch...

Hat nicht geklappt:

"Unbekannter Fehler bei der Systemwiederherstellung. (0x80070002)"

Hast du noch ne Idee?

Moment...ich hab nen Anmeldebildschirm...

Komisch, jetzt bekomme ich die Info, dass die Systemwiederherstellung erfolgreich abgeschlossen wurde...

Alt 06.07.2013, 16:18   #24
markusg
/// Malware-holic
 
Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren - Standard

Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren



hmm versuch mal windows wie auf seite 1 bzw 2 hier beschrieben zu reparieren.
Windows 7 reparieren - com!-Magazin
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 06.07.2013, 16:18   #25
Lisa88
 
Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren - Standard

Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren



Aber egal, ich hab wieder nen Desktop! Super!
Wo kriege ich denn jetzt nen gutes Antivirus-Programm her?

Alt 06.07.2013, 16:19   #26
markusg
/// Malware-holic
 
Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren - Standard

Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren



ah du hast n desktop, sehr gut.
Absicherung kommt später.
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 06.07.2013, 16:28   #27
Lisa88
 
Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren - Standard

Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren



18:25:01.0753 5480 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:25:01.0945 5480 ============================================================
18:25:01.0945 5480 Current date / time: 2013/07/06 18:25:01.0945
18:25:01.0945 5480 SystemInfo:
18:25:01.0945 5480
18:25:01.0945 5480 OS Version: 6.1.7601 ServicePack: 1.0
18:25:01.0945 5480 Product type: Workstation
18:25:01.0945 5480 ComputerName: DERING-PC
18:25:01.0945 5480 UserName: Dering
18:25:01.0945 5480 Windows directory: C:\Windows
18:25:01.0945 5480 System windows directory: C:\Windows
18:25:01.0945 5480 Running under WOW64
18:25:01.0945 5480 Processor architecture: Intel x64
18:25:01.0945 5480 Number of processors: 2
18:25:01.0945 5480 Page size: 0x1000
18:25:01.0945 5480 Boot type: Normal boot
18:25:01.0945 5480 ============================================================
18:25:04.0405 5480 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:25:04.0445 5480 ============================================================
18:25:04.0445 5480 \Device\Harddisk0\DR0:
18:25:04.0545 5480 MBR partitions:
18:25:04.0545 5480 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x32000
18:25:04.0545 5480 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x17A2800, BlocksNum 0x23C8BAB0
18:25:04.0545 5480 ============================================================
18:25:04.0605 5480 C: <-> \Device\Harddisk0\DR0\Partition2
18:25:04.0605 5480 ============================================================
18:25:04.0605 5480 Initialize success
18:25:04.0605 5480 ============================================================
18:25:06.0677 5312 ============================================================
18:25:06.0677 5312 Scan started
18:25:06.0677 5312 Mode: Manual;
18:25:06.0677 5312 ============================================================
18:25:12.0056 5312 ================ Scan system memory ========================
18:25:12.0056 5312 System memory - ok
18:25:12.0056 5312 ================ Scan services =============================
18:25:13.0030 5312 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:25:13.0030 5312 1394ohci - ok
18:25:13.0230 5312 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:25:13.0266 5312 ACPI - ok
18:25:13.0837 5312 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:25:13.0840 5312 AcpiPmi - ok
18:25:14.0374 5312 [ 249A44DCFA2500EB1C020E33A3E9F25B ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:25:14.0374 5312 AdobeFlashPlayerUpdateSvc - ok
18:25:14.0514 5312 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:25:14.0524 5312 adp94xx - ok
18:25:14.0716 5312 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:25:14.0716 5312 adpahci - ok
18:25:14.0926 5312 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:25:14.0926 5312 adpu320 - ok
18:25:14.0988 5312 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:25:14.0990 5312 AeLookupSvc - ok
18:25:15.0195 5312 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:25:15.0248 5312 AFD - ok
18:25:15.0641 5312 [ B65F8DBA54F251906BBE8611B5A0E7AB ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
18:25:15.0641 5312 AgereModemAudio - ok
18:25:16.0841 5312 [ AF4748EF93416159459769A24A0053AF ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
18:25:16.0911 5312 AgereSoftModem - ok
18:25:17.0027 5312 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:25:17.0029 5312 agp440 - ok
18:25:17.0190 5312 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:25:17.0193 5312 ALG - ok
18:25:17.0260 5312 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:25:17.0261 5312 aliide - ok
18:25:17.0583 5312 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:25:17.0583 5312 amdide - ok
18:25:17.0733 5312 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:25:17.0733 5312 AmdK8 - ok
18:25:17.0753 5312 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:25:17.0753 5312 AmdPPM - ok
18:25:17.0993 5312 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:25:18.0003 5312 amdsata - ok
18:25:18.0163 5312 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:25:18.0253 5312 amdsbs - ok
18:25:18.0303 5312 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:25:18.0303 5312 amdxata - ok
18:25:18.0371 5312 [ 48CD7E6520D47D62EAB0E6CE3EC30C65 ] Andbus C:\Windows\system32\DRIVERS\lgandbus64.sys
18:25:18.0372 5312 Andbus - ok
18:25:18.0390 5312 Scan interrupted by user!
18:25:18.0390 5312 ================ Scan global ===============================
18:25:18.0390 5312 Scan interrupted by user!
18:25:18.0390 5312 ================ Scan MBR ==================================
18:25:18.0390 5312 Scan interrupted by user!
18:25:18.0390 5312 ================ Scan VBR ==================================
18:25:18.0390 5312 Scan interrupted by user!
18:25:18.0390 5312 ============================================================
18:25:18.0390 5312 Scan finished
18:25:18.0390 5312 ============================================================
18:25:18.0403 5308 Detected object count: 0
18:25:18.0403 5308 Actual detected object count: 0
18:25:25.0809 3364 ============================================================
18:25:25.0809 3364 Scan started
18:25:25.0809 3364 Mode: Manual; SigCheck; TDLFS;
18:25:25.0809 3364 ============================================================
18:25:27.0189 3364 ================ Scan system memory ========================
18:25:27.0189 3364 System memory - ok
18:25:27.0199 3364 ================ Scan services =============================
18:25:27.0546 3364 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:25:27.0753 3364 1394ohci - ok
18:25:27.0802 3364 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:25:27.0836 3364 ACPI - ok
18:25:27.0941 3364 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:25:28.0011 3364 AcpiPmi - ok
18:25:28.0461 3364 [ 249A44DCFA2500EB1C020E33A3E9F25B ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:25:28.0581 3364 AdobeFlashPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - warning
18:25:28.0581 3364 AdobeFlashPlayerUpdateSvc - detected UnsignedFile.Multi.Generic (1)
18:25:28.0631 3364 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:25:28.0671 3364 adp94xx - ok
18:25:28.0741 3364 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:25:28.0777 3364 adpahci - ok
18:25:28.0829 3364 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:25:28.0854 3364 adpu320 - ok
18:25:28.0887 3364 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:25:29.0070 3364 AeLookupSvc - ok
18:25:29.0126 3364 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:25:29.0229 3364 AFD - ok
18:25:29.0396 3364 [ B65F8DBA54F251906BBE8611B5A0E7AB ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
18:25:29.0476 3364 AgereModemAudio - ok
18:25:29.0536 3364 [ AF4748EF93416159459769A24A0053AF ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
18:25:29.0606 3364 AgereSoftModem - ok
18:25:29.0706 3364 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:25:29.0746 3364 agp440 - ok
18:25:29.0818 3364 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:25:29.0948 3364 ALG - ok
18:25:29.0988 3364 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:25:30.0028 3364 aliide - ok
18:25:30.0180 3364 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:25:30.0210 3364 amdide - ok
18:25:30.0382 3364 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:25:30.0546 3364 AmdK8 - ok
18:25:30.0575 3364 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:25:30.0642 3364 AmdPPM - ok
18:25:30.0712 3364 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:25:30.0742 3364 amdsata - ok
18:25:30.0974 3364 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:25:31.0004 3364 amdsbs - ok
18:25:31.0054 3364 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:25:31.0074 3364 amdxata - ok
18:25:31.0134 3364 [ 48CD7E6520D47D62EAB0E6CE3EC30C65 ] Andbus C:\Windows\system32\DRIVERS\lgandbus64.sys
18:25:31.0194 3364 Andbus - ok
18:25:31.0240 3364 [ 08CBACC00D15DCDBBAAE1A7C8F231C61 ] AndDiag C:\Windows\system32\DRIVERS\lganddiag64.sys
18:25:31.0276 3364 AndDiag - ok
18:25:31.0346 3364 [ CEA9A4CD6B3A83428CE8501240833668 ] AndGps C:\Windows\system32\DRIVERS\lgandgps64.sys
18:25:31.0386 3364 AndGps - ok
18:25:31.0438 3364 [ E2B5663E547FA5E756B253EFA8EC8286 ] ANDModem C:\Windows\system32\DRIVERS\lgandmodem64.sys
18:25:31.0488 3364 ANDModem - ok
18:25:31.0528 3364 [ 9815014F3E30357168DA272088C6F12F ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
18:25:31.0595 3364 ApfiltrService - ok
18:25:31.0666 3364 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:25:31.0832 3364 AppID - ok
18:25:31.0954 3364 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:25:32.0060 3364 AppIDSvc - ok
18:25:32.0140 3364 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
18:25:32.0200 3364 Appinfo - ok
18:25:32.0420 3364 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:25:32.0442 3364 Apple Mobile Device - ok
18:25:32.0494 3364 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
18:25:32.0534 3364 arc - ok
18:25:32.0574 3364 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:25:32.0604 3364 arcsas - ok
18:25:32.0696 3364 [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
18:25:32.0726 3364 aswFsBlk - ok
18:25:32.0828 3364 [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
18:25:32.0878 3364 aswMonFlt - ok
18:25:32.0909 3364 [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
18:25:32.0932 3364 aswRdr - ok
18:25:33.0040 3364 [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
18:25:33.0106 3364 aswRvrt - ok
18:25:33.0184 3364 [ 8C0800CDB501CFC1164B286A0478DC10 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
18:25:33.0292 3364 aswSnx - ok
18:25:33.0355 3364 [ 3815DB16CDA62190F5C0A65118F3D714 ] aswSP C:\Windows\system32\drivers\aswSP.sys
18:25:33.0400 3364 aswSP - ok
18:25:33.0460 3364 [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
18:25:33.0492 3364 aswTdi - ok
18:25:33.0741 3364 [ 22F521108881DC59837F6FC614E0568F ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
18:25:33.0822 3364 aswVmm - ok
18:25:33.0877 3364 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:25:33.0962 3364 AsyncMac - ok
18:25:34.0064 3364 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:25:34.0085 3364 atapi - ok
18:25:34.0187 3364 [ 88A02B6046356E6BE4E387FAA7451439 ] athr C:\Windows\system32\DRIVERS\athrx.sys
18:25:34.0299 3364 athr - ok
18:25:34.0377 3364 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:25:34.0537 3364 AudioEndpointBuilder - ok
18:25:34.0628 3364 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:25:34.0738 3364 AudioSrv - ok
18:25:34.0881 3364 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:25:34.0891 3364 avast! Antivirus - ok
18:25:34.0981 3364 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:25:35.0041 3364 AxInstSV - ok
18:25:35.0103 3364 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:25:35.0173 3364 b06bdrv - ok
18:25:35.0245 3364 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:25:35.0315 3364 b57nd60a - ok
18:25:35.0451 3364 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
18:25:35.0537 3364 BCM43XX - ok
18:25:35.0567 3364 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:25:35.0619 3364 BDESVC - ok
18:25:35.0649 3364 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:25:35.0766 3364 Beep - ok
18:25:35.0895 3364 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:25:36.0235 3364 BFE - ok
18:25:36.0297 3364 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
18:25:36.0433 3364 BITS - ok
18:25:36.0535 3364 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:25:36.0587 3364 blbdrive - ok
18:25:36.0699 3364 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:25:36.0729 3364 Bonjour Service - ok
18:25:36.0781 3364 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:25:36.0821 3364 bowser - ok
18:25:36.0851 3364 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:25:36.0921 3364 BrFiltLo - ok
18:25:36.0941 3364 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:25:37.0001 3364 BrFiltUp - ok
18:25:37.0041 3364 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:25:37.0101 3364 Browser - ok
18:25:37.0585 3364 [ 981794879E8FD26CDD6ABCFF3F3F65EF ] BrowserProtect C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
18:25:37.0695 3364 BrowserProtect - ok
18:25:37.0796 3364 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:25:37.0847 3364 Brserid - ok
18:25:37.0877 3364 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:25:37.0937 3364 BrSerWdm - ok
18:25:37.0972 3364 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:25:38.0019 3364 BrUsbMdm - ok
18:25:38.0039 3364 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:25:38.0081 3364 BrUsbSer - ok
18:25:38.0111 3364 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:25:38.0161 3364 BTHMODEM - ok
18:25:38.0223 3364 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:25:38.0283 3364 bthserv - ok
18:25:38.0437 3364 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:25:38.0555 3364 cdfs - ok
18:25:38.0693 3364 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
18:25:38.0843 3364 cdrom - ok
18:25:38.0906 3364 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:25:38.0968 3364 CertPropSvc - ok
18:25:39.0050 3364 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:25:39.0087 3364 circlass - ok
18:25:39.0139 3364 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:25:39.0169 3364 CLFS - ok
18:25:39.0431 3364 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:25:39.0451 3364 clr_optimization_v2.0.50727_32 - ok
18:25:39.0525 3364 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:25:39.0572 3364 clr_optimization_v2.0.50727_64 - ok
18:25:39.0653 3364 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:25:39.0693 3364 clr_optimization_v4.0.30319_32 - ok
18:25:39.0745 3364 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:25:39.0765 3364 clr_optimization_v4.0.30319_64 - ok
18:25:39.0849 3364 [ 09D38AEC081F064FD67B8B9C49790020 ] CltMngSvc C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
18:25:39.0868 3364 CltMngSvc - ok
18:25:39.0947 3364 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:25:40.0049 3364 CmBatt - ok
18:25:40.0189 3364 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:25:40.0211 3364 cmdide - ok
18:25:40.0286 3364 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
18:25:40.0358 3364 CNG - ok
18:25:40.0448 3364 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:25:40.0458 3364 Compbatt - ok
18:25:40.0550 3364 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:25:40.0604 3364 CompositeBus - ok
18:25:40.0634 3364 COMSysApp - ok
18:25:40.0663 3364 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:25:40.0688 3364 crcdisk - ok
18:25:40.0754 3364 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:25:40.0832 3364 CryptSvc - ok
18:25:40.0962 3364 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:25:41.0014 3364 DcomLaunch - ok
18:25:41.0139 3364 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:25:41.0212 3364 defragsvc - ok
18:25:41.0271 3364 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:25:41.0459 3364 DfsC - ok
18:25:41.0491 3364 DgiVecp - ok
18:25:41.0537 3364 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:25:41.0657 3364 Dhcp - ok
18:25:41.0882 3364 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:25:42.0194 3364 discache - ok
18:25:42.0435 3364 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:25:42.0457 3364 Disk - ok
18:25:43.0001 3364 [ D5BCB77BE83CF99F508943945D46343D ] DKbFltr C:\Windows\syswow64\Drivers\DKbFltr.sys
18:25:43.0018 3364 DKbFltr - ok
18:25:43.0090 3364 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:25:43.0130 3364 Dnscache - ok
18:25:43.0182 3364 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:25:43.0262 3364 dot3svc - ok
18:25:43.0314 3364 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:25:43.0392 3364 DPS - ok
18:25:43.0422 3364 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:25:43.0446 3364 drmkaud - ok
18:25:43.0726 3364 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:25:43.0767 3364 DXGKrnl - ok
18:25:43.0842 3364 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:25:44.0001 3364 EapHost - ok
18:25:44.0172 3364 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:25:44.0278 3364 ebdrv - ok
18:25:44.0328 3364 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:25:44.0418 3364 EFS - ok
18:25:44.0500 3364 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:25:44.0590 3364 ehRecvr - ok
18:25:44.0750 3364 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:25:44.0820 3364 ehSched - ok
18:25:44.0953 3364 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:25:44.0997 3364 elxstor - ok
18:25:45.0126 3364 [ FB67AA8AC61B9365ADD546139A21BED6 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
18:25:45.0191 3364 ePowerSvc - ok
18:25:45.0245 3364 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:25:45.0343 3364 ErrDev - ok
18:25:45.0553 3364 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:25:45.0664 3364 EventSystem - ok
18:25:45.0696 3364 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:25:45.0794 3364 exfat - ok
18:25:45.0822 3364 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:25:45.0877 3364 fastfat - ok
18:25:45.0948 3364 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:25:46.0018 3364 Fax - ok
18:25:46.0170 3364 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:25:46.0200 3364 fdc - ok
18:25:46.0383 3364 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:25:46.0514 3364 fdPHost - ok
18:25:46.0621 3364 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:25:46.0785 3364 FDResPub - ok
18:25:46.0849 3364 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:25:46.0869 3364 FileInfo - ok
18:25:46.0908 3364 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:25:47.0040 3364 Filetrace - ok
18:25:47.0082 3364 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:25:47.0132 3364 flpydisk - ok
18:25:47.0202 3364 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:25:47.0235 3364 FltMgr - ok
18:25:47.0294 3364 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
18:25:47.0376 3364 FontCache - ok
18:25:47.0488 3364 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:25:47.0529 3364 FontCache3.0.0.0 - ok
18:25:47.0565 3364 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:25:47.0586 3364 FsDepends - ok
18:25:47.0635 3364 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:25:47.0655 3364 Fs_Rec - ok
18:25:47.0732 3364 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:25:47.0763 3364 fvevol - ok
18:25:47.0821 3364 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:25:47.0846 3364 gagp30kx - ok
18:25:47.0976 3364 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:25:47.0995 3364 GEARAspiWDM - ok
18:25:48.0255 3364 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:25:48.0410 3364 gpsvc - ok
18:25:48.0544 3364 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
18:25:48.0630 3364 Greg_Service - ok
18:25:48.0711 3364 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:25:48.0771 3364 hcw85cir - ok
18:25:48.0859 3364 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:25:48.0911 3364 HdAudAddService - ok
18:25:48.0990 3364 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:25:49.0038 3364 HDAudBus - ok
18:25:49.0050 3364 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:25:49.0095 3364 HidBatt - ok
18:25:49.0123 3364 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:25:49.0163 3364 HidBth - ok
18:25:49.0210 3364 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:25:49.0313 3364 HidIr - ok
18:25:49.0387 3364 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:25:49.0592 3364 hidserv - ok
18:25:49.0676 3364 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:25:49.0702 3364 HidUsb - ok
18:25:49.0745 3364 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:25:49.0986 3364 hkmsvc - ok
18:25:50.0067 3364 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:25:50.0162 3364 HomeGroupListener - ok
18:25:50.0215 3364 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:25:50.0265 3364 HomeGroupProvider - ok
18:25:50.0315 3364 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:25:50.0345 3364 HpSAMD - ok
18:25:50.0417 3364 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:25:50.0507 3364 HTTP - ok
18:25:50.0704 3364 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:25:50.0721 3364 hwpolicy - ok
18:25:50.0823 3364 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:25:50.0903 3364 i8042prt - ok
18:25:51.0029 3364 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
18:25:51.0097 3364 IAANTMON - ok
18:25:51.0155 3364 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
18:25:51.0220 3364 iaStor - ok
18:25:51.0359 3364 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:25:51.0398 3364 iaStorV - ok
18:25:51.0610 3364 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:25:51.0690 3364 idsvc - ok
18:25:51.0945 3364 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
18:25:52.0229 3364 igfx - ok
18:25:52.0299 3364 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:25:52.0316 3364 iirsp - ok
18:25:52.0368 3364 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:25:52.0514 3364 IKEEXT - ok
18:25:52.0761 3364 [ 9AA6A93852E36FE76C3F7FC2904F3B01 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:25:52.0813 3364 IntcAzAudAddService - ok
18:25:52.0862 3364 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:25:52.0885 3364 intelide - ok
18:25:52.0963 3364 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:25:53.0010 3364 intelppm - ok
18:25:53.0048 3364 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:25:53.0092 3364 IPBusEnum - ok
18:25:53.0159 3364 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:25:53.0264 3364 IpFilterDriver - ok
18:25:53.0328 3364 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:25:53.0506 3364 iphlpsvc - ok
18:25:53.0578 3364 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:25:53.0598 3364 IPMIDRV - ok
18:25:53.0660 3364 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:25:53.0792 3364 IPNAT - ok
18:25:53.0883 3364 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:25:53.0961 3364 iPod Service - ok
18:25:54.0030 3364 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:25:54.0135 3364 IRENUM - ok
18:25:54.0172 3364 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:25:54.0192 3364 isapnp - ok
18:25:54.0256 3364 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:25:54.0285 3364 iScsiPrt - ok
18:25:54.0374 3364 [ 249EE2D26CB1530F3BEDE0AC8B9E3099 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
18:25:54.0394 3364 k57nd60a - ok
18:25:54.0497 3364 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
18:25:54.0527 3364 kbdclass - ok
18:25:54.0606 3364 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:25:54.0636 3364 kbdhid - ok
18:25:54.0646 3364 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:25:54.0679 3364 KeyIso - ok
18:25:54.0748 3364 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:25:54.0778 3364 KSecDD - ok
18:25:54.0816 3364 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:25:54.0840 3364 KSecPkg - ok
18:25:54.0879 3364 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:25:54.0964 3364 ksthunk - ok
18:25:55.0033 3364 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:25:55.0320 3364 KtmRm - ok
18:25:55.0398 3364 [ 2AC603C3188C704CFCE353659AA7AD71 ] L1E C:\Windows\system32\DRIVERS\L1E62x64.sys
18:25:55.0441 3364 L1E - ok
18:25:55.0490 3364 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:25:55.0580 3364 LanmanServer - ok
18:25:55.0642 3364 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:25:55.0712 3364 LanmanWorkstation - ok
18:25:55.0772 3364 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:25:55.0872 3364 lltdio - ok
18:25:55.0922 3364 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:25:56.0015 3364 lltdsvc - ok
18:25:56.0106 3364 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:25:56.0189 3364 lmhosts - ok
18:25:56.0242 3364 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:25:56.0272 3364 LSI_FC - ok
18:25:56.0293 3364 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:25:56.0314 3364 LSI_SAS - ok
18:25:56.0334 3364 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:25:56.0366 3364 LSI_SAS2 - ok
18:25:56.0379 3364 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:25:56.0405 3364 LSI_SCSI - ok
18:25:56.0429 3364 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:25:56.0515 3364 luafv - ok
18:25:56.0568 3364 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:25:56.0618 3364 Mcx2Svc - ok
18:25:56.0652 3364 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:25:56.0676 3364 megasas - ok
18:25:56.0725 3364 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:25:56.0760 3364 MegaSR - ok
18:25:56.0812 3364 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:25:56.0912 3364 MMCSS - ok
18:25:56.0942 3364 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:25:57.0012 3364 Modem - ok
18:25:57.0072 3364 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:25:57.0112 3364 monitor - ok
18:25:57.0172 3364 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
18:25:57.0202 3364 mouclass - ok
18:25:57.0264 3364 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:25:57.0294 3364 mouhid - ok
18:25:57.0342 3364 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:25:57.0356 3364 mountmgr - ok
18:25:57.0466 3364 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:25:57.0486 3364 MozillaMaintenance - ok
18:25:57.0556 3364 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:25:57.0590 3364 mpio - ok
18:25:57.0656 3364 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:25:57.0728 3364 mpsdrv - ok
18:25:57.0962 3364 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:25:58.0084 3364 MpsSvc - ok
18:25:58.0164 3364 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:25:58.0234 3364 MRxDAV - ok
18:25:58.0284 3364 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:25:58.0314 3364 mrxsmb - ok
18:25:58.0475 3364 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:25:58.0546 3364 mrxsmb10 - ok
18:25:58.0578 3364 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:25:58.0618 3364 mrxsmb20 - ok
18:25:58.0688 3364 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:25:58.0708 3364 msahci - ok
18:25:58.0824 3364 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:25:58.0849 3364 msdsm - ok
18:25:58.0877 3364 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:25:58.0962 3364 MSDTC - ok
18:25:59.0042 3364 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:25:59.0112 3364 Msfs - ok
18:25:59.0192 3364 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:25:59.0262 3364 mshidkmdf - ok
18:25:59.0362 3364 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:25:59.0392 3364 msisadrv - ok
18:25:59.0432 3364 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:25:59.0526 3364 MSiSCSI - ok
18:25:59.0532 3364 msiserver - ok
18:25:59.0634 3364 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:25:59.0714 3364 MSKSSRV - ok
18:25:59.0764 3364 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:25:59.0814 3364 MSPCLOCK - ok
18:25:59.0848 3364 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:25:59.0906 3364 MSPQM - ok
18:25:59.0966 3364 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:25:59.0996 3364 MsRPC - ok
18:26:00.0098 3364 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:26:00.0120 3364 mssmbios - ok
18:26:00.0149 3364 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:26:00.0268 3364 MSTEE - ok
18:26:00.0318 3364 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:26:00.0368 3364 MTConfig - ok
18:26:00.0408 3364 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:26:00.0438 3364 Mup - ok
18:26:00.0540 3364 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
18:26:00.0560 3364 mwlPSDFilter - ok
18:26:00.0610 3364 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
18:26:00.0620 3364 mwlPSDNServ - ok
18:26:00.0673 3364 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
18:26:00.0693 3364 mwlPSDVDisk - ok
18:26:00.0812 3364 [ 2F139207F618EC2933830227EEFFDDB4 ] MWLService C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
18:26:00.0832 3364 MWLService - ok
18:26:00.0882 3364 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:26:00.0992 3364 napagent - ok
18:26:01.0095 3364 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:26:01.0135 3364 NativeWifiP - ok
18:26:01.0247 3364 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:26:01.0318 3364 NDIS - ok
18:26:01.0369 3364 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:26:01.0461 3364 NdisCap - ok
18:26:01.0551 3364 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:26:01.0671 3364 NdisTapi - ok
18:26:01.0793 3364 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:26:01.0853 3364 Ndisuio - ok
18:26:01.0945 3364 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:26:02.0091 3364 NdisWan - ok
18:26:02.0137 3364 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:26:02.0244 3364 NDProxy - ok
18:26:02.0329 3364 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:26:02.0399 3364 NetBIOS - ok
18:26:02.0503 3364 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:26:02.0576 3364 NetBT - ok
18:26:02.0606 3364 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:26:02.0636 3364 Netlogon - ok
18:26:02.0736 3364 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:26:02.0843 3364 Netman - ok
18:26:02.0871 3364 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:26:02.0983 3364 netprofm - ok
18:26:03.0200 3364 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:26:03.0220 3364 NetTcpPortSharing - ok
18:26:03.0292 3364 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:26:03.0312 3364 nfrd960 - ok
18:26:03.0414 3364 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:26:03.0474 3364 NlaSvc - ok
18:26:03.0554 3364 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:26:03.0604 3364 Npfs - ok
18:26:03.0707 3364 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:26:03.0826 3364 nsi - ok
18:26:03.0886 3364 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:26:03.0966 3364 nsiproxy - ok
18:26:04.0058 3364 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:26:04.0148 3364 Ntfs - ok
18:26:04.0248 3364 [ 14E66F603FB187713AEB02AD3B0390CF ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
18:26:04.0278 3364 NTI IScheduleSvc - ok
18:26:04.0388 3364 [ FD324CCE1D4D5BB5AF65F8E55B462C7E ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
18:26:04.0410 3364 NTIBackupSvc - ok
18:26:04.0520 3364 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
18:26:04.0540 3364 NTIDrvr - ok
18:26:04.0570 3364 [ 3F6268A2EC33CD38CF75C880AF8DED42 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
18:26:04.0640 3364 NTISchedulerSvc - ok
18:26:04.0680 3364 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:26:04.0791 3364 Null - ok
18:26:04.0878 3364 [ AD37248BD442D41C9A896E53EB8A85EE ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
18:26:04.0898 3364 NVHDA - ok
18:26:05.0233 3364 [ FD39B98FF1BB8ED3848781497E9D02E0 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:26:05.0473 3364 nvlddmkm - ok
18:26:05.0539 3364 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:26:05.0602 3364 nvraid - ok
18:26:05.0654 3364 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:26:05.0674 3364 nvstor - ok
18:26:05.0754 3364 [ C1668D58547DD0C4A0FBD6AFA20D5890 ] nvsvc C:\Windows\system32\nvvsvc.exe
18:26:05.0774 3364 nvsvc - ok
18:26:05.0824 3364 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:26:05.0854 3364 nv_agp - ok
18:26:06.0018 3364 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:26:06.0048 3364 odserv - ok
18:26:06.0088 3364 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:26:06.0118 3364 ohci1394 - ok
18:26:06.0218 3364 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:26:06.0238 3364 ose - ok
18:26:06.0318 3364 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:26:06.0410 3364 p2pimsvc - ok
18:26:06.0504 3364 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:26:06.0530 3364 p2psvc - ok
18:26:06.0560 3364 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:26:06.0660 3364 Parport - ok
18:26:06.0702 3364 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:26:06.0722 3364 partmgr - ok
18:26:06.0742 3364 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:26:06.0804 3364 PcaSvc - ok
18:26:06.0884 3364 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
18:26:06.0924 3364 pccsmcfd - ok
18:26:06.0964 3364 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:26:06.0994 3364 pci - ok
18:26:07.0039 3364 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:26:07.0086 3364 pciide - ok
18:26:07.0156 3364 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:26:07.0176 3364 pcmcia - ok
18:26:07.0196 3364 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:26:07.0216 3364 pcw - ok
18:26:07.0246 3364 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:26:07.0336 3364 PEAUTH - ok
18:26:07.0544 3364 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:26:07.0629 3364 PerfHost - ok
18:26:07.0785 3364 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:26:07.0925 3364 pla - ok
18:26:08.0015 3364 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:26:08.0145 3364 PlugPlay - ok
18:26:08.0194 3364 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:26:08.0267 3364 PNRPAutoReg - ok
18:26:08.0315 3364 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:26:08.0334 3364 PNRPsvc - ok
18:26:08.0604 3364 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:26:08.0698 3364 PolicyAgent - ok
18:26:08.0742 3364 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:26:08.0830 3364 Power - ok
18:26:08.0913 3364 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:26:08.0986 3364 PptpMiniport - ok
18:26:09.0027 3364 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:26:09.0072 3364 Processor - ok
18:26:09.0122 3364 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:26:09.0202 3364 ProfSvc - ok
18:26:09.0232 3364 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:26:09.0262 3364 ProtectedStorage - ok
18:26:09.0374 3364 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:26:09.0436 3364 Psched - ok
18:26:09.0666 3364 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:26:09.0786 3364 ql2300 - ok
18:26:09.0926 3364 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:26:09.0961 3364 ql40xx - ok
18:26:10.0021 3364 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:26:10.0094 3364 QWAVE - ok
18:26:10.0126 3364 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:26:10.0206 3364 QWAVEdrv - ok
18:26:10.0238 3364 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:26:10.0308 3364 RasAcd - ok
18:26:10.0380 3364 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:26:10.0452 3364 RasAgileVpn - ok
18:26:10.0496 3364 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:26:10.0550 3364 RasAuto - ok
18:26:10.0643 3364 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:26:10.0753 3364 Rasl2tp - ok
18:26:11.0005 3364 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:26:11.0067 3364 RasMan - ok
18:26:11.0127 3364 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:26:11.0217 3364 RasPppoe - ok
18:26:11.0269 3364 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:26:11.0327 3364 RasSstp - ok
18:26:11.0369 3364 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:26:11.0429 3364 rdbss - ok
18:26:11.0459 3364 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:26:11.0509 3364 rdpbus - ok
18:26:11.0541 3364 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:26:11.0621 3364 RDPCDD - ok
18:26:11.0673 3364 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:26:11.0733 3364 RDPENCDD - ok
18:26:11.0833 3364 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:26:11.0973 3364 RDPREFMP - ok
18:26:12.0023 3364 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:26:12.0113 3364 RDPWD - ok
18:26:12.0173 3364 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:26:12.0203 3364 rdyboost - ok
18:26:12.0248 3364 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:26:12.0328 3364 RemoteAccess - ok
18:26:12.0381 3364 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:26:12.0466 3364 RemoteRegistry - ok
18:26:12.0525 3364 [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
18:26:12.0565 3364 RimUsb - ok
18:26:12.0615 3364 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:26:12.0703 3364 RpcEptMapper - ok
18:26:12.0747 3364 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:26:12.0829 3364 RpcLocator - ok
18:26:12.0889 3364 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:26:12.0939 3364 RpcSs - ok
18:26:13.0009 3364 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:26:13.0059 3364 rspndr - ok
18:26:13.0149 3364 [ 2DB8116D52B19216812C4E6D5D837810 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
18:26:13.0219 3364 RSUSBSTOR - ok
18:26:13.0229 3364 RtsUIR - ok
18:26:13.0249 3364 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:26:13.0279 3364 SamSs - ok
18:26:13.0309 3364 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:26:13.0339 3364 sbp2port - ok
18:26:13.0401 3364 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:26:13.0487 3364 SCardSvr - ok
18:26:13.0551 3364 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:26:13.0619 3364 scfilter - ok
18:26:13.0863 3364 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:26:13.0973 3364 Schedule - ok
18:26:14.0063 3364 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:26:14.0113 3364 SCPolicySvc - ok
18:26:14.0233 3364 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:26:14.0343 3364 SDRSVC - ok
18:26:14.0425 3364 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:26:14.0512 3364 secdrv - ok
18:26:14.0607 3364 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:26:14.0695 3364 seclogon - ok
18:26:14.0770 3364 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:26:14.0886 3364 SENS - ok
18:26:14.0917 3364 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:26:15.0044 3364 SensrSvc - ok
18:26:15.0091 3364 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:26:15.0177 3364 Serenum - ok
18:26:15.0233 3364 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:26:15.0283 3364 Serial - ok
18:26:15.0373 3364 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:26:15.0433 3364 sermouse - ok
18:26:15.0507 3364 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:26:15.0555 3364 SessionEnv - ok
18:26:15.0637 3364 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:26:15.0754 3364 sffdisk - ok
18:26:15.0783 3364 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:26:15.0898 3364 sffp_mmc - ok
18:26:15.0928 3364 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:26:16.0054 3364 sffp_sd - ok
18:26:16.0156 3364 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:26:16.0277 3364 sfloppy - ok
18:26:16.0340 3364 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:26:16.0528 3364 SharedAccess - ok
18:26:16.0594 3364 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:26:16.0673 3364 ShellHWDetection - ok
18:26:16.0745 3364 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:26:16.0765 3364 SiSRaid2 - ok
18:26:16.0817 3364 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:26:16.0867 3364 SiSRaid4 - ok
18:26:16.0932 3364 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:26:17.0079 3364 Smb - ok
18:26:17.0189 3364 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:26:17.0237 3364 SNMPTRAP - ok
18:26:17.0274 3364 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:26:17.0297 3364 spldr - ok
18:26:17.0432 3364 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:26:17.0615 3364 Spooler - ok
18:26:18.0003 3364 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:26:18.0315 3364 sppsvc - ok
18:26:18.0354 3364 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:26:18.0424 3364 sppuinotify - ok
18:26:18.0486 3364 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:26:18.0576 3364 srv - ok
18:26:18.0616 3364 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:26:18.0668 3364 srv2 - ok
18:26:18.0729 3364 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:26:18.0868 3364 srvnet - ok
18:26:19.0142 3364 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:26:19.0245 3364 SSDPSRV - ok
18:26:19.0275 3364 SSPORT - ok
18:26:19.0307 3364 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:26:19.0427 3364 SstpSvc - ok
18:26:19.0533 3364 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:26:19.0574 3364 stexstor - ok
18:26:19.0666 3364 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:26:19.0816 3364 stisvc - ok
18:26:19.0856 3364 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:26:19.0876 3364 swenum - ok
18:26:19.0906 3364 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:26:20.0020 3364 swprv - ok
18:26:20.0138 3364 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:26:20.0303 3364 SysMain - ok
18:26:20.0356 3364 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:26:20.0390 3364 TabletInputService - ok
18:26:20.0450 3364 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:26:20.0587 3364 TapiSrv - ok
18:26:20.0679 3364 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:26:20.0779 3364 TBS - ok
18:26:21.0019 3364 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:26:21.0215 3364 Tcpip - ok
18:26:21.0315 3364 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:26:21.0378 3364 TCPIP6 - ok
18:26:21.0422 3364 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:26:21.0482 3364 tcpipreg - ok
18:26:21.0540 3364 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:26:21.0557 3364 TDPIPE - ok
18:26:21.0612 3364 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:26:21.0669 3364 TDTCP - ok
18:26:21.0751 3364 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:26:21.0841 3364 tdx - ok
18:26:21.0921 3364 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:26:21.0941 3364 TermDD - ok
18:26:22.0011 3364 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:26:22.0161 3364 TermService - ok
18:26:22.0241 3364 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:26:22.0311 3364 Themes - ok
18:26:22.0425 3364 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:26:22.0483 3364 THREADORDER - ok
18:26:22.0509 3364 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:26:22.0608 3364 TrkWks - ok
18:26:23.0065 3364 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:26:23.0165 3364 TrustedInstaller - ok
18:26:23.0255 3364 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:26:23.0325 3364 tssecsrv - ok
18:26:23.0425 3364 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:26:23.0465 3364 TsUsbFlt - ok
18:26:23.0564 3364 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:26:23.0647 3364 tunnel - ok
18:26:23.0717 3364 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:26:23.0737 3364 uagp35 - ok
18:26:23.0819 3364 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
18:26:23.0839 3364 UBHelper - ok
18:26:23.0970 3364 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:26:24.0092 3364 udfs - ok
18:26:24.0132 3364 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:26:24.0172 3364 UI0Detect - ok
18:26:24.0202 3364 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:26:24.0222 3364 uliagpkx - ok
18:26:24.0302 3364 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
18:26:24.0372 3364 umbus - ok
18:26:24.0402 3364 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:26:24.0452 3364 UmPass - ok
18:26:24.0662 3364 [ 70DDE3A86DBEB1D6C3C30AD687B1877A ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
18:26:24.0692 3364 Updater Service - ok
18:26:24.0738 3364 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:26:24.0834 3364 upnphost - ok
18:26:24.0916 3364 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:26:24.0976 3364 USBAAPL64 - ok
18:26:25.0048 3364 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:26:25.0134 3364 usbccgp - ok
18:26:25.0146 3364 USBCCID - ok
18:26:25.0280 3364 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:26:25.0460 3364 usbcir - ok
18:26:25.0530 3364 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:26:25.0610 3364 usbehci - ok
18:26:25.0680 3364 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:26:25.0740 3364 usbhub - ok
18:26:25.0770 3364 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:26:25.0820 3364 usbohci - ok
18:26:25.0904 3364 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:26:25.0974 3364 usbprint - ok
18:26:26.0020 3364 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:26:26.0086 3364 usbscan - ok
18:26:26.0146 3364 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
18:26:26.0166 3364 usbser - ok
18:26:26.0196 3364 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:26:26.0290 3364 USBSTOR - ok
18:26:26.0391 3364 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:26:26.0421 3364 usbuhci - ok
18:26:26.0571 3364 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
18:26:26.0611 3364 usbvideo - ok
18:26:26.0683 3364 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:26:26.0763 3364 UxSms - ok
18:26:26.0803 3364 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:26:26.0823 3364 VaultSvc - ok
18:26:26.0953 3364 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:26:26.0988 3364 vdrvroot - ok
18:26:27.0126 3364 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:26:27.0208 3364 vds - ok
18:26:27.0462 3364 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:26:27.0540 3364 vga - ok
18:26:27.0594 3364 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:26:27.0692 3364 VgaSave - ok
18:26:28.0092 3364 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:26:28.0122 3364 vhdmp - ok
18:26:28.0330 3364 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:26:28.0353 3364 viaide - ok
18:26:28.0419 3364 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:26:28.0436 3364 volmgr - ok
18:26:28.0486 3364 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:26:28.0527 3364 volmgrx - ok
18:26:28.0741 3364 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:26:28.0770 3364 volsnap - ok
18:26:28.0831 3364 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:26:28.0861 3364 vsmraid - ok
18:26:28.0931 3364 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:26:29.0071 3364 VSS - ok
18:26:29.0104 3364 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:26:29.0124 3364 vwifibus - ok
18:26:29.0154 3364 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:26:29.0254 3364 vwififlt - ok
18:26:29.0314 3364 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:26:29.0364 3364 vwifimp - ok
18:26:29.0486 3364 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:26:29.0683 3364 W32Time - ok
18:26:29.0748 3364 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:26:29.0845 3364 WacomPen - ok
18:26:29.0949 3364 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:26:30.0050 3364 WANARP - ok
18:26:30.0102 3364 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:26:30.0156 3364 Wanarpv6 - ok
18:26:30.0284 3364 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:26:30.0374 3364 WatAdminSvc - ok
18:26:30.0524 3364 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:26:31.0278 3364 wbengine - ok
18:26:31.0352 3364 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:26:31.0475 3364 WbioSrvc - ok
18:26:31.0524 3364 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:26:31.0588 3364 wcncsvc - ok
18:26:31.0659 3364 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:26:31.0722 3364 WcsPlugInService - ok
18:26:31.0852 3364 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:26:31.0892 3364 Wd - ok
18:26:31.0962 3364 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:26:32.0042 3364 Wdf01000 - ok
18:26:32.0092 3364 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:26:32.0232 3364 WdiServiceHost - ok
18:26:32.0232 3364 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:26:32.0272 3364 WdiSystemHost - ok
18:26:32.0598 3364 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:26:32.0700 3364 WebClient - ok
18:26:32.0756 3364 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:26:32.0938 3364 Wecsvc - ok
18:26:33.0081 3364 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:26:33.0189 3364 wercplsupport - ok
18:26:33.0251 3364 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:26:33.0321 3364 WerSvc - ok
18:26:33.0391 3364 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:26:33.0441 3364 WfpLwf - ok
18:26:33.0481 3364 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:26:33.0501 3364 WIMMount - ok
18:26:33.0655 3364 WinDefend - ok
18:26:33.0665 3364 WinHttpAutoProxySvc - ok
18:26:33.0735 3364 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:26:33.0825 3364 Winmgmt - ok
18:26:34.0150 3364 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:26:34.0437 3364 WinRM - ok
18:26:34.0551 3364 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:26:34.0581 3364 WinUsb - ok
18:26:34.0631 3364 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:26:34.0731 3364 Wlansvc - ok
18:26:34.0831 3364 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:26:34.0861 3364 WmiAcpi - ok
18:26:34.0911 3364 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:26:34.0951 3364 wmiApSrv - ok
18:26:35.0041 3364 WMPNetworkSvc - ok
18:26:35.0111 3364 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:26:35.0131 3364 WPCSvc - ok
18:26:35.0277 3364 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:26:35.0307 3364 WPDBusEnum - ok
18:26:35.0359 3364 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:26:35.0428 3364 ws2ifsl - ok
18:26:35.0495 3364 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
18:26:35.0567 3364 wscsvc - ok
18:26:35.0580 3364 WSearch - ok
18:26:35.0749 3364 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:26:35.0899 3364 wuauserv - ok
18:26:36.0029 3364 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:26:36.0089 3364 WudfPf ( UnsignedFile.Multi.Generic ) - warning
18:26:36.0089 3364 WudfPf - detected UnsignedFile.Multi.Generic (1)
18:26:36.0159 3364 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:26:36.0209 3364 WUDFRd - ok
18:26:36.0239 3364 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:26:36.0309 3364 wudfsvc - ok
18:26:36.0361 3364 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
18:26:36.0451 3364 WwanSvc - ok
18:26:36.0523 3364 ================ Scan global ===============================
18:26:36.0623 3364 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:26:36.0673 3364 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:26:36.0703 3364 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:26:36.0753 3364 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:26:36.0836 3364 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:26:36.0845 3364 [Global] - ok
18:26:36.0849 3364 ================ Scan MBR ==================================
18:26:36.0876 3364 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
18:26:37.0697 3364 \Device\Harddisk0\DR0 - ok
18:26:37.0707 3364 ================ Scan VBR ==================================
18:26:37.0743 3364 [ FE44C5939DAE77930245D45EFDE18909 ] \Device\Harddisk0\DR0\Partition1
18:26:37.0744 3364 \Device\Harddisk0\DR0\Partition1 - ok
18:26:37.0755 3364 [ 8540CD68D56BC7D745180CE8B9746CEB ] \Device\Harddisk0\DR0\Partition2
18:26:37.0756 3364 \Device\Harddisk0\DR0\Partition2 - ok
18:26:37.0757 3364 ============================================================
18:26:37.0757 3364 Scan finished
18:26:37.0757 3364 ============================================================
18:26:37.0769 5632 Detected object count: 2
18:26:37.0769 5632 Actual detected object count: 2
18:26:58.0223 5632 AdobeFlashPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - skipped by user
18:26:58.0223 5632 AdobeFlashPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:26:58.0224 5632 WudfPf ( UnsignedFile.Multi.Generic ) - skipped by user
18:26:58.0224 5632 WudfPf ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:27:08.0718 5472 Deinitialize success

Alt 06.07.2013, 16:33   #28
markusg
/// Malware-holic
 
Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren - Standard

Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren



Hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 06.07.2013, 16:58   #29
Lisa88
 
Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren - Standard

Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren



Hier der Text:

Combofix Logfile:
Code:
ATTFilter
ComboFix 13-07-06.03 - Dering 06.07.2013  18:40:23.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4091.2501 [GMT 2:00]
ausgeführt von:: c:\users\Dering\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\Acer GameZone online.ico
c:\programdata\fullscreen=true
c:\programdata\fullscreen=true\Amazing Adventures\highscore.mse
c:\programdata\fullscreen=true\Amazing Adventures\Lisa.mse
c:\programdata\fullscreen=true\Amazing Adventures\options.mso
c:\programdata\fullscreen=true\Amazing Adventures\players.mse
c:\programdata\NVIDIA
c:\programdata\NVIDIA\NvApps.xml
c:\programdata\NVIDIA\NvStarted
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-06-06 bis 2013-07-06  ))))))))))))))))))))))))))))))
.
.
2013-07-06 21:49 . 2013-07-06 21:49	--------	d-----w-	C:\_OTL
2013-07-06 20:41 . 2013-07-06 20:41	--------	d-----w-	C:\FRST
2013-07-06 16:37 . 2013-07-06 16:37	76232	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{7E1BC7A5-F53D-48AA-AF13-AA3A01D749D7}\offreg.dll
2013-07-06 16:27 . 2013-06-17 00:10	9552976	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{7E1BC7A5-F53D-48AA-AF13-AA3A01D749D7}\mpengine.dll
2013-07-06 16:17 . 2013-05-28 13:05	163328	----a-w-	c:\windows\SysWow64\FlashPlayerUpdateService.exe
2013-07-06 13:13 . 2013-07-06 13:13	--------	d-----w-	c:\program files\HitmanPro
2013-07-06 12:45 . 2013-07-06 12:45	--------	d-----w-	c:\programdata\HitmanPro
2013-06-26 21:29 . 2013-07-07 02:12	--------	d-----w-	c:\windows\SysWow64\wbem\en-US
2013-06-26 21:29 . 2013-07-07 02:12	--------	d-----w-	c:\windows\system32\wbem\en-US
2013-06-25 16:57 . 2013-07-06 16:17	--------	d-----w-	c:\users\Dering\AppData\Roaming\File Scout
2013-06-24 18:27 . 2013-06-24 18:27	--------	d-----w-	c:\users\TGF\AppData\Local\Apple Computer
2013-06-12 05:00 . 2013-05-08 06:39	1910632	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-06-12 04:57 . 2013-05-13 03:43	1192448	----a-w-	c:\windows\system32\certutil.exe
2013-06-12 04:57 . 2013-05-13 05:51	1464320	----a-w-	c:\windows\system32\crypt32.dll
2013-06-12 04:57 . 2013-05-13 03:08	903168	----a-w-	c:\windows\SysWow64\certutil.exe
2013-06-12 04:57 . 2013-05-13 05:51	184320	----a-w-	c:\windows\system32\cryptsvc.dll
2013-06-12 04:57 . 2013-05-13 05:51	139776	----a-w-	c:\windows\system32\cryptnet.dll
2013-06-12 04:57 . 2013-05-13 04:45	1160192	----a-w-	c:\windows\SysWow64\crypt32.dll
2013-06-12 04:57 . 2013-05-13 05:50	52224	----a-w-	c:\windows\system32\certenc.dll
2013-06-12 04:57 . 2013-05-13 04:45	140288	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2013-06-12 04:57 . 2013-05-13 04:45	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2013-06-12 04:57 . 2013-05-13 03:08	43008	----a-w-	c:\windows\SysWow64\certenc.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-06 16:24 . 2013-04-14 17:08	189936	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2013-07-06 16:24 . 2013-01-09 09:08	378944	----a-w-	c:\windows\system32\drivers\aswSP.sys
2013-07-06 16:24 . 2013-01-09 09:07	1030952	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2013-06-12 13:32 . 2012-11-11 08:57	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-12 13:32 . 2012-02-06 05:33	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 13:19 . 2010-10-24 09:12	75825640	----a-w-	c:\windows\system32\MRT.exe
2013-05-09 08:59 . 2013-04-14 17:08	65336	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2013-01-09 09:07	72016	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2013-05-09 08:59 . 2013-01-09 09:07	64288	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2013-01-09 09:08	33400	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:59 . 2013-01-09 09:07	80816	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:58 . 2013-01-09 09:07	41664	----a-w-	c:\windows\avastSS.scr
2013-05-09 08:58 . 2011-01-14 05:25	287840	----a-w-	c:\windows\system32\aswBoot.exe
2013-05-02 00:06 . 2010-05-16 05:35	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-04-13 05:49 . 2013-05-15 12:31	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 12:31	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 12:31	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 12:31	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 12:31	474624	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 12:31	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 05:27	1656680	----a-w-	c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-15 12:31	265064	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-15 12:31	983400	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-15 12:31	3153920	----a-w-	c:\windows\system32\win32k.sys
2012-11-30 14:37 . 2012-02-14 14:01	1456640	----a-w-	c:\program files (x86)\Common Files\Falk Navi-Manager.msi
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{e44a1809-4d10-4ab8-b343-3326b64c7cdd}"= "c:\program files (x86)\entrusted\prxtbentr.dll" [2012-11-06 183112]
.
[HKEY_CLASSES_ROOT\clsid\{e44a1809-4d10-4ab8-b343-3326b64c7cdd}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{e44a1809-4d10-4ab8-b343-3326b64c7cdd}]
2012-11-06 12:01	183112	----a-w-	c:\program files (x86)\entrusted\prxtbentr.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{e44a1809-4d10-4ab8-b343-3326b64c7cdd}"= "c:\program files (x86)\entrusted\prxtbentr.dll" [2012-11-06 183112]
.
[HKEY_CLASSES_ROOT\clsid\{e44a1809-4d10-4ab8-b343-3326b64c7cdd}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-11 05:41	120104	----a-w-	c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SearchProtect"="c:\users\Dering\AppData\Roaming\SearchProtect\bin\cltmng.exe" [2013-05-08 2852640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-11-01 1094736]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\ssmmgr.exe" [2009-08-28 614400]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"SearchProtectAll"="c:\program files (x86)\SearchProtect\bin\cltmng.exe" [2013-05-08 2852640]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll c:\progra~3\browse~1\261339~1.144\{c16c1~1\browserprotect.dll
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"EgisTecLiveUpdate"="c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"PlayMovie"="c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
"ArcadeDeluxeAgent"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandbus64.sys [x]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lganddiag64.sys [x]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandgps64.sys [x]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandmodem64.sys [x]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 BrowserProtect;BrowserProtect;c:\programdata\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe;c:\programdata\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [x]
S2 CltMngSvc;Search Protect by Conduit Updater;c:\program files (x86)\SearchProtect\bin\CltMngSvc.exe;c:\program files (x86)\SearchProtect\bin\CltMngSvc.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe;c:\program files (x86)\Acer\Registration\GregHSRW.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 02945611
*Deregistered* - 02945611
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-11 13:05]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58	133840	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-11 05:44	137512	----a-w-	c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-04-12 200704]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-05-22 295936]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-09-30 823840]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.conduit.com/?ctid=CT3281675&octid=CT3281675&SearchSource=61&CUI=UN15546393371845519&UM=UM_ID&UP=SPD52FEFB4-9B24-4C4C-80F6-0982B4EFFA52
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7736&r=27360510g116l0418z1l5t5571a069
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7736&r=27360510g116l0418z1l5t5571a069
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\Dering\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Dering\AppData\Roaming\Mozilla\Firefox\Profiles\arn92git.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3281675&CUI=UN36289850181548933&UM=2&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - 
FF - prefs.js: browser.startup.homepage - www.google.de
FF - user.js: extensions.delta.tlbrSrchUrl - 
FF - user.js: extensions.delta.id - 000b96610000000000007ee400033e35
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15827
FF - user.js: extensions.delta.vrsn - 1.8.16.16
FF - user.js: extensions.delta.vrsni - 1.8.16.16
FF - user.js: extensions.delta.vrsnTs - 1.8.16.169:52
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKU-Default-Run-SearchProtect - \SearchProtect\bin\cltmng.exe
c:\users\Dering\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
Toolbar-Locked - (no file)
WebBrowser-{E44A1809-4D10-4AB8-B343-3326B64C7CDD} - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-07-06  17:55:23
ComboFix-quarantined-files.txt  2013-07-06 15:55
.
Vor Suchlauf: 19 Verzeichnis(se), 175.738.798.080 Bytes frei
Nach Suchlauf: 27 Verzeichnis(se), 175.469.494.272 Bytes frei
.
- - End Of File - - BD1634C5F2A131437D33E716F785D81B
         
--- --- ---
5C616939100B85E558DA92B899A0FC36



Es kam zwischendurch die Fehlermeldung "PEV.exe funktioniert nicht mehr."
Als ich das mit "Programm schließen" bestätigt habe, lief Combofix aber normal weiter...

Alt 06.07.2013, 17:00   #30
markusg
/// Malware-holic
 
Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren - Standard

Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren



Hi,
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren
.dll, adobe, adobe flash player, antivirus, association, avast, bildschirm, ccsetup, desktop, dvdvideosoft ltd., explorer, explorer.exe, farbar, farbar recovery scan tool, flash player, frst.txt, home, launch, log, microsoft, minidump, problem, registry, scan, schwarzer bildschirm, services.exe, software, stick, svchost.exe, system, vista, windows, winlogon.exe




Ähnliche Themen: Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren


  1. Windows 7: Nach Windows-Update schwarzer Bildschirm beim Hochfahren
    Plagegeister aller Art und deren Bekämpfung - 29.05.2015 (3)
  2. Windows 8 Schwarzer Bildschirm nach dem hochfahren
    Alles rund um Windows - 18.02.2015 (12)
  3. Windows 7: Nach Hochfahren schwarzer Bildschirm und das Fenster " Computer" offen
    Plagegeister aller Art und deren Bekämpfung - 14.12.2014 (23)
  4. Windows 7: hochfahren -> Arbeitsplatz öffnet, dahinter schwarzer Bildschirm
    Log-Analyse und Auswertung - 13.10.2014 (1)
  5. weißer bildschirm bei windows7, keinerlei reaktion, nach hochfahren nur schwarzer screen
    Log-Analyse und Auswertung - 08.05.2014 (3)
  6. Nach öffnen von Email bleibt Laptop hängen, nach Neustart keine Ausgabe mehr (schwarzer Bildschirm).
    Antiviren-, Firewall- und andere Schutzprogramme - 18.01.2014 (10)
  7. weißer bildschirm, schwarzer bildschirm, maus laggs nach systemstart, mausbewegungen in boxen.
    Plagegeister aller Art und deren Bekämpfung - 02.12.2013 (3)
  8. Schwarzer Bildschirm nach Virenbefall.
    Log-Analyse und Auswertung - 04.10.2013 (19)
  9. Schwarzer Bildschirm nach hochfahren mit beweglichem Mauszeiger
    Plagegeister aller Art und deren Bekämpfung - 09.07.2013 (5)
  10. GVU-Virus: Erst Zahlungsaufforderung und nach meherem Hochfahren schwarzer Bildschirm
    Plagegeister aller Art und deren Bekämpfung - 24.05.2013 (39)
  11. Schwarzer Bildschirm beim Hochfahren
    Alles rund um Windows - 01.06.2012 (2)
  12. Probleme hochfahren, Windows7 schwarzer Bildschirm...DRINGEND
    Log-Analyse und Auswertung - 10.01.2012 (4)
  13. Beim hochfahren schwarzer Bildschirm mit blinkendem Cursor!
    Plagegeister aller Art und deren Bekämpfung - 06.10.2011 (1)
  14. Nach Anmeldung Schwarzer Bildschirm, bzw. Systemabsturz mit BSOD nach kurzer Zeit
    Log-Analyse und Auswertung - 25.04.2011 (11)
  15. dropper.gen -> schwarzer bildschirm beim hochfahren
    Log-Analyse und Auswertung - 16.04.2010 (7)
  16. Windows Vista läßt sich nicht hochfahren, schwarzer Bildschirm.
    Alles rund um Windows - 02.02.2010 (2)
  17. SCHWARZER BILDSCHIRM nach dem Hochfahren!
    Log-Analyse und Auswertung - 29.04.2007 (5)

Zum Thema Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren - das aus der code box in otl reinkopieren, und noch mal scannen dann das Log posten. die weitere Konfiguration von otl entnimmst du dem Post von oben (post12) - Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren...
Archiv
Du betrachtest: Schwarzer Bildschirm mit Mauspfeil nach dem Hochfahren auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.