Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Java Virus. Hilfe! (https://www.trojaner-board.de/113756-java-virus-hilfe.html)

Maxwell88 17.04.2012 15:39
Java Virus. Hilfe!
 
Hallo,

ich bräuchte dringend Hilfe. Ich hab vor 3 Wochen Probleme mit meinen PC (habe Windows Vista), das System ist immer wieder eingefroren einfach so. Dann stellte ich fest, dass ein Account von mir gehackt wurde. Nach mehreren Virenscans (habe Microsoft Forefont) habe ich 10 Trojaner gefunden und sie gelöscht und als Verstärkung habe ich mir den Microsaoft Safety Scanner gedownloadet. PC ging danach wieder, dachte alles ist wieder in Ordnung. Nun mein Problem ich habe in unregelmäßigen Abständen immer wieder den gleichen Virusbefall.
Es handelt sich um folgende Viren wobei sich immer die hintere Zahl ändert.

Exploit:Java/Blacole.FE
Exploit:Java/CVE-2010-0840.QI
Exploit:Java/CVE-2012-0507.R
Exploit:Java/CVE-2011-3544.CU
Exploit:Java/CVE-2012-0507.R!ld

Bitte kann mir wer helfen, weiß nicht mehr weiter.

Danke im voraus
maxwell88

cosinus 17.04.2012 16:01
Zitat:
Bitte kann mir wer helfen, weiß nicht mehr weiter.
Ohne die Logs der Virenscanner wird das hier nichts. :nixda: :glaskugel:
Alles muss hier gepostet werden.

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

Maxwell88 17.04.2012 16:13
Danke, für die schnelle Antwort. Leider weiß ich ned wie ich Logs von meinen Virus scann mache. Kannst mir da helfen?

Zitat:
Zitat von cosinus (Beitrag 815604)
Ohne die Logs der Virenscanner wird das hier nichts. :nixda: :glaskugel:
Alles muss hier gepostet werden.

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log
Hallo, so habs geschafft eine Logfile zu erstellen. Ich hoff das ist richtig so. Was sagst dazu?

mfg
maxwell88

OTL Logfile:
Code:
OTL logfile created on: 17.04.2012 17:25:51 - Run 1
OTL by OldTimer - Version 3.2.39.2    Folder = C:\Users\xxx\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 0,98 Gb Available Physical Memory | 32,69% Memory free
6,22 Gb Paging File | 4,09 Gb Available in Paging File | 65,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 290,83 Gb Total Space | 131,15 Gb Free Space | 45,09% Space Free | Partition Type: NTFS
Drive D: | 290,69 Gb Total Space | 198,72 Gb Free Space | 68,36% Space Free | Partition Type: NTFS
 
Computer Name: xxx-PC | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.04.17 17:24:36 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
PRC - [2012.04.17 13:55:45 | 073,073,656 | ---- | M] (Microsoft Corporation) -- C:\Users\xxx\Desktop\msert.exe
PRC - [2012.03.19 13:58:54 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.03.13 06:37:52 | 003,331,872 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\xxx\AppData\Local\Akamai\netsession_win.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.11.22 19:16:18 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Real\RealPlayer\Update\realsched.exe
PRC - [2011.02.25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.02.02 12:23:08 | 001,033,600 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Forefront\Client Security\Client\Antimalware\MSASCui.exe
PRC - [2011.01.08 18:06:56 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Forefront\Client Security\Client\Antimalware\MsMpEng.exe
PRC - [2010.10.27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010.08.25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010.06.22 14:22:52 | 000,138,752 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2010.06.14 15:07:14 | 000,615,936 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010.06.09 01:47:48 | 001,531,904 | ---- | M] (Nokia) -- C:\Programme\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010.04.16 23:12:28 | 003,872,080 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Live\Messenger\msnmsgr.exe
PRC - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009.10.27 10:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009.04.11 08:28:06 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\ink\TabTip.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.12.11 11:12:00 | 000,159,528 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\WTablet\Pen_TabletUser.exe
PRC - [2008.12.11 11:11:30 | 002,749,736 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\Pen_Tablet.exe
PRC - [2008.05.20 17:50:50 | 000,269,448 | ---- | M] (CyberLink) -- C:\Programme\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
PRC - [2008.03.26 07:21:30 | 005,369,856 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.03.05 00:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008.03.05 00:38:28 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.21 04:25:32 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\ink\InputPersonalization.exe
PRC - [2008.01.09 19:43:28 | 000,323,584 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
PRC - [2008.01.09 19:43:26 | 000,326,176 | ---- | M] () -- C:\Acer\Empowering Technology\SysMonitor.exe
PRC - [2007.12.19 19:09:22 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2007.10.17 11:38:20 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
PRC - [2007.09.10 16:28:18 | 000,057,344 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007.09.06 13:02:04 | 000,393,216 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.04.15 00:56:08 | 008,797,344 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_233.dll
MOD - [2012.04.12 12:45:57 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\86f6e2383ca898849c321080b32b66f8\System.ServiceProcess.ni.dll
MOD - [2012.04.12 12:45:56 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\48302596a8c8f2ab396b3be518dbd800\System.Web.ni.dll
MOD - [2012.04.12 12:21:10 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\09b9cd1c630210237b5b46d9943e1946\System.Windows.Forms.ni.dll
MOD - [2012.04.12 12:21:00 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\61759b9905aed9a87347d04b5fad046b\System.Drawing.ni.dll
MOD - [2012.03.19 13:58:53 | 001,969,080 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.02.16 18:09:10 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\8b5f54e3b382fc1720c76557ef8c8bc3\System.Management.ni.dll
MOD - [2012.02.16 18:08:54 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5c3bfd69e0c268baff0d169e11a6a784\System.Runtime.Remoting.ni.dll
MOD - [2012.02.16 18:08:39 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7fd6c62196829d1e2dce5a253145d51a\System.Configuration.ni.dll
MOD - [2012.02.16 17:55:13 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d9f0f1dc8cbdb81f1ba122d77a6ab710\System.Xml.ni.dll
MOD - [2012.02.16 17:53:47 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c50133cb67d7c013fa31e1ffb942060b\System.ni.dll
MOD - [2011.10.16 12:19:48 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\bcb66dbad2b45d05235b37a02f737eb5\Accessibility.ni.dll
MOD - [2011.10.15 12:06:07 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2009.09.04 23:15:06 | 000,067,872 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009.03.30 06:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.03.30 06:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.02.02 15:11:40 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HydraVision.Wizard\2.0.3300.40238__90ba9c70f846762e\CLI.Aspect.HydraVision.Wizard.dll
MOD - [2009.02.02 15:11:40 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3300.40230__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2009.02.02 15:11:40 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3300.40229__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2009.02.02 15:11:40 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3300.40235__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2009.02.02 15:11:40 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3300.40230__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2009.02.02 15:11:39 | 001,691,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3300.40123__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2009.02.02 15:11:39 | 000,466,944 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3300.40212__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2009.02.02 15:11:39 | 000,286,720 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3300.40106__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2009.02.02 15:11:39 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3300.40125__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2009.02.02 15:11:39 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3300.40213__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2009.02.02 15:11:39 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3300.40173__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2009.02.02 15:11:39 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3300.40188__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2009.02.02 15:11:39 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3300.40113__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2009.02.02 15:11:39 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3300.40166__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2009.02.02 15:11:39 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3300.40120__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2009.02.02 15:11:39 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3300.40150__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2009.02.02 15:11:39 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3300.40114__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2009.02.02 15:11:38 | 000,671,744 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3300.40228__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
MOD - [2009.02.02 15:11:38 | 000,376,832 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3300.40172__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2009.02.02 15:11:38 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3300.40228__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll
MOD - [2009.02.02 15:11:38 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3300.40171__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2009.02.02 15:11:38 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3300.40210__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2009.02.02 15:11:37 | 000,811,008 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3300.40153__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2009.02.02 15:11:37 | 000,712,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3300.40115__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2009.02.02 15:11:37 | 000,589,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3300.40126__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2009.02.02 15:11:37 | 000,450,560 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3300.40146__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2009.02.02 15:11:37 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3300.40151__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2009.02.02 15:11:37 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3300.40182__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2009.02.02 15:11:37 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3300.40125__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2009.02.02 15:11:37 | 000,126,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3300.40163__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2009.02.02 15:11:37 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3300.40152__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2009.02.02 15:11:37 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3300.40150__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2009.02.02 15:11:37 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3300.40129__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2009.02.02 15:11:37 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3300.40162__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2009.02.02 15:11:37 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3300.40164__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2009.02.02 15:11:36 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3300.40151__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2009.02.02 15:11:36 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3246.34290__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2009.02.02 15:11:35 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3246.34233__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2009.02.02 15:11:35 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3246.34194__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2009.02.02 15:11:35 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3246.34445__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2009.02.02 15:11:35 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3246.34278__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2009.02.02 15:11:35 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3246.34443__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2009.02.02 15:11:35 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2009.02.02 15:11:34 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2009.02.02 15:11:34 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3246.34138__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2009.02.02 15:11:34 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3246.34145__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2009.02.02 15:11:34 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3246.34574__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2009.02.02 15:11:34 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3246.34297__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2009.02.02 15:11:34 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll
MOD - [2009.02.02 15:11:34 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3246.34264__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2009.02.02 15:11:34 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3246.34295__90ba9c70f846762e\DEM.OS.dll
MOD - [2009.02.02 15:11:34 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2009.02.02 15:11:34 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3246.34300__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2009.02.02 15:11:34 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2009.02.02 15:11:33 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3246.34155__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2009.02.02 15:11:33 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3246.34242__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2009.02.02 15:11:33 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3246.34459__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll
MOD - [2009.02.02 15:11:33 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3246.34337__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2009.02.02 15:11:33 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3246.34346__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2009.02.02 15:11:33 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3246.34407__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2009.02.02 15:11:33 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3246.34401__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2009.02.02 15:11:33 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3246.34251__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2009.02.02 15:11:33 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3246.34236__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2009.02.02 15:11:33 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3246.34198__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2009.02.02 15:11:33 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3246.34229__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2009.02.02 15:11:33 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3246.34316__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2009.02.02 15:11:33 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3246.34304__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2009.02.02 15:11:32 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3246.34350__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2009.02.02 15:11:32 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3246.34335__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2009.02.02 15:11:32 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3246.34333__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2009.02.02 15:11:32 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3300.40222__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2009.02.02 15:11:32 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3246.34345__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2009.02.02 15:11:32 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3246.34279__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2009.02.02 15:11:32 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3246.34319__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2009.02.02 15:11:32 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3246.34305__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2009.02.02 15:11:32 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3246.34282__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2009.02.02 15:11:32 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3246.34340__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2009.02.02 15:11:32 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2009.02.02 15:11:32 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3246.34307__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2009.02.02 15:11:32 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3246.34274__90ba9c70f846762e\APM.Foundation.dll
MOD - [2009.02.02 15:11:32 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3246.34235__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2009.02.02 15:11:32 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3300.40231__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2009.02.02 15:11:32 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3300.40101__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009.02.02 15:11:31 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3300.40119__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2009.02.02 15:11:31 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3300.40205__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2009.02.02 15:11:31 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3300.40203__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2009.02.02 15:11:31 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3246.34183__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2009.02.02 15:11:31 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3246.34205__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2009.02.02 15:11:31 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3246.34258__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2009.02.02 15:11:31 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3246.34292__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2009.02.02 15:11:31 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3246.34174__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2009.02.02 15:11:31 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2009.02.02 15:11:31 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2009.02.02 15:11:30 | 001,077,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3300.40110__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2009.02.02 15:11:30 | 000,540,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3300.40197__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2009.02.02 15:11:30 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3300.40103__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2009.02.02 15:11:30 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3300.40105__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2009.02.02 15:11:30 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3246.34261__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2009.02.02 15:11:30 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3246.34289__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2009.02.02 15:11:29 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3300.40104__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2009.02.02 15:11:29 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3300.40103__90ba9c70f846762e\APM.Server.dll
MOD - [2009.02.02 15:11:29 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3300.40102__90ba9c70f846762e\AEM.Server.dll
MOD - [2009.02.02 15:11:29 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3246.34227__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2009.02.02 15:11:29 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009.02.02 15:11:29 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3300.40205__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2009.02.02 15:11:29 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3246.34356__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2009.01.14 07:02:07 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008.10.30 15:39:12 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2008.09.16 21:18:06 | 000,132,608 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2008.03.05 00:38:16 | 000,227,888 | ---- | M] () -- C:\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll
MOD - [2008.01.09 19:43:26 | 000,326,176 | ---- | M] () -- C:\Acer\Empowering Technology\SysMonitor.exe
MOD - [2008.01.09 19:43:12 | 000,057,344 | ---- | M] () -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.DialogManager.dll
MOD - [2008.01.09 19:42:54 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.PasswordSetting.dll
MOD - [2007.12.19 19:09:40 | 000,003,584 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\de\eSettings.Plugin.resources.dll
MOD - [2007.12.19 19:09:38 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\eSettings.Plugin.dll
MOD - [2007.12.19 19:08:56 | 000,010,752 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\de\eSettings.Presenter.resources.dll
MOD - [2007.12.19 19:08:54 | 000,155,648 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\eSettings.Presenter.dll
MOD - [2007.12.19 19:08:28 | 003,420,160 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\eSettings.View.dll
MOD - [2007.12.19 19:08:10 | 000,032,768 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings.Model.ComputerInterfaces.dll
MOD - [2007.10.17 11:38:22 | 000,003,584 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\de\ePerformance.Plugin.resources.dll
MOD - [2007.10.17 11:38:20 | 000,045,056 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Plugin.dll
MOD - [2007.10.17 11:38:00 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Model.dll
MOD - [2007.10.17 11:38:00 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Presenter.dll
MOD - [2007.10.17 11:37:58 | 000,040,960 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Library.dll
MOD - [2007.10.17 10:55:10 | 000,020,480 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Model.Interface.dll
MOD - [2007.10.17 10:55:10 | 000,016,384 | ---- | M] () -- C:\Acer\Empowering Technology\MemCheck.Interface.dll
MOD - [2007.02.13 07:26:30 | 000,016,384 | ---- | M] () -- C:\Acer\Empowering Technology\eRecovery\ServiceInterface.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.04.15 00:56:09 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.03.27 19:09:30 | 003,417,376 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_6c825ce.dll -- (Akamai)
SRV - [2012.02.29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.02.28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Programme\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.02.25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011.01.08 18:06:56 | 000,016,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Forefront\Client Security\Client\Antimalware\MsMpEng.exe -- (FCSAM)
SRV - [2010.06.14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.01.12 20:38:36 | 000,077,944 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Programme\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2008.12.11 11:11:30 | 002,749,736 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Windows\System32\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2008.05.20 17:50:50 | 000,269,448 | ---- | M] (CyberLink) [Auto | Running] -- C:\Programme\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)
SRV - [2008.03.05 00:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.12.19 19:09:22 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007.10.17 11:38:20 | 000,028,672 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2007.09.10 16:28:18 | 000,057,344 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva370.sys -- (XDva370)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva289.sys -- (XDva289)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\WG111Tv.sys -- (WG111T)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - [2010.02.26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.02.26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.02.26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.11.12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009.06.26 22:55:12 | 000,066,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009.01.14 09:15:40 | 004,235,776 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.10.06 11:53:24 | 000,015,656 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.08.18 15:45:00 | 000,013,352 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2008.05.06 09:53:20 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008.05.06 09:53:20 | 000,132,128 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2007.12.21 17:51:08 | 007,629,632 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007.11.18 03:39:50 | 001,040,544 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007.11.06 10:30:48 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\zntport.sys -- (zntport)
DRV - [2007.11.06 10:30:46 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TVicPort.sys -- (tvicport)
DRV - [2007.07.07 15:13:10 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007.07.03 04:05:20 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - [2007.02.16 11:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2007.02.15 16:11:28 | 000,011,440 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WacomVKHid.sys -- (WacomVKHid)
DRV - [2006.11.16 15:36:28 | 000,020,480 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DNISP50.sys -- (DNISp50)
DRV - [2006.11.16 15:36:18 | 000,021,504 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DNIMP50.sys -- (DNIMp50)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0c07&s=1&o=vp32&d=0109&m=aspire_m3641
IE - HKLM\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2206084
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0c07&s=1&o=vp32&d=0109&m=aspire_m3641
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?FORM=IEFM1&q={searchTerms}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2206084
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "Softonic Deutsch FF Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2206084&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://yahoo.de/"
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.7
FF - prefs.js..extensions.enabledItems: {9d81af43-de53-48d0-a199-42c2a226b24c}:3.8.0.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..network.proxy.http: "74.86.121.230"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.no_proxies_on: "*.local,127.0.0.1:9421,"
FF - prefs.js..network.proxy.ssl: "66.229.205.251"
FF - prefs.js..network.proxy.ssl_port: 9090
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@logitech.com/HarmonyRemote,version=1.0.0: C:\Program Files\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\xxx\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\xxx\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\xxx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}: C:\Program Files\ArcSoft\Media Converter for Philips\Internet Video Downloader\Plugin_FireFox [2010.05.11 15:40:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010.07.25 21:44:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.08.06 11:28:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.04.05 19:40:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.03.19 13:58:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.12 00:37:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.08.06 11:28:46 | 000,000,000 | ---D | M]
 
[2009.05.27 20:40:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Extensions
[2012.03.06 16:40:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\jebo5yec.default\extensions
[2010.08.16 13:23:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\jebo5yec.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.03.06 16:40:51 | 000,000,000 | ---D | M] (Softonic Deutsch FF Community Toolbar) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\jebo5yec.default\extensions\{9d81af43-de53-48d0-a199-42c2a226b24c}
[2010.05.14 12:12:49 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\jebo5yec.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.03.02 13:51:22 | 000,000,000 | ---D | M] (German Dictionary, extended for Austria) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\jebo5yec.default\extensions\de-AT@dictionaries.addons.mozilla.org
[2012.03.19 13:58:59 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.04.16 22:11:02 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.03.19 13:58:54 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.03.02 16:30:12 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.02.16 20:31:36 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.16 20:31:36 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.02.16 20:31:36 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.16 20:31:36 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.16 20:31:36 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.16 20:31:36 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\xxx\AppData\Local\Google\Chrome\Application\18.0.1025.142\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\xxx\AppData\Local\Google\Chrome\Application\18.0.1025.142\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\xxx\AppData\Local\Google\Chrome\Application\18.0.1025.142\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Harmony Firefox Plugin (Enabled) = C:\Program Files\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\xxx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\xxx\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Skype Click to Call = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (IEPlugin Class) - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\Programme\ArcSoft\Media Converter for Philips\Internet Video Downloader\ArcURLRecord.dll (ArcSoft, Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Softonic Deutsch FF Toolbar) - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Softonic Deutsch FF Toolbar) - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic Deutsch FF Toolbar) - {9D81AF43-DE53-48D0-A199-42C2A226B24C} - C:\Programme\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe ()
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apanel] C:\ACERSW\config\SetApanel.cmd File not found
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKLM..\Run: [Microsoft Forefront Client Security Antimalware Service] C:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Programme\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\xxx\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKCU..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.)
O4 - HKCU..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"  /MINIMIZED File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Users\xxx\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\xxx\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: pokemon-gl.com ([de] https in Vertrauenswürdige Sites)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1288993282860 (MUCatalogWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2FC76DB2-719C-4570-9177-8E5A30E0FE49}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\xxx\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\xxx\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{99220827-1bd9-11e0-9319-0021856e3d39}\Shell\AutoRun\command - "" = WDSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.04.17 17:24:31 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
[2012.04.17 13:52:03 | 073,073,656 | ---- | C] (Microsoft Corporation) -- C:\Users\xxx\Desktop\msert.exe
[2012.04.16 22:10:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.04.16 22:10:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.04.12 12:33:38 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.04.12 12:33:36 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.04.12 12:33:36 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.04.12 12:33:35 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.04.12 12:33:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.04.12 12:33:35 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.04.12 12:33:14 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.04.12 12:33:14 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.04.03 17:06:12 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.03.29 22:04:21 | 000,000,000 | ---D | C] -- C:\Users\xxx\Documents\herz
[2012.03.24 02:34:11 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
[2012.03.23 14:10:12 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\Pokemon Gameboy Sound Collection (Red and Blue)
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.04.17 17:24:36 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
[2012.04.17 16:56:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.04.17 16:38:00 | 000,001,136 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3559759172-3097272205-1206507809-1000UA.job
[2012.04.17 15:50:10 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.17 15:50:10 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.17 13:56:17 | 000,628,504 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.04.17 13:56:17 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.04.17 13:56:17 | 000,126,248 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.04.17 13:56:17 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.04.17 13:55:45 | 073,073,656 | ---- | M] (Microsoft Corporation) -- C:\Users\xxx\Desktop\msert.exe
[2012.04.17 13:49:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.17 13:49:47 | 3220,365,312 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.16 22:10:45 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.04.16 18:14:01 | 000,387,436 | ---- | M] () -- C:\Users\xxx\Desktop\Bewerbungsunterlagen.rar
[2012.04.16 13:38:00 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3559759172-3097272205-1206507809-1000Core.job
[2012.04.15 17:40:02 | 000,002,066 | ---- | M] () -- C:\Users\xxx\Desktop\Google Chrome.lnk
[2012.04.15 00:56:09 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.04.15 00:56:09 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.04.13 20:29:59 | 009,879,349 | ---- | M] () -- C:\Users\xxx\Desktop\yugi.mov
[2012.04.12 15:05:43 | 016,248,932 | ---- | M] () -- C:\Users\xxx\Desktop\Nisemono 2.rar
[2012.04.12 12:36:43 | 000,289,518 | ---- | M] () -- C:\Users\xxx\Desktop\Abschlusszeugnis.jpg
[2012.04.12 12:34:12 | 000,472,861 | ---- | M] () -- C:\Users\xxx\Desktop\LAP.jpg
[2012.04.12 01:03:55 | 030,527,508 | ---- | M] () -- C:\Users\xxx\Desktop\Nisemono 1.rar
[2012.04.10 20:31:04 | 000,002,665 | ---- | M] () -- C:\Users\xxx\Desktop\Microsoft Office Excel 2003.lnk
[2012.04.10 07:46:23 | 016,848,492 | ---- | M] () -- C:\Users\xxx\Desktop\Naruto Nisemono - part 2.flv
[2012.04.09 23:59:04 | 000,142,848 | ---- | M] () -- C:\Users\xxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.04.07 01:40:06 | 000,002,637 | ---- | M] () -- C:\Users\xxx\Desktop\Microsoft Office Word 2003.lnk
[2012.04.06 15:18:16 | 000,001,356 | ---- | M] () -- C:\Users\xxx\AppData\Local\d3d9caps.dat
[2012.04.05 14:10:58 | 001,820,449 | ---- | M] () -- C:\Users\xxx\Desktop\P4050699.JPG
[2012.04.03 21:56:10 | 267,776,000 | ---- | M] () -- C:\Users\xxx\Desktop\Naruto_Shippuuden_242.rar
[2012.04.02 23:34:12 | 314,809,239 | ---- | M] () -- C:\Users\xxx\Desktop\Naruto_Shippuuden_241.rar
[2012.04.02 20:33:11 | 314,734,852 | ---- | M] () -- C:\Users\xxx\Desktop\Naruto_Shippuuden_240.rar
[2012.04.02 12:35:51 | 004,238,498 | ---- | M] () -- C:\Users\xxx\Desktop\Unterlagen.zip
[2012.03.29 23:39:00 | 314,721,653 | ---- | M] () -- C:\Users\xxx\Desktop\Naruto_Shippuuden_239.rar
[2012.03.29 20:43:02 | 314,713,876 | ---- | M] () -- C:\Users\xxx\Desktop\Naruto_Shippuuden_238.rar
[2012.03.27 23:29:43 | 314,794,434 | ---- | M] () -- C:\Users\xxx\Desktop\Naruto_Shippuuden_236.rar
[2012.03.26 21:59:00 | 262,447,638 | ---- | M] () -- C:\Users\xxx\Desktop\[AKA] One Piece 539 [x264,720p][C03C8F88].mp4
[2012.03.24 02:34:11 | 000,000,995 | ---- | M] () -- C:\Users\xxx\Desktop\Format Factory.lnk
[2012.03.19 23:44:07 | 000,179,110 | ---- | M] () -- C:\Users\xxx\Desktop\lol.jpg
[2012.03.19 15:48:15 | 237,243,139 | ---- | M] () -- C:\Users\xxx\Desktop\[AKA] One Piece 538 [x264,720p][Hi10P][C85C54EB].mkv
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.04.16 18:12:37 | 000,387,436 | ---- | C] () -- C:\Users\xxx\Desktop\Bewerbungsunterlagen.rar
[2012.04.13 20:25:14 | 009,879,349 | ---- | C] () -- C:\Users\xxx\Desktop\yugi.mov
[2012.04.12 15:06:36 | 016,848,492 | ---- | C] () -- C:\Users\xxx\Desktop\Naruto Nisemono - part 2.flv
[2012.04.12 15:00:28 | 016,248,932 | ---- | C] () -- C:\Users\xxx\Desktop\Nisemono 2.rar
[2012.04.12 12:32:13 | 000,472,861 | ---- | C] () -- C:\Users\xxx\Desktop\LAP.jpg
[2012.04.12 12:32:13 | 000,384,173 | ---- | C] () -- C:\Users\xxx\Desktop\Foto.jpg
[2012.04.12 12:32:13 | 000,289,518 | ---- | C] () -- C:\Users\xxx\Desktop\Abschlusszeugnis.jpg
[2012.04.12 00:54:03 | 030,527,508 | ---- | C] () -- C:\Users\xxx\Desktop\Nisemono 1.rar
[2012.04.06 16:30:46 | 3220,365,312 | -HS- | C] () -- C:\hiberfil.sys
[2012.04.05 15:15:23 | 001,820,449 | ---- | C] () -- C:\Users\xxx\Desktop\P4050699.JPG
[2012.04.03 19:24:57 | 267,776,000 | ---- | C] () -- C:\Users\xxx\Desktop\Naruto_Shippuuden_242.rar
[2012.04.03 17:06:12 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.04.02 20:39:22 | 314,809,239 | ---- | C] () -- C:\Users\xxx\Desktop\Naruto_Shippuuden_241.rar
[2012.04.02 17:30:15 | 314,734,852 | ---- | C] () -- C:\Users\xxx\Desktop\Naruto_Shippuuden_240.rar
[2012.04.02 12:35:26 | 004,238,498 | ---- | C] () -- C:\Users\xxx\Desktop\Unterlagen.zip
[2012.03.29 20:44:06 | 314,721,653 | ---- | C] () -- C:\Users\xxx\Desktop\Naruto_Shippuuden_239.rar
[2012.03.29 17:48:08 | 314,713,876 | ---- | C] () -- C:\Users\xxx\Desktop\Naruto_Shippuuden_238.rar
[2012.03.27 20:34:13 | 314,794,434 | ---- | C] () -- C:\Users\xxx\Desktop\Naruto_Shippuuden_236.rar
[2012.03.26 21:27:06 | 262,447,638 | ---- | C] () -- C:\Users\xxx\Desktop\[AKA] One Piece 539 [x264,720p][C03C8F88].mp4
[2012.03.24 02:34:11 | 000,000,995 | ---- | C] () -- C:\Users\xxx\Desktop\Format Factory.lnk
[2012.03.19 23:44:07 | 000,179,110 | ---- | C] () -- C:\Users\xxx\Desktop\lol.jpg
[2012.03.19 15:46:09 | 237,243,139 | ---- | C] () -- C:\Users\xxx\Desktop\[AKA] One Piece 538 [x264,720p][Hi10P][C85C54EB].mkv
[2011.08.13 12:59:48 | 000,000,044 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\wklnhst.dat
[2011.04.10 20:42:27 | 000,017,604 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\UserTile.png
[2010.10.23 00:08:53 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
 
========== LOP Check ==========
 
[2009.01.10 04:02:25 | 000,000,000 | -HSD | M] -- C:\Users\xxx\AppData\Roaming\.#
[2009.10.31 11:57:24 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Acer Arcade Live
[2008.03.21 15:57:57 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Acer GameZone Console
[2009.04.29 19:39:31 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Acer HomeMedia
[2011.11.07 14:57:43 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Aquamarin Haushaltsbuch
[2009.01.12 20:43:42 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Autodesk
[2010.02.21 16:18:47 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Canneverbe Limited
[2010.10.20 18:40:15 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\ChessJam.808D34EF1AE2806F00104989FE66F8BDE6B323D7.1
[2010.02.21 16:12:11 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\DeepBurner Pro
[2012.01.09 00:55:06 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\DirektFotoSystem3
[2010.05.14 12:12:48 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.01.12 20:17:39 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\e frontier
[2009.03.23 22:57:27 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Ebner
[2009.01.10 02:02:54 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\eSobi
[2009.01.10 02:31:20 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\FloodLightGames
[2010.10.04 23:21:48 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\GrabPro
[2010.02.21 16:02:38 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\gtk-2.0
[2009.09.27 20:19:32 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Image Zone Express
[2011.07.03 12:08:53 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\IrfanView
[2011.02.03 15:38:38 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Nokia
[2009.11.01 15:25:18 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Nseries
[2010.10.04 23:45:36 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Orbit
[2010.08.01 22:14:09 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\PC Suite
[2011.04.10 20:42:27 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\PeerNetworking
[2010.02.25 19:21:53 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\PianoBooster
[2009.04.29 19:39:25 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\PowerCinema
[2009.01.17 23:06:28 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Printer Info Cache
[2010.10.04 23:21:51 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\ProgSense
[2011.11.01 19:18:10 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Shareaza
[2009.04.09 20:57:32 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\sldIM
[2009.01.26 12:50:44 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Sony
[2011.02.24 21:56:46 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\TeamViewer
[2011.08.13 12:59:51 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Template
[2012.04.17 01:50:22 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2010.05.11 15:58:59 | 000,000,164 | ---- | M] ()(C:\Windows\System32\Ä!?!??) -- C:\Windows\System32\Ä!㳘!ʓ
[2010.05.11 15:58:59 | 000,000,164 | ---- | C] ()(C:\Windows\System32\Ä!?!??) -- C:\Windows\System32\Ä!㳘!ʓ
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 16 bytes -> C:\Users\xxx\Downloads:Shareaza.GUID
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:8AB6C1D7
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:193426B4
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:580E04D8
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:8173A019
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:FEBEC560

< End of report >
--- --- ---
[/QUOTE]

cosinus 17.04.2012 18:41
Zitat:
Danke, für die schnelle Antwort. Leider weiß ich ned wie ich Logs von meinen Virus scann mache. Kannst mir da helfen?
Sry ich kann hier nicht zu jedem der zig Virenscanner (in allen Versionen) die auf dem Markt sind wie aus der Pistole geschossen eine bebilderte Anleitung dazu gleich liefern. Üblicherweise findest du die Logs im Hauptmenü des Virenscanners in der Navigation.

Diese Java-Dinger sehen aber danach aus, als wurden die im JavaCache gefunden


Bitte erstmal routinemäßig einen Vollscan mit malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

Maxwell88 17.04.2012 22:47
Zitat:
Zitat von cosinus (Beitrag 815728)
Sry ich kann hier nicht zu jedem der zig Virenscanner (in allen Versionen) die auf dem Markt sind wie aus der Pistole geschossen eine bebilderte Anleitung dazu gleich liefern. Üblicherweise findest du die Logs im Hauptmenü des Virenscanners in der Navigation.

Hallo, vielen Dank erstmal, dass du dir soviel Zeit für mich nimmst.

Also Malwarebytes Scan hat folgendes ergeben.

Code:
Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.04.17.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
XXX :: XXX-PC [Administrator]

Schutz: Aktiviert

17.04.2012 19:49:26
malware

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 520043
Laufzeit: 1 Stunde(n), 32 Minute(n), 53 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NeoSteam_DE (PUP.SuperSilentManager) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\GAMIGO\NeoSteam_DE\uninst.exe (PUP.SuperSilentManager) -> Keine Aktion durchgeführt.

(Ende)

Der Esets Scan folgendes Ergebnis, da sind 2 Files die sehr verdächtig aussehen aber das Programm konnte sie nicht löschen. Kann ich die irgendwie entfernen?

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=9b390ca8b024dd468409775e962b506f
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-04-17 09:31:46
# local_time=2012-04-17 11:31:46 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=4096 16777215 100 0 85214638 85214638 0 0
# compatibility_mode=5892 16776574 100 100 45724050 172223639 0 0
# compatibility_mode=8192 67108863 100 0 103 103 0 0
# scanned=353081
# found=2
# cleaned=0
# scan_time=7395
C:\Users\xxx\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\A75U3EUV\frame_ads_inner[1].htm        HTML/Iframe.B.Gen virus (unable to clean)        00000000000000000000000000000000        I
C:\Users\xxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\435b256a-3d83e268        Java/Exploit.Agent.NAU trojan (unable to clean)        00000000000000000000000000000000        I

cosinus 18.04.2012 12:46
Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Maxwell88 18.04.2012 14:21
Zitat:
Zitat von cosinus (Beitrag 816084)
Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.
Hallo Cosinus,

hab alles so gemacht wie du gesagt hast. Habe den Log als Zip gespeichert ist leider zu lange um ihn zu posten.

cosinus 18.04.2012 20:33
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!!

Code:
:OTL
IE - HKLM\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2206084
IE - HKU\S-1-5-21-3559759172-3097272205-1206507809-1000\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3559759172-3097272205-1206507809-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3559759172-3097272205-1206507809-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2206084
IE - HKU\S-1-5-21-3559759172-3097272205-1206507809-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3559759172-3097272205-1206507809-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>
FF - prefs.js..browser.search.defaultthis.engineName: "Softonic Deutsch FF Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2206084&SearchSource=3&q={searchTerms}"
FF - prefs.js..network.proxy.http: "74.86.121.230"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.no_proxies_on: "*.local,127.0.0.1:9421,"
FF - prefs.js..network.proxy.ssl: "66.229.205.251"
FF - prefs.js..network.proxy.ssl_port: 9090
FF - user.js - File not found
[2010.08.16 13:23:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\jebo5yec.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.04.18 00:39:49 | 000,000,000 | ---D | M] (ST Deutsch FF Community Toolbar) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\jebo5yec.default\extensions\{9d81af43-de53-48d0-a199-42c2a226b24c}
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Softonic Deutsch FF Toolbar) - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Softonic Deutsch FF Toolbar) - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
O4 - HKU\S-1-5-21-3559759172-3097272205-1206507809-1000..\Run: []  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{99220827-1bd9-11e0-9319-0021856e3d39}\Shell\AutoRun\command - "" = WDSetup.exe
[2009.01.10 04:02:25 | 000,000,000 | -HSD | M] -- C:\Users\xxx\AppData\Roaming\.#
@Alternate Data Stream - 16 bytes -> C:\Users\xxx\Downloads:Shareaza.GUID
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:8AB6C1D7
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:193426B4
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:580E04D8
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:8173A019
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:FEBEC560
:Files
C:\Users\xxx\AppData\LocalLow\Sun\Java\Deployment\cache
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Maxwell88 18.04.2012 21:04
Zitat:
Zitat von cosinus (Beitrag 816421)
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
Hallo, ich hab es so gemacht wie beschrieben, danach stand das ein Fehler aufgetreten ist und OTL beendet wird. Rechner hat sich neu gestartet und ich hab das File bekommen dass ich dir poste. Soll ich OTL nochmals ausführen oder hat der Log seine Richtigkeit?

Code:
Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

cosinus 18.04.2012 21:10
Wiederhol den Fix im abgesicherten Modus bitte

Maxwell88 18.04.2012 21:27
Zitat:
Zitat von cosinus (Beitrag 816464)
Wiederhol den Fix im abgesicherten Modus bitte
Habe den Fix jetzt im Abgesicherten Modus wiederholt. Diesmal keine Fehlermeldung und hab dieses Logfile erhalten nach dem Neustart. Was muss ich als nächstes tun?

Code:
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{9d81af43-de53-48d0-a199-42c2a226b24c} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9d81af43-de53-48d0-a199-42c2a226b24c}\ not found.
File C:\Programme\Softonic_Deutsch_FF\tbSoft.dll not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry value HKEY_USERS\S-1-5-21-3559759172-3097272205-1206507809-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{9d81af43-de53-48d0-a199-42c2a226b24c} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9d81af43-de53-48d0-a199-42c2a226b24c}\ not found.
File C:\Programme\Softonic_Deutsch_FF\tbSoft.dll not found.
HKEY_USERS\S-1-5-21-3559759172-3097272205-1206507809-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3559759172-3097272205-1206507809-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
HKU\S-1-5-21-3559759172-3097272205-1206507809-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-21-3559759172-3097272205-1206507809-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: "Softonic Deutsch FF Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2206084&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "74.86.121.230" removed from network.proxy.http
Prefs.js: 3128 removed from network.proxy.http_port
Prefs.js: "*.local,127.0.0.1:9421," removed from network.proxy.no_proxies_on
Prefs.js: "66.229.205.251" removed from network.proxy.ssl
Prefs.js: 9090 removed from network.proxy.ssl_port
Folder C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\jebo5yec.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\ not found.
Folder C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\jebo5yec.default\extensions\{9d81af43-de53-48d0-a199-42c2a226b24c}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9d81af43-de53-48d0-a199-42c2a226b24c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9d81af43-de53-48d0-a199-42c2a226b24c}\ not found.
File C:\Programme\Softonic_Deutsch_FF\tbSoft.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\ not found.
File C:\Program Files\Microsoft\BingBar\BingExt.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{9d81af43-de53-48d0-a199-42c2a226b24c} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9d81af43-de53-48d0-a199-42c2a226b24c}\ not found.
File C:\Programme\Softonic_Deutsch_FF\tbSoft.dll not found.
Registry value HKEY_USERS\S-1-5-21-3559759172-3097272205-1206507809-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File C:\autoexec.bat not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99220827-1bd9-11e0-9319-0021856e3d39}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99220827-1bd9-11e0-9319-0021856e3d39}\ not found.
File WDSetup.exe not found.
Folder C:\Users\xxx\AppData\Roaming\.#\ not found.
Unable to delete ADS C:\Users\xxx\Downloads:Shareaza.GUID .
Unable to delete ADS C:\ProgramData\TEMP:8AB6C1D7 .
Unable to delete ADS C:\ProgramData\TEMP:193426B4 .
Unable to delete ADS C:\ProgramData\TEMP:580E04D8 .
Unable to delete ADS C:\ProgramData\TEMP:8173A019 .
Unable to delete ADS C:\ProgramData\TEMP:FEBEC560 .
========== FILES ==========
File\Folder C:\Users\xxx\AppData\LocalLow\Sun\Java\Deployment\cache not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: xxx
->Temp folder emptied: 368856 bytes
->Temporary Internet Files folder emptied: 47123 bytes
->FireFox cache emptied: 22216024 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 456 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1373818077 bytes
RecycleBin emptied: 10014492855 bytes
 
Total Files Cleaned = 10.882,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
->Flash cache emptied: 0 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: xxx
->Flash cache emptied: 0 bytes
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.40.0 log created on 04182012_222006

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

cosinus 18.04.2012 21:37
Zitat:
File\Folder C:\Users\xxx\AppData\LocalLow\Sun\Java\Deployment\cache not found.
Die unkenntlichen gemachten Namen ( xxx ) solltest du VOR DEM FIX wieder in den richtigen Text zurückeditieren!

Maxwell88 18.04.2012 21:43
Zitat:
Zitat von cosinus (Beitrag 816491)
Die unkenntlichen gemachten Namen ( xxx ) solltest du VOR DEM FIX wieder in den richtigen Text zurückeditieren!
Ich habe "xxx" durch den Benutzernamen ersetzt überall eigentlich. soll ich es nochmals probieren?

cosinus 18.04.2012 21:53
Ok, wenn du das schon gemacht hast dann wurden die schon im ersten Lauf gelöscht, nur stand das eben nicht im ersten OTL-Fixlog. Du brauchst also nicht nochmal zu wiederholen

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

Maxwell88 18.04.2012 22:06
Zitat:
Zitat von cosinus (Beitrag 816508)
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-a...entfernen.html
Hat alles gut geklappt, TDSS- Killer hat 17 Dateien gefunden die er als Risiko einstuft, hab die mal geskipt wie beschrieben und hier ist der Log zur Überprüfung.

Code:
22:56:43.0772 5188        TDSS rootkit removing tool 2.7.29.0 Apr 18 2012 16:44:20
22:56:43.0898 5188        ============================================================
22:56:43.0898 5188        Current date / time: 2012/04/18 22:56:43.0898
22:56:43.0898 5188        SystemInfo:
22:56:43.0898 5188       
22:56:43.0898 5188        OS Version: 6.0.6002 ServicePack: 2.0
22:56:43.0898 5188        Product type: Workstation
22:56:43.0898 5188        ComputerName: xxx-PC
22:56:43.0898 5188        UserName: xxx
22:56:43.0898 5188        Windows directory: C:\Windows
22:56:43.0898 5188        System windows directory: C:\Windows
22:56:43.0898 5188        Processor architecture: Intel x86
22:56:43.0898 5188        Number of processors: 4
22:56:43.0898 5188        Page size: 0x1000
22:56:43.0899 5188        Boot type: Normal boot
22:56:43.0899 5188        ============================================================
22:56:44.0789 5188        Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:56:44.0804 5188        \Device\Harddisk0\DR0:
22:56:44.0804 5188        MBR partitions:
22:56:44.0804 5188        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x6, StartLBA 0x1D4B800, BlocksNum 0x245AB000
22:56:44.0804 5188        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x262F6800, BlocksNum 0x24561000
22:56:44.0828 5188        C: <-> \Device\Harddisk0\DR0\Partition0
22:56:44.0874 5188        D: <-> \Device\Harddisk0\DR0\Partition1
22:56:44.0875 5188        Initialize success
22:56:44.0875 5188        ============================================================
22:58:01.0210 4052        ============================================================
22:58:01.0210 4052        Scan started
22:58:01.0210 4052        Mode: Manual; SigCheck; TDLFS;
22:58:01.0210 4052        ============================================================
22:58:01.0566 4052        ACDaemon        (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
22:58:01.0711 4052        ACDaemon - ok
22:58:01.0760 4052        Acer HomeMedia Connect Service (517d30057c726c797764bfd70a55d82a) C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
22:58:01.0844 4052        Acer HomeMedia Connect Service ( UnsignedFile.Multi.Generic ) - warning
22:58:01.0845 4052        Acer HomeMedia Connect Service - detected UnsignedFile.Multi.Generic (1)
22:58:01.0903 4052        AcerMemUsageCheckService (e91f2444df54e725ddbbddb7fbce71f5) C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
22:58:01.0925 4052        AcerMemUsageCheckService ( UnsignedFile.Multi.Generic ) - warning
22:58:01.0925 4052        AcerMemUsageCheckService - detected UnsignedFile.Multi.Generic (1)
22:58:02.0011 4052        ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
22:58:02.0046 4052        ACPI - ok
22:58:02.0111 4052        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:58:02.0146 4052        AdobeARMservice - ok
22:58:02.0197 4052        AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:58:02.0297 4052        AdobeFlashPlayerUpdateSvc - ok
22:58:02.0331 4052        adp94xx        (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
22:58:02.0392 4052        adp94xx - ok
22:58:02.0423 4052        adpahci        (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
22:58:02.0480 4052        adpahci - ok
22:58:02.0497 4052        adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
22:58:02.0559 4052        adpu160m - ok
22:58:02.0575 4052        adpu320        (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
22:58:02.0653 4052        adpu320 - ok
22:58:02.0678 4052        AeLookupSvc    (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
22:58:02.0756 4052        AeLookupSvc - ok
22:58:02.0793 4052        AFD            (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
22:58:02.0878 4052        AFD - ok
22:58:02.0904 4052        agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
22:58:02.0960 4052        agp440 - ok
22:58:02.0996 4052        aic78xx        (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
22:58:03.0052 4052        aic78xx - ok
22:58:03.0184 4052        Akamai          (1125c7d9fb8898015829c387c1bc87c7) c:\program files\common files\akamai/netsession_win_6c825ce.dll
22:58:03.0184 4052        Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_6c825ce.dll. md5: 1125c7d9fb8898015829c387c1bc87c7
22:58:03.0193 4052        Akamai ( HiddenFile.Multi.Generic ) - warning
22:58:03.0193 4052        Akamai - detected HiddenFile.Multi.Generic (1)
22:58:03.0204 4052        ALG            (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
22:58:03.0338 4052        ALG - ok
22:58:03.0353 4052        aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
22:58:03.0404 4052        aliide - ok
22:58:03.0433 4052        amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
22:58:03.0492 4052        amdagp - ok
22:58:03.0509 4052        amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
22:58:03.0542 4052        amdide - ok
22:58:03.0555 4052        AmdK7          (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
22:58:03.0630 4052        AmdK7 - ok
22:58:03.0642 4052        AmdK8          (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
22:58:03.0714 4052        AmdK8 - ok
22:58:03.0742 4052        Appinfo        (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
22:58:03.0784 4052        Appinfo - ok
22:58:03.0803 4052        arc            (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
22:58:03.0862 4052        arc - ok
22:58:03.0878 4052        arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
22:58:03.0942 4052        arcsas - ok
22:58:03.0967 4052        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
22:58:04.0026 4052        AsyncMac - ok
22:58:04.0041 4052        atapi          (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
22:58:04.0063 4052        atapi - ok
22:58:04.0103 4052        Ati External Event Utility (8c260202f8124ea7aa5c4d75b691351a) C:\Windows\system32\Ati2evxx.exe
22:58:04.0307 4052        Ati External Event Utility - ok
22:58:04.0400 4052        atikmdag        (a3387b24d17a68fa12a9282481ce6eec) C:\Windows\system32\DRIVERS\atikmdag.sys
22:58:04.0659 4052        atikmdag - ok
22:58:04.0719 4052        AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
22:58:04.0773 4052        AudioEndpointBuilder - ok
22:58:04.0810 4052        Audiosrv        (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
22:58:04.0861 4052        Audiosrv - ok
22:58:04.0945 4052        Autodesk Licensing Service (32a5defddc3562bf89d73586f5915b34) C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
22:58:05.0705 4052        Autodesk Licensing Service - ok
22:58:05.0768 4052        BBSvc          (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
22:58:05.0885 4052        BBSvc - ok
22:58:05.0945 4052        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
22:58:06.0004 4052        Beep - ok
22:58:06.0059 4052        BFE            (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
22:58:06.0127 4052        BFE - ok
22:58:06.0202 4052        BITS            (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
22:58:06.0331 4052        BITS - ok
22:58:06.0355 4052        blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
22:58:06.0431 4052        blbdrive - ok
22:58:06.0498 4052        Bonjour Service (a065f048e9e23e6c026a7bb548d126a7) C:\Program Files\Bonjour\mDNSResponder.exe
22:58:06.0569 4052        Bonjour Service - ok
22:58:06.0589 4052        bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
22:58:06.0659 4052        bowser - ok
22:58:06.0682 4052        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
22:58:06.0738 4052        BrFiltLo - ok
22:58:06.0758 4052        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
22:58:06.0816 4052        BrFiltUp - ok
22:58:06.0836 4052        Browser        (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
22:58:06.0887 4052        Browser - ok
22:58:06.0904 4052        Brserid        (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
22:58:07.0093 4052        Brserid - ok
22:58:07.0113 4052        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
22:58:07.0212 4052        BrSerWdm - ok
22:58:07.0227 4052        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
22:58:07.0298 4052        BrUsbMdm - ok
22:58:07.0315 4052        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
22:58:07.0387 4052        BrUsbSer - ok
22:58:07.0405 4052        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
22:58:07.0494 4052        BTHMODEM - ok
22:58:07.0520 4052        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
22:58:07.0573 4052        cdfs - ok
22:58:07.0613 4052        cdrom          (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
22:58:07.0700 4052        cdrom - ok
22:58:07.0743 4052        CertPropSvc    (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
22:58:07.0804 4052        CertPropSvc - ok
22:58:07.0819 4052        circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
22:58:07.0889 4052        circlass - ok
22:58:07.0933 4052        CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
22:58:07.0970 4052        CLFS - ok
22:58:08.0027 4052        clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:58:08.0100 4052        clr_optimization_v2.0.50727_32 - ok
22:58:08.0189 4052        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:58:08.0216 4052        clr_optimization_v4.0.30319_32 - ok
22:58:08.0229 4052        cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
22:58:08.0268 4052        cmdide - ok
22:58:08.0285 4052        Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
22:58:08.0318 4052        Compbatt - ok
22:58:08.0326 4052        COMSysApp - ok
22:58:08.0337 4052        crcdisk        (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
22:58:08.0360 4052        crcdisk - ok
22:58:08.0374 4052        Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
22:58:08.0446 4052        Crusoe - ok
22:58:08.0464 4052        CryptSvc        (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
22:58:08.0509 4052        CryptSvc - ok
22:58:08.0562 4052        DcomLaunch      (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
22:58:08.0628 4052        DcomLaunch - ok
22:58:08.0658 4052        DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
22:58:08.0767 4052        DfsC - ok
22:58:08.0838 4052        DFSR            (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
22:58:09.0067 4052        DFSR - ok
22:58:09.0124 4052        Dhcp            (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
22:58:09.0165 4052        Dhcp - ok
22:58:09.0189 4052        disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
22:58:09.0225 4052        disk - ok
22:58:09.0258 4052        DNIMp50        (2782a4549cc6558c52b0753126b2a833) C:\Windows\system32\Drivers\DNIMp50.sys
22:58:09.0305 4052        DNIMp50 ( UnsignedFile.Multi.Generic ) - warning
22:58:09.0305 4052        DNIMp50 - detected UnsignedFile.Multi.Generic (1)
22:58:09.0323 4052        DNISp50        (b222622709a919c91cb54a90cf7ceefc) C:\Windows\system32\Drivers\DNISp50.sys
22:58:09.0370 4052        DNISp50 ( UnsignedFile.Multi.Generic ) - warning
22:58:09.0370 4052        DNISp50 - detected UnsignedFile.Multi.Generic (1)
22:58:09.0397 4052        Dnscache        (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
22:58:09.0465 4052        Dnscache - ok
22:58:09.0497 4052        dot3svc        (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
22:58:09.0561 4052        dot3svc - ok
22:58:09.0591 4052        Dot4            (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
22:58:09.0653 4052        Dot4 - ok
22:58:09.0668 4052        Dot4Print      (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
22:58:09.0725 4052        Dot4Print - ok
22:58:09.0748 4052        dot4usb        (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
22:58:09.0812 4052        dot4usb - ok
22:58:09.0836 4052        DPS            (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
22:58:09.0884 4052        DPS - ok
22:58:09.0914 4052        drmkaud        (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
22:58:09.0943 4052        drmkaud - ok
22:58:09.0987 4052        DXGKrnl        (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
22:58:10.0057 4052        DXGKrnl - ok
22:58:10.0079 4052        E1G60          (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
22:58:10.0174 4052        E1G60 - ok
22:58:10.0194 4052        EagleNT - ok
22:58:10.0205 4052        EagleXNt - ok
22:58:10.0228 4052        EapHost        (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
22:58:10.0284 4052        EapHost - ok
22:58:10.0336 4052        Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
22:58:10.0373 4052        Ecache - ok
22:58:10.0429 4052        eDataSecurity Service (b7dc2580425225c320ceda78de55a3d0) C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
22:58:10.0515 4052        eDataSecurity Service - ok
22:58:10.0551 4052        ehRecvr        (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
22:58:10.0674 4052        ehRecvr - ok
22:58:10.0683 4052        ehSched        (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
22:58:10.0777 4052        ehSched - ok
22:58:10.0786 4052        ehstart        (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
22:58:10.0812 4052        ehstart - ok
22:58:10.0834 4052        elxstor        (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
22:58:10.0900 4052        elxstor - ok
22:58:10.0938 4052        EMDMgmt        (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
22:58:11.0050 4052        EMDMgmt - ok
22:58:11.0133 4052        eRecoveryService (59fccaf915ba89dd98cadf08da91afee) C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
22:58:11.0165 4052        eRecoveryService ( UnsignedFile.Multi.Generic ) - warning
22:58:11.0165 4052        eRecoveryService - detected UnsignedFile.Multi.Generic (1)
22:58:11.0192 4052        ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
22:58:11.0232 4052        ErrDev - ok
22:58:11.0256 4052        eSettingsService (a9745687a57cdd71237915859aba8dac) C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
22:58:11.0278 4052        eSettingsService ( UnsignedFile.Multi.Generic ) - warning
22:58:11.0278 4052        eSettingsService - detected UnsignedFile.Multi.Generic (1)
22:58:11.0302 4052        EventSystem    (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
22:58:11.0354 4052        EventSystem - ok
22:58:11.0400 4052        exfat          (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
22:58:11.0487 4052        exfat - ok
22:58:11.0516 4052        fastfat        (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
22:58:11.0563 4052        fastfat - ok
22:58:11.0655 4052        FCSAM          (8cab6b589f6610bf0e20780e153248c1) C:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MsMpEng.exe
22:58:11.0689 4052        FCSAM - ok
22:58:11.0726 4052        fdc            (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
22:58:11.0787 4052        fdc - ok
22:58:11.0804 4052        fdPHost        (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
22:58:11.0842 4052        fdPHost - ok
22:58:11.0850 4052        FDResPub        (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
22:58:11.0919 4052        FDResPub - ok
22:58:11.0939 4052        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
22:58:11.0975 4052        FileInfo - ok
22:58:11.0989 4052        Filetrace      (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
22:58:12.0055 4052        Filetrace - ok
22:58:12.0073 4052        flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
22:58:12.0135 4052        flpydisk - ok
22:58:12.0170 4052        FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
22:58:12.0204 4052        FltMgr - ok
22:58:12.0258 4052        FontCache      (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
22:58:12.0343 4052        FontCache - ok
22:58:12.0403 4052        FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:58:12.0437 4052        FontCache3.0.0.0 - ok
22:58:12.0459 4052        Fs_Rec          (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
22:58:12.0515 4052        Fs_Rec - ok
22:58:12.0539 4052        gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
22:58:12.0599 4052        gagp30kx - ok
22:58:12.0655 4052        GEARAspiWDM    (f2f431d1573ee632975c524418655b84) C:\Windows\system32\drivers\GEARAspiWDM.sys
22:58:12.0701 4052        GEARAspiWDM - ok
22:58:12.0744 4052        gpsvc          (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
22:58:12.0817 4052        gpsvc - ok
22:58:12.0868 4052        HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
22:58:12.0946 4052        HdAudAddService - ok
22:58:12.0976 4052        HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:58:13.0092 4052        HDAudBus - ok
22:58:13.0114 4052        HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
22:58:13.0195 4052        HidBth - ok
22:58:13.0210 4052        HidIr          (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
22:58:13.0286 4052        HidIr - ok
22:58:13.0318 4052        hidserv        (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
22:58:13.0357 4052        hidserv - ok
22:58:13.0375 4052        HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
22:58:13.0425 4052        HidUsb - ok
22:58:13.0438 4052        hkmsvc          (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
22:58:13.0507 4052        hkmsvc - ok
22:58:13.0519 4052        HpCISSs        (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
22:58:13.0560 4052        HpCISSs - ok
22:58:13.0590 4052        HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
22:58:13.0660 4052        HTTP - ok
22:58:13.0678 4052        i2omp          (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
22:58:13.0716 4052        i2omp - ok
22:58:13.0743 4052        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
22:58:13.0821 4052        i8042prt - ok
22:58:13.0842 4052        iaStor          (580bfec487c55264bfe3d60c3c24eee1) C:\Windows\system32\drivers\iastor.sys
22:58:13.0904 4052        iaStor - ok
22:58:13.0925 4052        iaStorV        (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
22:58:13.0998 4052        iaStorV - ok
22:58:14.0066 4052        idsvc          (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:58:14.0300 4052        idsvc - ok
22:58:14.0316 4052        iirsp          (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
22:58:14.0364 4052        iirsp - ok
22:58:14.0402 4052        IKEEXT          (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
22:58:14.0482 4052        IKEEXT - ok
22:58:14.0561 4052        int15          (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Acer\Empowering Technology\eRecovery\int15.sys
22:58:14.0580 4052        int15 - ok
22:58:14.0647 4052        IntcAzAudAddService (4c01298060cf930d26a75a86b874b6ae) C:\Windows\system32\drivers\RTKVHDA.sys
22:58:14.0831 4052        IntcAzAudAddService - ok
22:58:14.0898 4052        intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
22:58:14.0926 4052        intelide - ok
22:58:14.0960 4052        intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
22:58:15.0027 4052        intelppm - ok
22:58:15.0050 4052        IPBusEnum      (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
22:58:15.0123 4052        IPBusEnum - ok
22:58:15.0140 4052        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:58:15.0218 4052        IpFilterDriver - ok
22:58:15.0252 4052        iphlpsvc        (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
22:58:15.0305 4052        iphlpsvc - ok
22:58:15.0313 4052        IpInIp - ok
22:58:15.0331 4052        IPMIDRV        (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
22:58:15.0420 4052        IPMIDRV - ok
22:58:15.0438 4052        IPNAT          (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
22:58:15.0497 4052        IPNAT - ok
22:58:15.0509 4052        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
22:58:15.0571 4052        IRENUM - ok
22:58:15.0588 4052        isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
22:58:15.0641 4052        isapnp - ok
22:58:15.0672 4052        iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
22:58:15.0703 4052        iScsiPrt - ok
22:58:15.0723 4052        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
22:58:15.0766 4052        iteatapi - ok
22:58:15.0788 4052        iteraid        (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
22:58:15.0829 4052        iteraid - ok
22:58:15.0855 4052        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
22:58:15.0899 4052        kbdclass - ok
22:58:15.0916 4052        kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
22:58:15.0982 4052        kbdhid - ok
22:58:16.0000 4052        KeyIso          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
22:58:16.0069 4052        KeyIso - ok
22:58:16.0107 4052        KSecDD          (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
22:58:16.0148 4052        KSecDD - ok
22:58:16.0169 4052        KtmRm          (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
22:58:16.0232 4052        KtmRm - ok
22:58:16.0262 4052        LanmanServer    (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
22:58:16.0308 4052        LanmanServer - ok
22:58:16.0342 4052        LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
22:58:16.0390 4052        LanmanWorkstation - ok
22:58:16.0442 4052        LightScribeService (793ff718477345cd5d232c50bed1e452) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
22:58:16.0516 4052        LightScribeService ( UnsignedFile.Multi.Generic ) - warning
22:58:16.0517 4052        LightScribeService - detected UnsignedFile.Multi.Generic (1)
22:58:16.0549 4052        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
22:58:16.0627 4052        lltdio - ok
22:58:16.0660 4052        lltdsvc        (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
22:58:16.0736 4052        lltdsvc - ok
22:58:16.0757 4052        lmhosts        (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
22:58:16.0818 4052        lmhosts - ok
22:58:16.0839 4052        LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
22:58:16.0913 4052        LSI_FC - ok
22:58:16.0954 4052        LSI_SAS        (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
22:58:17.0021 4052        LSI_SAS - ok
22:58:17.0038 4052        LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
22:58:17.0107 4052        LSI_SCSI - ok
22:58:17.0122 4052        luafv          (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
22:58:17.0218 4052        luafv - ok
22:58:17.0237 4052        Mcx2Svc        (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
22:58:17.0294 4052        Mcx2Svc - ok
22:58:17.0314 4052        megasas        (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
22:58:17.0369 4052        megasas - ok
22:58:17.0408 4052        MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
22:58:17.0524 4052        MegaSR - ok
22:58:17.0541 4052        MMCSS          (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
22:58:17.0600 4052        MMCSS - ok
22:58:17.0614 4052        Modem          (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
22:58:17.0678 4052        Modem - ok
22:58:17.0695 4052        monitor        (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
22:58:17.0743 4052        monitor - ok
22:58:17.0761 4052        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
22:58:17.0804 4052        mouclass - ok
22:58:17.0824 4052        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
22:58:17.0891 4052        mouhid - ok
22:58:17.0911 4052        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
22:58:17.0947 4052        MountMgr - ok
22:58:17.0988 4052        MpFilter        (356842aac621ab40f18992c01a590f71) C:\Windows\system32\DRIVERS\MpFilter.sys
22:58:18.0024 4052        MpFilter - ok
22:58:18.0054 4052        mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
22:58:18.0133 4052        mpio - ok
22:58:18.0151 4052        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
22:58:18.0190 4052        mpsdrv - ok
22:58:18.0235 4052        MpsSvc          (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
22:58:18.0288 4052        MpsSvc - ok
22:58:18.0304 4052        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
22:58:18.0342 4052        Mraid35x - ok
22:58:18.0379 4052        MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
22:58:18.0408 4052        MRxDAV - ok
22:58:18.0448 4052        mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:58:18.0493 4052        mrxsmb - ok
22:58:18.0516 4052        mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:58:18.0553 4052        mrxsmb10 - ok
22:58:18.0567 4052        mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:58:18.0614 4052        mrxsmb20 - ok
22:58:18.0631 4052        msahci          (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
22:58:18.0665 4052        msahci - ok
22:58:18.0686 4052        msdsm          (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
22:58:18.0729 4052        msdsm - ok
22:58:18.0755 4052        MSDTC          (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
22:58:18.0817 4052        MSDTC - ok
22:58:18.0837 4052        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
22:58:18.0896 4052        Msfs - ok
22:58:18.0919 4052        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
22:58:18.0941 4052        msisadrv - ok
22:58:18.0971 4052        MSiSCSI        (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
22:58:19.0044 4052        MSiSCSI - ok
22:58:19.0052 4052        msiserver - ok
22:58:19.0071 4052        MSKSSRV        (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
22:58:19.0126 4052        MSKSSRV - ok
22:58:19.0151 4052        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
22:58:19.0189 4052        MSPCLOCK - ok
22:58:19.0209 4052        MSPQM          (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
22:58:19.0243 4052        MSPQM - ok
22:58:19.0280 4052        MsRPC          (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
22:58:19.0339 4052        MsRPC - ok
22:58:19.0358 4052        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
22:58:19.0387 4052        mssmbios - ok
22:58:19.0398 4052        MSTEE          (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
22:58:19.0436 4052        MSTEE - ok
22:58:19.0446 4052        Mup            (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
22:58:19.0484 4052        Mup - ok
22:58:19.0524 4052        napagent        (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
22:58:19.0582 4052        napagent - ok
22:58:19.0627 4052        NativeWifiP    (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
22:58:19.0689 4052        NativeWifiP - ok
22:58:19.0733 4052        NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
22:58:19.0786 4052        NDIS - ok
22:58:19.0806 4052        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
22:58:19.0858 4052        NdisTapi - ok
22:58:19.0873 4052        Ndisuio        (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
22:58:19.0926 4052        Ndisuio - ok
22:58:19.0975 4052        NdisWan        (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
22:58:20.0024 4052        NdisWan - ok
22:58:20.0040 4052        NDProxy        (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
22:58:20.0114 4052        NDProxy - ok
22:58:20.0156 4052        Net Driver HPZ12 (2969d26eee289be7422aa46fc55f4e38) C:\Windows\system32\HPZinw12.dll
22:58:20.0186 4052        Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
22:58:20.0186 4052        Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
22:58:20.0202 4052        NetBIOS        (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
22:58:20.0272 4052        NetBIOS - ok
22:58:20.0311 4052        netbt          (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
22:58:20.0405 4052        netbt - ok
22:58:20.0425 4052        Netlogon        (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
22:58:20.0459 4052        Netlogon - ok
22:58:20.0488 4052        Netman          (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
22:58:20.0563 4052        Netman - ok
22:58:20.0580 4052        netprofm        (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
22:58:20.0641 4052        netprofm - ok
22:58:20.0691 4052        NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:58:20.0739 4052        NetTcpPortSharing - ok
22:58:20.0754 4052        nfrd960        (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
22:58:20.0803 4052        nfrd960 - ok
22:58:20.0823 4052        NlaSvc          (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
22:58:20.0873 4052        NlaSvc - ok
22:58:20.0919 4052        nmwcd          (c3963d85b721a7f80d8a55f4e2867a3a) C:\Windows\system32\drivers\ccdcmb.sys
22:58:20.0985 4052        nmwcd - ok
22:58:21.0010 4052        nmwcdc          (3859c69a77793180548802dac9f34a38) C:\Windows\system32\drivers\ccdcmbo.sys
22:58:21.0096 4052        nmwcdc - ok
22:58:21.0128 4052        Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
22:58:21.0195 4052        Npfs - ok
22:58:21.0209 4052        nsi            (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
22:58:21.0270 4052        nsi - ok
22:58:21.0281 4052        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
22:58:21.0336 4052        nsiproxy - ok
22:58:21.0387 4052        Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
22:58:21.0618 4052        Ntfs - ok
22:58:21.0654 4052        NTIDrvr        (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\Windows\system32\DRIVERS\NTIDrvr.sys
22:58:21.0667 4052        NTIDrvr ( UnsignedFile.Multi.Generic ) - warning
22:58:21.0668 4052        NTIDrvr - detected UnsignedFile.Multi.Generic (1)
22:58:21.0684 4052        ntrigdigi      (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
22:58:21.0754 4052        ntrigdigi - ok
22:58:21.0763 4052        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
22:58:21.0796 4052        Null - ok
22:58:21.0840 4052        NVENETFD        (d668632606d1cebf0b6ec64c1df7ed6f) C:\Windows\system32\DRIVERS\nvmfdx32.sys
22:58:21.0936 4052        NVENETFD - ok
22:58:21.0961 4052        NVHDA          (d2f4c4b22969236382ca853b8daa2d4e) C:\Windows\system32\drivers\nvhda32v.sys
22:58:22.0020 4052        NVHDA - ok
22:58:22.0161 4052        nvlddmkm        (23c24fdbc46b61a828db3779a808a68b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:58:22.0613 4052        nvlddmkm - ok
22:58:22.0636 4052        nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
22:58:22.0680 4052        nvraid - ok
22:58:22.0707 4052        nvrd32          (73f84853274c0f633425b102b4edd631) C:\Windows\system32\drivers\nvrd32.sys
22:58:22.0756 4052        nvrd32 - ok
22:58:22.0765 4052        nvsmu          (7ec12a73067baca25a8e3e2a58ae83d8) C:\Windows\system32\DRIVERS\nvsmu.sys
22:58:22.0799 4052        nvsmu - ok
22:58:22.0820 4052        nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
22:58:22.0869 4052        nvstor - ok
22:58:22.0880 4052        nvstor32        (a136ba7eb1eebe4b2469f123f4607518) C:\Windows\system32\drivers\nvstor32.sys
22:58:22.0926 4052        nvstor32 - ok
22:58:22.0952 4052        nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
22:58:22.0998 4052        nv_agp - ok
22:58:23.0007 4052        NwlnkFlt - ok
22:58:23.0019 4052        NwlnkFwd - ok
22:58:23.0062 4052        ohci1394        (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
22:58:23.0109 4052        ohci1394 - ok
22:58:23.0176 4052        ose            (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:58:23.0273 4052        ose - ok
22:58:23.0317 4052        p2pimsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
22:58:23.0458 4052        p2pimsvc - ok
22:58:23.0470 4052        p2psvc          (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
22:58:23.0533 4052        p2psvc - ok
22:58:23.0556 4052        Parport        (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
22:58:23.0677 4052        Parport - ok
22:58:23.0714 4052        partmgr        (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
22:58:23.0751 4052        partmgr - ok
22:58:23.0763 4052        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
22:58:23.0835 4052        Parvdm - ok
22:58:23.0857 4052        PcaSvc          (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
22:58:23.0898 4052        PcaSvc - ok
22:58:23.0947 4052        pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
22:58:24.0000 4052        pccsmcfd - ok
22:58:24.0022 4052        pci            (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
22:58:24.0051 4052        pci - ok
22:58:24.0078 4052        pciide          (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
22:58:24.0101 4052        pciide - ok
22:58:24.0117 4052        pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
22:58:24.0170 4052        pcmcia - ok
22:58:24.0205 4052        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
22:58:24.0368 4052        PEAUTH - ok
22:58:24.0426 4052        pla            (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
22:58:24.0556 4052        pla - ok
22:58:24.0599 4052        PlugPlay        (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
22:58:26.0455 4052        PlugPlay - ok
22:58:26.0493 4052        Pml Driver HPZ12 (bafc9706bdf425a02b66468ab2605c59) C:\Windows\system32\HPZipm12.dll
22:58:26.0520 4052        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
22:58:26.0520 4052        Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
22:58:26.0559 4052        PNRPAutoReg    (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
22:58:26.0627 4052        PNRPAutoReg - ok
22:58:26.0650 4052        PNRPsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
22:58:26.0705 4052        PNRPsvc - ok
22:58:26.0740 4052        PolicyAgent    (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
22:58:26.0803 4052        PolicyAgent - ok
22:58:26.0828 4052        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
22:58:26.0913 4052        PptpMiniport - ok
22:58:26.0934 4052        Processor      (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
22:58:27.0001 4052        Processor - ok
22:58:27.0038 4052        ProfSvc        (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
22:58:27.0095 4052        ProfSvc - ok
22:58:27.0125 4052        ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
22:58:27.0158 4052        ProtectedStorage - ok
22:58:27.0194 4052        PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
22:58:27.0283 4052        PSched - ok
22:58:27.0295 4052        PSDFilter      (ab94285ff6c6bc5433407d8d182a4bb4) C:\Windows\system32\DRIVERS\psdfilter.sys
22:58:27.0320 4052        PSDFilter - ok
22:58:27.0332 4052        PSDNServ        (2aaf9a5d7a63d26bfaea853c5f2292bc) C:\Windows\system32\DRIVERS\PSDNServ.sys
22:58:27.0351 4052        PSDNServ - ok
22:58:27.0365 4052        psdvdisk        (0eb8cec99855beae5b0d02c2302619ef) C:\Windows\system32\DRIVERS\PSDVdisk.sys
22:58:27.0376 4052        psdvdisk - ok
22:58:27.0414 4052        PxHelp20        (feffcfdc528764a04c8ed63d5fa6e711) C:\Windows\system32\Drivers\PxHelp20.sys
22:58:27.0436 4052        PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
22:58:27.0436 4052        PxHelp20 - detected UnsignedFile.Multi.Generic (1)
22:58:27.0481 4052        ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
22:58:27.0590 4052        ql2300 - ok
22:58:27.0610 4052        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
22:58:27.0695 4052        ql40xx - ok
22:58:27.0722 4052        QWAVE          (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
22:58:27.0825 4052        QWAVE - ok
22:58:27.0844 4052        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
22:58:27.0901 4052        QWAVEdrv - ok
22:58:27.0915 4052        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
22:58:27.0965 4052        RasAcd - ok
22:58:27.0986 4052        RasAuto        (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
22:58:28.0055 4052        RasAuto - ok
22:58:28.0073 4052        Rasl2tp        (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:58:28.0181 4052        Rasl2tp - ok
22:58:28.0228 4052        RasMan          (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
22:58:28.0283 4052        RasMan - ok
22:58:28.0319 4052        RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
22:58:28.0388 4052        RasPppoe - ok
22:58:28.0460 4052        RasSstp        (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
22:58:28.0539 4052        RasSstp - ok
22:58:28.0626 4052        rdbss          (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
22:58:28.0734 4052        rdbss - ok
22:58:28.0743 4052        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:58:28.0776 4052        RDPCDD - ok
22:58:28.0830 4052        rdpdr          (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
22:58:28.0871 4052        rdpdr - ok
22:58:28.0880 4052        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
22:58:28.0913 4052        RDPENCDD - ok
22:58:28.0943 4052        RDPWD          (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
22:58:29.0076 4052        RDPWD - ok
22:58:29.0111 4052        RemoteAccess    (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
22:58:29.0185 4052        RemoteAccess - ok
22:58:29.0221 4052        RemoteRegistry  (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
22:58:29.0299 4052        RemoteRegistry - ok
22:58:29.0361 4052        RichVideo      (a035a7bf5132682f53f1e7b955690ce7) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
22:58:29.0432 4052        RichVideo ( UnsignedFile.Multi.Generic ) - warning
22:58:29.0432 4052        RichVideo - detected UnsignedFile.Multi.Generic (1)
22:58:29.0455 4052        RpcLocator      (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
22:58:29.0511 4052        RpcLocator - ok
22:58:29.0554 4052        RpcSs          (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
22:58:29.0605 4052        RpcSs - ok
22:58:29.0635 4052        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
22:58:29.0717 4052        rspndr - ok
22:58:29.0742 4052        SamSs          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
22:58:29.0775 4052        SamSs - ok
22:58:29.0810 4052        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
22:58:29.0882 4052        sbp2port - ok
22:58:29.0923 4052        SCardSvr        (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
22:58:29.0984 4052        SCardSvr - ok
22:58:30.0022 4052        Schedule        (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
22:58:30.0133 4052        Schedule - ok
22:58:30.0160 4052        SCPolicySvc    (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
22:58:30.0196 4052        SCPolicySvc - ok
22:58:30.0220 4052        SDRSVC          (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
22:58:30.0278 4052        SDRSVC - ok
22:58:30.0340 4052        SeaPort        (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
22:58:30.0434 4052        SeaPort - ok
22:58:30.0457 4052        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:58:30.0525 4052        secdrv - ok
22:58:30.0543 4052        seclogon        (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
22:58:30.0585 4052        seclogon - ok
22:58:30.0600 4052        SENS            (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
22:58:30.0656 4052        SENS - ok
22:58:30.0674 4052        Serenum        (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
22:58:30.0729 4052        Serenum - ok
22:58:30.0747 4052        Serial          (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
22:58:30.0883 4052        Serial - ok
22:58:30.0899 4052        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
22:58:30.0949 4052        sermouse - ok
22:58:31.0010 4052        ServiceLayer    (2d841b7b7f6dec32162edfcc69d61f42) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
22:58:31.0167 4052        ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
22:58:31.0167 4052        ServiceLayer - detected UnsignedFile.Multi.Generic (1)
22:58:31.0202 4052        SessionEnv      (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
22:58:31.0250 4052        SessionEnv - ok
22:58:31.0264 4052        sffdisk        (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
22:58:31.0312 4052        sffdisk - ok
22:58:31.0332 4052        sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
22:58:31.0378 4052        sffp_mmc - ok
22:58:31.0387 4052        sffp_sd        (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
22:58:31.0437 4052        sffp_sd - ok
22:58:31.0450 4052        sfloppy        (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
22:58:31.0514 4052        sfloppy - ok
22:58:31.0534 4052        SharedAccess    (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
22:58:31.0641 4052        SharedAccess - ok
22:58:31.0692 4052        ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
22:58:31.0744 4052        ShellHWDetection - ok
22:58:31.0765 4052        sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
22:58:31.0825 4052        sisagp - ok
22:58:31.0839 4052        SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
22:58:31.0880 4052        SiSRaid2 - ok
22:58:31.0897 4052        SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
22:58:31.0959 4052        SiSRaid4 - ok
22:58:32.0021 4052        SkypeUpdate    (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe
22:58:32.0179 4052        SkypeUpdate - ok
22:58:32.0260 4052        slsvc          (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
22:58:32.0511 4052        slsvc - ok
22:58:32.0559 4052        SLUINotify      (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
22:58:32.0619 4052        SLUINotify - ok
22:58:32.0654 4052        Smb            (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
22:58:32.0748 4052        Smb - ok
22:58:32.0781 4052        SNMPTRAP        (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
22:58:32.0818 4052        SNMPTRAP - ok
22:58:32.0829 4052        spldr          (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
22:58:32.0854 4052        spldr - ok
22:58:32.0877 4052        Spooler        (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
22:58:32.0919 4052        Spooler - ok
22:58:32.0948 4052        srv            (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
22:58:33.0002 4052        srv - ok
22:58:33.0030 4052        srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
22:58:33.0069 4052        srv2 - ok
22:58:33.0088 4052        srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
22:58:33.0126 4052        srvnet - ok
22:58:33.0152 4052        SSDPSRV        (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
22:58:33.0210 4052        SSDPSRV - ok
22:58:33.0229 4052        SstpSvc        (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
22:58:33.0263 4052        SstpSvc - ok
22:58:33.0293 4052        StarOpen        (f92254b0bcfcd10caac7bccc7cb7f467) C:\Windows\system32\drivers\StarOpen.sys
22:58:33.0317 4052        StarOpen ( UnsignedFile.Multi.Generic ) - warning
22:58:33.0317 4052        StarOpen - detected UnsignedFile.Multi.Generic (1)
22:58:33.0362 4052        stisvc          (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
22:58:33.0430 4052        stisvc - ok
22:58:33.0453 4052        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
22:58:33.0484 4052        swenum - ok
22:58:33.0526 4052        swprv          (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
22:58:33.0612 4052        swprv - ok
22:58:33.0631 4052        Symc8xx        (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
22:58:33.0675 4052        Symc8xx - ok
22:58:33.0689 4052        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
22:58:33.0727 4052        Sym_hi - ok
22:58:33.0746 4052        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
22:58:33.0791 4052        Sym_u3 - ok
22:58:33.0837 4052        SysMain        (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
22:58:33.0898 4052        SysMain - ok
22:58:33.0930 4052        TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
22:58:33.0993 4052        TabletInputService - ok
22:58:34.0089 4052        TabletServicePen (ded6145ca9a7c7f2bbbf1e4cecd48114) C:\Windows\system32\Pen_Tablet.exe
22:58:34.0281 4052        TabletServicePen - ok
22:58:34.0313 4052        TapiSrv        (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
22:58:34.0368 4052        TapiSrv - ok
22:58:34.0384 4052        TBS            (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
22:58:34.0429 4052        TBS - ok
22:58:34.0478 4052        Tcpip          (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
22:58:34.0628 4052        Tcpip - ok
22:58:34.0661 4052        Tcpip6          (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
22:58:34.0752 4052        Tcpip6 - ok
22:58:34.0781 4052        tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
22:58:34.0820 4052        tcpipreg - ok
22:58:34.0841 4052        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
22:58:34.0895 4052        TDPIPE - ok
22:58:34.0909 4052        TDTCP          (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
22:58:34.0966 4052        TDTCP - ok
22:58:35.0004 4052        tdx            (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
22:58:35.0093 4052        tdx - ok
22:58:35.0118 4052        TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
22:58:35.0177 4052        TermDD - ok
22:58:35.0216 4052        TermService    (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
22:58:35.0275 4052        TermService - ok
22:58:35.0317 4052        Themes          (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
22:58:35.0352 4052        Themes - ok
22:58:35.0374 4052        THREADORDER    (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
22:58:35.0412 4052        THREADORDER - ok
22:58:35.0437 4052        TrkWks          (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
22:58:35.0486 4052        TrkWks - ok
22:58:35.0531 4052        TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
22:58:35.0581 4052        TrustedInstaller - ok
22:58:35.0601 4052        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:58:35.0652 4052        tssecsrv - ok
22:58:35.0673 4052        tunmp          (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
22:58:35.0727 4052        tunmp - ok
22:58:35.0764 4052        tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
22:58:35.0814 4052        tunnel - ok
22:58:35.0836 4052        tvicport        (97dd70feca64fb4f63de7bb7e66a80b1) C:\Windows\system32\drivers\tvicport.sys
22:58:35.0862 4052        tvicport ( UnsignedFile.Multi.Generic ) - warning
22:58:35.0862 4052        tvicport - detected UnsignedFile.Multi.Generic (1)
22:58:35.0878 4052        uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
22:58:35.0938 4052        uagp35 - ok
22:58:35.0983 4052        udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
22:58:36.0034 4052        udfs - ok
22:58:36.0052 4052        UI0Detect      (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
22:58:36.0125 4052        UI0Detect - ok
22:58:36.0145 4052        uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
22:58:36.0211 4052        uliagpkx - ok
22:58:36.0237 4052        uliahci        (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
22:58:36.0361 4052        uliahci - ok
22:58:36.0382 4052        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
22:58:36.0418 4052        UlSata - ok
22:58:36.0433 4052        ulsata2        (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
22:58:36.0475 4052        ulsata2 - ok
22:58:36.0488 4052        umbus          (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
22:58:36.0559 4052        umbus - ok
22:58:36.0575 4052        upnphost        (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
22:58:36.0627 4052        upnphost - ok
22:58:36.0673 4052        upperdev        (0ccadc7391021376edbb8aa649d04e68) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
22:58:36.0719 4052        upperdev - ok
22:58:36.0738 4052        USBAAPL - ok
22:58:36.0767 4052        usbccgp        (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
22:58:36.0845 4052        usbccgp - ok
22:58:36.0861 4052        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
22:58:36.0961 4052        usbcir - ok
22:58:36.0978 4052        usbehci        (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
22:58:37.0034 4052        usbehci - ok
22:58:37.0073 4052        usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
22:58:37.0136 4052        usbhub - ok
22:58:37.0161 4052        usbohci        (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
22:58:37.0212 4052        usbohci - ok
22:58:37.0238 4052        usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
22:58:37.0296 4052        usbprint - ok
22:58:37.0312 4052        usbscan        (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
22:58:37.0387 4052        usbscan - ok
22:58:37.0403 4052        usbser          (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\DRIVERS\usbser.sys
22:58:37.0462 4052        usbser - ok
22:58:37.0481 4052        USBSTOR        (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:58:37.0560 4052        USBSTOR - ok
22:58:37.0572 4052        usbuhci        (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
22:58:37.0623 4052        usbuhci - ok
22:58:37.0677 4052        usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
22:58:37.0722 4052        usbvideo - ok
22:58:37.0754 4052        UxSms          (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
22:58:37.0810 4052        UxSms - ok
22:58:37.0850 4052        vds            (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
22:58:37.0945 4052        vds - ok
22:58:37.0968 4052        vga            (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
22:58:38.0025 4052        vga - ok
22:58:38.0043 4052        VgaSave        (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
22:58:38.0101 4052        VgaSave - ok
22:58:38.0120 4052        viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
22:58:38.0178 4052        viaagp - ok
22:58:38.0191 4052        ViaC7          (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
22:58:38.0252 4052        ViaC7 - ok
22:58:38.0269 4052        viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
22:58:38.0304 4052        viaide - ok
22:58:38.0318 4052        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
22:58:38.0353 4052        volmgr - ok
22:58:38.0395 4052        volmgrx        (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
22:58:38.0429 4052        volmgrx - ok
22:58:38.0451 4052        volsnap        (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
22:58:38.0484 4052        volsnap - ok
22:58:38.0501 4052        vsmraid        (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
22:58:38.0590 4052        vsmraid - ok
22:58:38.0641 4052        VSS            (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
22:58:38.0802 4052        VSS - ok
22:58:38.0830 4052        W32Time        (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
22:58:38.0876 4052        W32Time - ok
22:58:38.0911 4052        wacmoumonitor  (9a03558c37e919b9d6a50864aea0a168) C:\Windows\system32\DRIVERS\wacmoumonitor.sys
22:58:38.0940 4052        wacmoumonitor - ok
22:58:38.0988 4052        wacommousefilter (427a8bc96f16c40df81c2d2f4edd32dd) C:\Windows\system32\DRIVERS\wacommousefilter.sys
22:58:39.0030 4052        wacommousefilter - ok
22:58:39.0056 4052        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
22:58:39.0125 4052        WacomPen - ok
22:58:39.0145 4052        wacomvhid      (d412d2cc82c3d469415758cab44875a4) C:\Windows\system32\DRIVERS\wacomvhid.sys
22:58:39.0173 4052        wacomvhid - ok
22:58:39.0193 4052        WacomVKHid      (889459833432b161cb99cfdf84a1a9bb) C:\Windows\system32\DRIVERS\WacomVKHid.sys
22:58:39.0225 4052        WacomVKHid - ok
22:58:39.0237 4052        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:58:39.0320 4052        Wanarp - ok
22:58:39.0325 4052        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:58:39.0373 4052        Wanarpv6 - ok
22:58:39.0396 4052        wcncsvc        (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
22:58:39.0555 4052        wcncsvc - ok
22:58:39.0576 4052        WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
22:58:39.0635 4052        WcsPlugInService - ok
22:58:39.0656 4052        Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
22:58:39.0681 4052        Wd - ok
22:58:39.0723 4052        Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
22:58:39.0762 4052        Wdf01000 - ok
22:58:39.0782 4052        WdiServiceHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
22:58:39.0825 4052        WdiServiceHost - ok
22:58:39.0829 4052        WdiSystemHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
22:58:39.0872 4052        WdiSystemHost - ok
22:58:39.0912 4052        WebClient      (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
22:58:39.0957 4052        WebClient - ok
22:58:39.0987 4052        Wecsvc          (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
22:58:40.0058 4052        Wecsvc - ok
22:58:40.0071 4052        wercplsupport  (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
22:58:40.0122 4052        wercplsupport - ok
22:58:40.0160 4052        WerSvc          (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
22:58:40.0214 4052        WerSvc - ok
22:58:40.0229 4052        WG111T - ok
22:58:40.0274 4052        WinDefend      (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
22:58:40.0344 4052        WinDefend - ok
22:58:40.0351 4052        WinHttpAutoProxySvc - ok
22:58:40.0408 4052        Winmgmt        (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
22:58:40.0450 4052        Winmgmt - ok
22:58:40.0502 4052        WinRM          (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
22:58:40.0692 4052        WinRM - ok
22:58:40.0747 4052        Wlansvc        (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
22:58:40.0857 4052        Wlansvc - ok
22:58:40.0893 4052        WmiAcpi        (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
22:58:40.0921 4052        WmiAcpi - ok
22:58:40.0971 4052        wmiApSrv        (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
22:58:41.0058 4052        wmiApSrv - ok
22:58:41.0112 4052        WMPNetworkSvc  (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
22:58:41.0471 4052        WMPNetworkSvc - ok
22:58:41.0493 4052        WPCSvc          (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
22:58:41.0558 4052        WPCSvc - ok
22:58:41.0598 4052        WPDBusEnum      (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
22:58:41.0641 4052        WPDBusEnum - ok
22:58:41.0687 4052        WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
22:58:41.0751 4052        WpdUsb - ok
22:58:41.0851 4052        WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:58:41.0929 4052        WPFFontCache_v0400 - ok
22:58:41.0956 4052        ws2ifsl        (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
22:58:42.0015 4052        ws2ifsl - ok
22:58:42.0044 4052        wscsvc          (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
22:58:42.0116 4052        wscsvc - ok
22:58:42.0124 4052        WSearch - ok
22:58:42.0198 4052        wuauserv        (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
22:58:42.0299 4052        wuauserv - ok
22:58:42.0328 4052        WudfPf          (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
22:58:42.0423 4052        WudfPf - ok
22:58:42.0438 4052        WUDFRd          (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:58:42.0467 4052        WUDFRd - ok
22:58:42.0480 4052        wudfsvc        (2c0206ff8d2c75ac027d1096fa2fafda) C:\Windows\System32\WUDFSvc.dll
22:58:42.0544 4052        wudfsvc - ok
22:58:42.0571 4052        XDva289 - ok
22:58:42.0582 4052        XDva370 - ok
22:58:42.0598 4052        zntport        (40ac8590cc9006dbb99ffcb37879d4c6) C:\Windows\system32\drivers\zntport.sys
22:58:42.0630 4052        zntport ( UnsignedFile.Multi.Generic ) - warning
22:58:42.0630 4052        zntport - detected UnsignedFile.Multi.Generic (1)
22:58:42.0648 4052        MBR (0x1B8)    (a863475757cc50891aa8458c415e4b25) \Device\Harddisk0\DR0
22:58:45.0227 4052        \Device\Harddisk0\DR0 - ok
22:58:45.0252 4052        Boot (0x1200)  (90030752e898c3ee7a0ff6e2209fb1e0) \Device\Harddisk0\DR0\Partition0
22:58:45.0253 4052        \Device\Harddisk0\DR0\Partition0 - ok
22:58:45.0271 4052        Boot (0x1200)  (1caa08655c80866ef3e33dc640284374) \Device\Harddisk0\DR0\Partition1
22:58:45.0273 4052        \Device\Harddisk0\DR0\Partition1 - ok
22:58:45.0273 4052        ============================================================
22:58:45.0273 4052        Scan finished
22:58:45.0273 4052        ============================================================
22:58:45.0285 4768        Detected object count: 17
22:58:45.0285 4768        Actual detected object count: 17
22:59:56.0695 4768        Acer HomeMedia Connect Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0695 4768        Acer HomeMedia Connect Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:59:56.0697 4768        AcerMemUsageCheckService ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0697 4768        AcerMemUsageCheckService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:59:56.0701 4768        Akamai ( HiddenFile.Multi.Generic ) - skipped by user
22:59:56.0701 4768        Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
22:59:56.0704 4768        DNIMp50 ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0704 4768        DNIMp50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:59:56.0706 4768        DNISp50 ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0706 4768        DNISp50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:59:56.0709 4768        eRecoveryService ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0709 4768        eRecoveryService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:59:56.0712 4768        eSettingsService ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0713 4768        eSettingsService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:59:56.0715 4768        LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0715 4768        LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:59:56.0717 4768        Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0718 4768        Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:59:56.0720 4768        NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0720 4768        NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:59:56.0722 4768        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0723 4768        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:59:56.0725 4768        PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0725 4768        PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:59:56.0728 4768        RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0728 4768        RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:59:56.0730 4768        ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0731 4768        ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:59:56.0733 4768        StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0733 4768        StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:59:56.0736 4768        tvicport ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0736 4768        tvicport ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:59:56.0739 4768        zntport ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:56.0739 4768        zntport ( UnsignedFile.Multi.Generic ) - User select action: Skip


Alle Zeitangaben in WEZ +1. Es ist jetzt 14:03 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131