| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Kriege Spy Hunter nicht gelöschtWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
03.02.2012, 21:03
| #16 |
 |  Kriege Spy Hunter nicht gelöscht OTL Logfile: Code:
ATTFilter OTL logfile created on: 03.02.2012 20:31:30 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\AJDA\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5,86 Gb Total Physical Memory | 4,03 Gb Available Physical Memory | 68,80% Memory free
11,71 Gb Paging File | 9,97 Gb Available in Paging File | 85,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 115,22 Gb Total Space | 68,81 Gb Free Space | 59,72% Space Free | Partition Type: NTFS
Drive D: | 329,05 Gb Total Space | 328,94 Gb Free Space | 99,96% Space Free | Partition Type: NTFS
Drive F: | 232,88 Gb Total Space | 232,85 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
Drive G: | 232,87 Gb Total Space | 232,83 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
Computer Name: AJDA-PC | User Name: AJDA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.02.03 16:59:15 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\AJDA\Downloads\OTL (1).exe
PRC - [2012.02.02 19:43:18 | 000,939,872 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012.02.02 19:43:18 | 000,909,152 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
PRC - [2011.12.14 12:22:04 | 001,116,480 | ---- | M] (TuneUp Software) -- C:\Program Files (x86)\TuneUp Utilities 2012\Integrator.exe
PRC - [2011.08.01 09:28:16 | 000,124,480 | ---- | M] (ICQ, LLC.) -- C:\Program Files (x86)\ICQ7.5\ICQ.exe
PRC - [2011.07.24 13:11:42 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.05.30 13:40:24 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.08 23:25:07 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2011.03.04 14:36:11 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.10.07 18:43:00 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010.09.14 04:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010.09.14 04:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010.01.21 07:22:03 | 000,909,824 | ---- | M] (Sonix Technology Co., Ltd.) -- C:\Windows\vsnp2uvc.exe
PRC - [2009.12.15 19:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009.06.19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2008.12.23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008.08.14 06:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
========== Modules (No Company Name) ==========
MOD - [2012.02.02 19:43:18 | 000,939,872 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2011.12.12 19:25:42 | 013,420,352 | ---- | M] () -- C:\Program Files (x86)\TuneUp Utilities 2012\libcef.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.12.14 12:23:22 | 000,035,648 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2010.10.05 14:51:19 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.09.23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.06.22 20:20:42 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Disabled | Stopped] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009.08.06 23:17:46 | 000,118,672 | ---- | M] (Intel(R) Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2012.02.02 19:43:18 | 000,909,152 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2011.12.14 12:23:34 | 002,123,584 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.12.14 12:23:22 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.07.24 13:11:42 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.07.07 18:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [Disabled | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.06.15 16:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011.05.30 13:40:24 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.04.15 10:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010.09.14 04:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010.09.14 04:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.15 19:39:38 | 000,096,896 | ---- | M] (ASUS) [Disabled | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.10.01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.10.01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Disabled | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.07.24 13:11:43 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.07.24 13:11:43 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.05.10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.10.05 15:23:17 | 007,884,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.10.05 14:15:13 | 000,285,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.09.24 01:46:31 | 000,116,752 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.09.23 09:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.09.14 04:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010.09.14 04:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010.09.14 04:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010.09.14 04:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010.09.08 18:39:32 | 000,129,024 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010.09.07 10:19:37 | 001,800,832 | ---- | M] (Sonix Technology Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2010.06.08 03:33:13 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.03.04 10:53:01 | 000,075,816 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010.03.02 09:45:23 | 001,594,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.02.26 09:32:11 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009.09.17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.08.21 07:48:17 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009.08.06 23:17:34 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009.07.20 10:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.13 18:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2008.05.24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011.12.12 19:31:38 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2010.02.24 20:14:22 | 000,146,928 | ---- | M] (CyberLink Corp.) [2011/03/08 12:48:59] [Kernel | Auto | Running] -- C:\Program Files (x86)\Cyberlink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Asus | MSN
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Asus | MSN
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=stonicde&s={searchTerms}&f=4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Asus | MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.3&q="
FF - prefs.js..network.proxy.type: 0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_0_1.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\10.0.0.7\ [2012.02.02 19:43:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\AJDA\AppData\Roaming\5055 [2012.01.08 00:00:06 | 000,000,000 | ---D | M]
[2011.03.23 22:23:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AJDA\AppData\Roaming\mozilla\Extensions
[2012.02.03 13:55:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions
[2012.01.08 00:00:07 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.08.29 22:52:03 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\ffxtlbr@babylon.com
[2012.01.21 23:49:16 | 000,000,950 | ---- | M] () -- C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin-1.xml
[2011.06.29 17:49:04 | 000,000,950 | ---- | M] () -- C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin-2.xml
[2011.07.28 21:03:29 | 000,000,950 | ---- | M] () -- C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin-3.xml
[2011.08.19 15:07:10 | 000,000,950 | ---- | M] () -- C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin-4.xml
[2011.09.01 18:44:46 | 000,000,950 | ---- | M] () -- C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin-5.xml
[2011.09.03 11:29:12 | 000,000,950 | ---- | M] () -- C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin-6.xml
[2011.09.10 20:24:57 | 000,000,950 | ---- | M] () -- C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin-7.xml
[2011.10.02 18:26:45 | 000,000,950 | ---- | M] () -- C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin-8.xml
[2011.10.10 13:21:23 | 000,000,950 | ---- | M] () -- C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin-9.xml
[2011.05.10 16:00:11 | 000,001,056 | ---- | M] () -- C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin.xml
[2012.01.08 00:00:06 | 000,000,000 | ---D | M] (Java String Helper) -- C:\USERS\AJDA\APPDATA\ROAMING\5055
[2011.05.17 16:03:05 | 000,002,051 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchstonicde.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Babylon Chrome Plugin (Enabled) = C:\Users\AJDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\BabylonChromePI.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Zeon Plus (Enabled) = C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\AJDA\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\AJDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: Google-Suche = C:\Users\AJDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Babylon Translator = C:\Users\AJDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.3_0\
CHR - Extension: Facemoods = C:\Users\AJDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.6_0\
CHR - Extension: Google Mail = C:\Users\AJDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.6\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.6\facemoodsTlbr.dll (facemoods.com)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix Technology Co., Ltd.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\RunOnce: [RegistryDefrag Success Message] C:\Program Files (x86)\TuneUp Utilities 2012\TUMessages.exe (TuneUp Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6066F46-0372-4A78-9B84-FAC90B2F5B0E}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\fancystart.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\fastboot.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\ipod updater 2005-03-23.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\labelprint.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\olrsubmission.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\paprport.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\pdr8.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\power2go.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\power2goexpress.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\pppagevw.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\showcontroldeck.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\srspremiumpanel_64.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\teamviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\fancystart.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\fastboot.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\ipod updater 2005-03-23.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\labelprint.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\olrsubmission.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\paprport.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\pdr8.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\power2go.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\power2goexpress.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\pppagevw.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\showcontroldeck.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\srspremiumpanel_64.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\teamviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.12.12 14:38:24 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk /r \??\C:)
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (autocheck turegopt)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
MsConfig:64bit - StartUpReg: ASUS Screen Saver Protector - hkey= - key= - C:\Windows\AsScrPro.exe (ASUS)
MsConfig:64bit - StartUpReg: CLMLServer - hkey= - key= - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
MsConfig:64bit - StartUpReg: RtHDVCpl - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.02.03 17:25:48 | 000,035,648 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2012.02.03 17:25:48 | 000,028,992 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2012.02.02 19:43:00 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012.02.02 14:11:49 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Roaming\Malwarebytes
[2012.02.02 14:11:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.02.02 14:11:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.02.02 14:11:26 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.02.02 14:11:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.02.02 14:06:10 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2012.02.02 14:06:09 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2012.02.02 14:06:07 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2012.02.02 14:05:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012
[2012.02.02 13:43:36 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{FA04DCE3-5C1A-4331-A6F5-193F22ED2D12}
[2012.02.02 13:43:25 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{39CA0BA5-54A9-4909-939C-33356F18F69D}
[2012.02.01 20:38:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.02.01 20:29:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2012.02.01 20:29:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2012.02.01 20:29:53 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.02.01 20:29:42 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Roaming\TuneUp Software
[2012.02.01 20:29:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2012
[2012.02.01 20:25:58 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012.02.01 20:25:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.02.01 14:05:07 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{0081C322-4938-4BFC-A34E-E9134A833D10}
[2012.02.01 14:04:55 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{8EBC2CFD-F3A7-463A-A45E-C2945A9ADE2C}
[2012.02.01 13:44:07 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{44F34D9B-8FB7-4D5C-89F8-BA4B149F466B}
[2012.01.31 16:44:23 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{9360155A-8918-436A-84BF-A4505E4D3DFC}
[2012.01.31 16:42:47 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{798D701A-D72A-451C-BFFF-E2D42C0B9FD9}
[2012.01.30 13:36:42 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{CC5AB705-B112-438B-A74A-A0E934591AB0}
[2012.01.30 13:36:30 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{F7395DE3-1C37-4636-82F0-88642C9FD106}
[2012.01.29 18:24:13 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{B8764B49-1C7D-453A-A667-B9007D3BE796}
[2012.01.29 18:22:55 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{C2CBA7BE-F429-40BD-A313-243F0BBC786B}
[2012.01.29 12:15:51 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{9B3DCEF3-5C45-43A8-9943-7DD62AE6F74A}
[2012.01.28 15:58:13 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\Babylon
[2012.01.28 15:58:12 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Roaming\Babylon
[2012.01.28 15:58:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012.01.28 15:56:06 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{054333C7-EEE3-4034-9C56-A6D032A2B62D}
[2012.01.28 15:55:54 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{25F037F1-4CA2-45CE-8FB4-31C24831C018}
[2012.01.27 15:57:23 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{ECDE7F6B-0B8F-4C47-BF5D-8450717AAA94}
[2012.01.27 15:57:11 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{F79403AC-DEC4-4315-8960-F4027EA3EE20}
[2012.01.26 19:27:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.01.26 19:03:41 | 000,038,229 | ---- | C] (Generic) -- C:\Windows\SysWow64\drivers\StMp3Rec.sys
[2012.01.26 19:03:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPod
[2012.01.26 19:03:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iPod
[2012.01.26 10:55:14 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{65249A18-6F12-4170-8166-FD75486E5333}
[2012.01.26 10:55:02 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{473D3DC2-9BD1-4B4B-B7B1-D12EEC30C97F}
[2012.01.25 20:49:00 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{4246D056-CC7B-4A5F-B1D4-4C82C6D52B23}
[2012.01.25 20:48:48 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{D9A7B5A0-998A-4603-ACBB-FF32317AA950}
[2012.01.25 16:48:44 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{53C15B76-A9AC-4BC7-A7C9-8E4466E7039E}
[2012.01.25 16:48:31 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{B3EC4A2B-0784-4D80-9397-D5FA9722E874}
[2012.01.24 19:44:39 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2012.01.24 13:06:36 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{8ABFB0EF-0C18-4232-89BC-F51CC3EF91F4}
[2012.01.24 13:06:24 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{B93CAA69-A035-41C3-A262-ADFAE5DEAE6E}
[2012.01.23 17:49:33 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{139210D2-A6F2-4810-A4E2-8BBFAAB72D39}
[2012.01.23 17:49:21 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{0502EEC9-C002-45AB-AF5B-E5FD1D106FF8}
[2012.01.23 15:18:45 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{DA9454FF-E051-4B85-8C76-FF6D583935F8}
[2012.01.22 13:00:21 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{FBC7BF80-9083-4705-918E-F80B949EBAC7}
[2012.01.21 23:44:51 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{5080E26F-0149-456E-962A-45847CEAD440}
[2012.01.21 23:44:38 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{06EB3936-FB3B-4F23-9687-64E527842FF2}
[2012.01.21 21:51:45 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{4934AC2D-82A7-44D3-96D7-051520F63BCF}
[2012.01.21 09:46:05 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{5DF76FA7-83E5-4D19-8ECD-201FD0952C26}
[2012.01.21 09:45:43 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{FDAA3830-B1CF-4857-885D-0E25FB399D81}
[2012.01.20 14:19:57 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{1BE8845F-1019-4FFD-BE0A-231DC4B95BCC}
[2012.01.20 14:19:46 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{FAFB3A8E-3122-4353-8C8E-FF18122CB146}
[2012.01.19 15:04:36 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{95845F60-E46C-47A4-949D-EF27F1837C30}
[2012.01.18 21:09:45 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{65411E2D-D5E5-4D31-816F-12E609A7D597}
[2012.01.18 19:04:16 | 000,000,000 | ---D | C] -- C:\Users\AJDA\Desktop\Music
[2012.01.18 09:09:01 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{E1865B41-9C58-4E55-9A57-09EA7B504044}
[2012.01.18 09:08:49 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{C1130490-F060-4AA2-BC63-EDAC697F629D}
[2012.01.17 14:26:17 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{56DC75DF-03E6-4D4D-9544-3894C733CBB6}
[2012.01.17 14:26:05 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{B88653C6-26E0-4B25-A3BA-84AE1DCAE07E}
[2012.01.16 14:24:56 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{6A132DCE-A461-4FE1-8462-13BF714DF2C8}
[2012.01.16 14:24:44 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{98335E7D-BFC3-4E4B-90DD-3708CD3480DE}
[2012.01.15 18:09:41 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{5421D885-B11A-441A-9CD0-7DE49B9F3CE0}
[2012.01.15 18:09:29 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{698A4A34-58CB-43BB-AA39-889C19F1CCFC}
[2012.01.14 12:59:56 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{7CA556DE-64AC-4C82-95E4-98FDDCBF6B50}
[2012.01.14 12:59:22 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{21DDE9E4-E4C4-4DA6-A3E1-3B90BD50A7C9}
[2012.01.14 00:41:53 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{5E744011-4B64-4BD1-8DF2-11B8BFE4DC0D}
[2012.01.14 00:41:31 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{5EAC7510-89E8-4D11-A4E6-5B3CE2F16138}
[2012.01.13 12:40:51 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{95D157B6-9624-4B43-8490-BC87947980FC}
[2012.01.13 12:40:28 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{F8D6C95F-8A4B-4300-8F49-90A076B0FC82}
[2012.01.12 19:53:20 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{30B777F0-68F2-4800-8475-3DB7017D3372}
[2012.01.12 19:52:54 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{B1B7412F-82DC-4605-AEA6-B097EA860BF1}
[2012.01.11 15:00:20 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{DCF8167F-204E-4D1A-9343-47F67693ACDD}
[2012.01.11 15:00:08 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{EA6975E3-62B2-47D5-B1EF-4BCDDDCD632A}
[2012.01.10 17:55:34 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{62DDB77C-9D7B-4C9A-8C56-C7021B010CD2}
[2012.01.10 17:55:18 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{1CD21F1D-4EBA-4E06-BC1F-EA773A95FAE9}
[2012.01.09 18:35:36 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Roaming\{90140011-0066-0407-0000-0000000FF1CE}
[2012.01.09 18:35:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch)
[2012.01.09 18:35:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Virtualized Applications
[2012.01.09 15:27:44 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{D8C60B74-D9BE-4C6D-8663-4A916B4EA1B9}
[2012.01.09 15:27:09 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{3B428C37-FD9E-4E75-807A-0F1BC6E07E26}
[2012.01.08 17:57:47 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{63F13A95-5689-4124-94CA-8FD508AF59CD}
[2012.01.08 17:57:35 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{16A1CD53-429A-4232-8966-60EA53644D81}
[2012.01.07 15:03:39 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{020464F0-2C49-4379-BCE5-BD1E8276454B}
[2012.01.07 15:03:26 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{C98031CC-CFA6-4739-BC7A-EC11E6B44D65}
[2012.01.05 22:42:05 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{C1C2E680-EE1B-417B-BB83-20C4CC2C999D}
[2012.01.05 22:41:45 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{18A8CE92-0E23-45CB-994C-477410FE1507}
[2012.01.05 22:41:22 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{F6D88F0B-BF70-493E-9994-858A2684414D}
[2012.01.05 21:47:15 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.01.05 10:40:38 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{EBD9B7D1-A9EE-4239-8BF6-FB66E467889C}
[2012.01.05 10:40:21 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\{A2C02F02-D479-4FD6-9AB3-A8E2D5D6777F}
[2 C:\Users\AJDA\AppData\Roaming\*.tmp files -> C:\Users\AJDA\AppData\Roaming\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.02.03 20:30:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.03 19:44:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.03 15:02:58 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.03 15:02:58 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.03 14:55:17 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.03 13:54:51 | 000,001,347 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012.02.03 13:54:25 | 000,002,180 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012.02.03 13:54:16 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2285515195-610978323-2317577071-1000UA.job
[2012.02.03 13:54:16 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2285515195-610978323-2317577071-1000Core.job
[2012.02.02 14:11:29 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.02.02 14:05:57 | 000,002,211 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.02.02 14:05:57 | 000,002,191 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2012.01.31 16:51:40 | 001,500,254 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.31 16:51:40 | 000,654,844 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.01.31 16:51:40 | 000,616,686 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.31 16:51:40 | 000,130,426 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.01.31 16:51:40 | 000,106,808 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.01.29 18:51:14 | 000,024,679 | ---- | M] () -- C:\Users\AJDA\Desktop\ab268486aa4028cba3d4482eb0871333_1.jpg
[2012.01.29 18:50:42 | 000,063,293 | ---- | M] () -- C:\Users\AJDA\Desktop\9416-ehre99x60.jpg
[2012.01.29 18:24:44 | 000,088,060 | ---- | M] () -- C:\Users\AJDA\Desktop\499.jpg
[2012.01.28 23:52:40 | 000,129,828 | ---- | M] () -- C:\Users\AJDA\Desktop\Lettrine_S.png
[2012.01.28 23:45:36 | 000,010,647 | ---- | M] () -- C:\Users\AJDA\Desktop\Picture_6.png
[2012.01.28 17:18:52 | 000,000,926 | ---- | M] () -- C:\Users\AJDA\Documents\7.reg
[2012.01.28 15:58:13 | 000,002,264 | ---- | M] () -- C:\Users\Public\Desktop\Babylon.lnk
[2012.01.26 19:30:16 | 000,008,284 | ---- | M] () -- C:\Users\AJDA\Documents\cc_20120126_193011.reg
[2012.01.26 19:27:10 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.01.24 13:15:39 | 000,000,127 | ---- | M] () -- C:\Windows\SysNative\MRT.INI
[2012.01.09 18:19:09 | 000,137,888 | ---- | M] () -- C:\Users\AJDA\Documents\cc_20120109_181900.reg
[2 C:\Users\AJDA\AppData\Roaming\*.tmp files -> C:\Users\AJDA\AppData\Roaming\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.02.02 14:11:29 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.02.02 14:05:57 | 000,002,211 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.02.02 14:05:57 | 000,002,191 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2012.02.02 14:05:56 | 000,002,203 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk
[2012.01.29 18:30:44 | 000,129,828 | ---- | C] () -- C:\Users\AJDA\Desktop\Lettrine_S.png
[2012.01.29 18:30:44 | 000,010,647 | ---- | C] () -- C:\Users\AJDA\Desktop\Picture_6.png
[2012.01.29 18:30:40 | 000,063,293 | ---- | C] () -- C:\Users\AJDA\Desktop\9416-ehre99x60.jpg
[2012.01.29 18:27:37 | 000,024,679 | ---- | C] () -- C:\Users\AJDA\Desktop\ab268486aa4028cba3d4482eb0871333_1.jpg
[2012.01.29 18:25:41 | 000,088,060 | ---- | C] () -- C:\Users\AJDA\Desktop\499.jpg
[2012.01.28 17:18:48 | 000,000,926 | ---- | C] () -- C:\Users\AJDA\Documents\7.reg
[2012.01.28 15:58:13 | 000,002,264 | ---- | C] () -- C:\Users\Public\Desktop\Babylon.lnk
[2012.01.26 19:30:13 | 000,008,284 | ---- | C] () -- C:\Users\AJDA\Documents\cc_20120126_193011.reg
[2012.01.26 19:27:10 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.01.24 13:15:39 | 000,000,127 | ---- | C] () -- C:\Windows\SysNative\MRT.INI
[2012.01.09 18:19:02 | 000,137,888 | ---- | C] () -- C:\Users\AJDA\Documents\cc_20120109_181900.reg
[2011.05.04 16:06:27 | 000,000,026 | ---- | C] () -- C:\Windows\brpp2ka.ini
[2011.05.04 16:06:27 | 000,000,000 | ---- | C] () -- C:\Program Files (x86)\error.dat
[2011.05.04 16:06:27 | 000,000,000 | ---- | C] () -- C:\Windows\BROWNIE.INI
[2011.05.04 16:06:27 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
[2011.05.04 16:06:27 | 000,000,000 | ---- | C] () -- C:\Windows\briwm04a.ini
[2011.05.04 16:00:39 | 000,027,114 | ---- | C] () -- C:\Windows\maxlink.ini
[2011.04.25 18:30:05 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.04.13 07:59:40 | 000,006,144 | ---- | C] () -- C:\Users\AJDA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.08 23:13:18 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.03.08 23:05:54 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.03.08 22:32:42 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2009.07.29 06:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.02.26 07:50:32 | 000,000,176 | ---- | C] () -- C:\Windows\explorer.exe.config
[2006.05.19 04:39:57 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2002.03.04 09:16:34 | 000,110,592 | R--- | C] () -- C:\Windows\SysWow64\Jpeg32.dll
========== LOP Check ==========
[2011.11.23 11:05:59 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\5048
[2011.11.24 10:21:55 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\5049
[2011.11.25 19:27:42 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\5050
[2011.11.28 18:32:19 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\5051
[2011.12.01 13:22:07 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\5052
[2011.12.04 13:01:10 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\5053
[2011.12.09 14:09:22 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\5054
[2012.01.08 00:00:06 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\5055
[2011.10.06 20:40:11 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\Asus WebStorage
[2012.01.28 15:58:12 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\Babylon
[2011.04.25 20:10:41 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\EeeStorageUploader
[2012.01.28 21:41:10 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\ICQ
[2011.11.23 11:05:19 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\kock
[2011.04.06 18:13:49 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\Nuance
[2011.05.17 19:03:29 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\OpenOffice.org
[2011.05.04 16:15:38 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\ScanSoft
[2012.01.29 19:11:39 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\SoftGrid Client
[2011.04.25 18:31:11 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\TP
[2012.02.03 17:25:10 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\TuneUp Software
[2011.11.30 18:36:01 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\UAs
[2011.07.29 21:22:17 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\Windows Live Writer
[2011.11.30 18:36:01 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\xmldm
[2011.04.06 18:13:46 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\Zeon
[2012.01.09 18:35:36 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\{90140011-0066-0407-0000-0000000FF1CE}
[2012.02.03 13:54:16 | 000,000,902 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2285515195-610978323-2317577071-1000Core.job
[2012.02.03 13:54:16 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2285515195-610978323-2317577071-1000UA.job
[2011.12.04 12:45:45 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.11.23 11:05:59 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\5048
[2011.11.24 10:21:55 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\5049
[2011.11.25 19:27:42 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\5050
[2011.11.28 18:32:19 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\5051
[2011.12.01 13:22:07 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\5052
[2011.12.04 13:01:10 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\5053
[2011.12.09 14:09:22 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\5054
[2012.01.08 00:00:06 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\5055
[2011.03.23 22:19:33 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\Adobe
[2011.10.06 20:40:11 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\Asus WebStorage
[2011.03.23 21:57:50 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\ATI
[2011.03.26 00:31:17 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\Avira
[2012.01.28 15:58:12 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\Babylon
[2011.07.15 13:52:03 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\CyberLink
[2011.04.25 20:10:41 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\EeeStorageUploader
[2011.04.06 18:13:50 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\FLEXnet
[2012.01.28 21:41:10 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\ICQ
[2011.03.23 21:56:28 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\Identities
[2011.11.23 11:05:19 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\kock
[2011.03.23 22:24:17 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\Macromedia
[2012.02.02 14:11:49 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\Malwarebytes
[2009.07.14 08:44:38 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\Media Center Programs
[2012.02.02 18:32:32 | 000,000,000 | --SD | M] -- C:\Users\AJDA\AppData\Roaming\Microsoft
[2011.03.23 22:23:48 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\Mozilla
[2011.04.06 18:13:49 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\Nuance
[2011.05.17 19:03:29 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\OpenOffice.org
[2011.05.04 16:15:38 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\ScanSoft
[2012.01.29 19:11:39 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\SoftGrid Client
[2011.04.25 18:31:11 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\TP
[2012.02.03 17:25:10 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\TuneUp Software
[2011.11.30 18:36:01 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\UAs
[2011.07.29 21:22:17 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\Windows Live Writer
[2011.11.30 18:36:01 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\xmldm
[2011.04.06 18:13:46 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\Zeon
[2012.01.09 18:35:36 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\{90140011-0066-0407-0000-0000000FF1CE}
< %APPDATA%\*.exe /s >
[2011.10.06 20:39:06 | 000,087,376 | ---- | M] (eCareme Technologies, Inc.) -- C:\Users\AJDA\AppData\Roaming\Asus WebStorage\EeeStorageUpdate.EXE
[2011.06.27 10:53:00 | 015,958,096 | ---- | M] (eCareme Technologies, Inc.) -- C:\Users\AJDA\AppData\Roaming\Asus WebStorage\Update\ASUSWebStorage3.0.102.211.exe
[2011.08.17 20:05:37 | 015,958,232 | ---- | M] (eCareme Technologies, Inc.) -- C:\Users\AJDA\AppData\Roaming\Asus WebStorage\Update\ASUSWebStorage3.0.104.216.exe
[2011.10.06 20:39:50 | 015,960,536 | ---- | M] (eCareme Technologies, Inc.) -- C:\Users\AJDA\AppData\Roaming\Asus WebStorage\Update\ASUSWebStorage3.0.108.222.exe
[2011.08.13 16:12:52 | 003,089,056 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\AJDA\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: EVENTLOG.DLL >
[2008.06.06 23:03:52 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll
< MD5 for: IASTOR.SYS >
[2010.06.08 03:33:13 | 000,540,696 | ---- | M] (Intel Corporation) MD5=2064090C9FAAD92C090D77E50E735B2E -- C:\eSupport\eDriver\Software\Others\Intel\IRST\Vista64_Win7_64_9.6.4.1002\iaStor.sys
[2010.06.08 03:33:13 | 000,540,696 | ---- | M] (Intel Corporation) MD5=2064090C9FAAD92C090D77E50E735B2E -- C:\Windows\SysNative\drivers\iaStor.sys
[2010.06.08 03:33:13 | 000,540,696 | ---- | M] (Intel Corporation) MD5=2064090C9FAAD92C090D77E50E735B2E -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_b2da0d5f1235b4d6\iaStor.sys
< MD5 for: IASTORV.SYS >
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.08 22:02:40 | 000,410,504 | ---- | M] (Intel Corporation) MD5=513DC087CFED7D2BB82F005385D3531F -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16592_none_0af87721a183cb70\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
[2011.03.08 22:02:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=E353CF970C5D4D6A092911E15FB78C07 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20712_none_0bd89532ba6088d9\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2011.03.08 22:02:40 | 000,166,280 | ---- | M] (NVIDIA Corporation) MD5=0AF7B8136794E23E87BE138992880E64 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16592_none_95c1e7d0d8ba7548\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.08 22:02:40 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=CE76755AF933E728CEBA6C7A970838A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20712_none_96a205e1f19732b1\nvstor.sys
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: USER32.DLL >
[2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WININIT.EXE >
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2011.03.08 21:21:15 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2011.03.08 21:21:15 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< >
< End of report >
Ich hab nichts im System mit Softonic gefunden...-.- |
|
05.02.2012, 17:50
| #17 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Kriege Spy Hunter nicht gelöscht Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)
__________________Code:
ATTFilter :OTL
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Asus | MSN
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Asus | MSN
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=stonicde&s={searchTerms}&f=4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Asus | MSN
IE - HKCU\..\URLSearchHook: - No CLSID value found
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.de/"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.3&q="
[2012.01.08 00:00:07 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.08.29 22:52:03 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\ffxtlbr@babylon.com
[2012.01.21 23:49:16 | 000,000,950 | ---- | M] () -- C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin-1.xml
[2011.06.29 17:49:04 | 000,000,950 | ---- | M] () -- C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin-2.xml
[2011.07.28 21:03:29 | 000,000,950 | ---- | M] () -- C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin-3.xml
[2011.08.19 15:07:10 | 000,000,950 | ---- | M] () -- C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin-4.xml
[2011.09.01 18:44:46 | 000,000,950 | ---- | M] () -- C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin-5.xml
[2011.09.03 11:29:12 | 000,000,950 | ---- | M] () -- C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin-6.xml
[2011.09.10 20:24:57 | 000,000,950 | ---- | M] () -- C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin-7.xml
[2011.10.02 18:26:45 | 000,000,950 | ---- | M] () -- C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin-8.xml
[2011.10.10 13:21:23 | 000,000,950 | ---- | M] () -- C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin-9.xml
[2011.05.10 16:00:11 | 000,001,056 | ---- | M] () -- C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin.xml
[2012.01.08 00:00:06 | 000,000,000 | ---D | M] (Java String Helper) -- C:\USERS\AJDA\APPDATA\ROAMING\5055
[2011.05.17 16:03:05 | 000,002,051 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchstonicde.xml
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.6\bh\facemoods.dll (facemoods.com BHO)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.6\facemoodsTlbr.dll (facemoods.com)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.12.12 14:38:24 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
[2012.01.28 15:58:13 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Local\Babylon
[2012.01.28 15:58:12 | 000,000,000 | ---D | C] -- C:\Users\AJDA\AppData\Roaming\Babylon
[2012.01.28 15:58:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012.01.28 15:58:13 | 000,002,264 | ---- | M] () -- C:\Users\Public\Desktop\Babylon.lnk
[2011.03.08 22:32:42 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2012.01.28 15:58:12 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\Babylon
[2011.11.23 11:05:19 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\kock
[2011.11.30 18:36:01 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\xmldm
[2012.01.09 18:35:36 | 000,000,000 | ---D | M] -- C:\Users\AJDA\AppData\Roaming\{90140011-0066-0407-0000-0000000FF1CE}
:Files
C:\Users\AJDA\Downloads\SoftonicDownloader*
C:\Users\AJDA\AppData\Roaming\50??
:Commands
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ |
|
07.02.2012, 22:22
| #18 |
| | Kriege Spy Hunter nicht gelöscht All processes killed
__________________========== OTL ========== HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully! Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully. Prefs.js: "ICQ Search" removed from browser.search.defaultenginename Prefs.js: "ICQ Search" removed from browser.search.selectedEngine Prefs.js: "hxxp://www.google.de/" removed from browser.startup.homepage Prefs.js: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.3&q=" removed from keyword.URL C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully. Folder move failed. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome scheduled to be moved on reboot. Folder move failed. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} scheduled to be moved on reboot. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\ffxtlbr@babylon.com\defaults\preferences folder moved successfully. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\ffxtlbr@babylon.com\defaults folder moved successfully. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\ffxtlbr@babylon.com\content\imgs\mnRadio folder moved successfully. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs folder moved successfully. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\ffxtlbr@babylon.com\content\imgs folder moved successfully. Folder move failed. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\ffxtlbr@babylon.com\content scheduled to be moved on reboot. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\ffxtlbr@babylon.com\components folder moved successfully. Folder move failed. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\ffxtlbr@babylon.com scheduled to be moved on reboot. C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin-1.xml moved successfully. C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin-2.xml moved successfully. C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin-3.xml moved successfully. C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin-4.xml moved successfully. C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin-5.xml moved successfully. C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin-6.xml moved successfully. C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin-7.xml moved successfully. C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin-8.xml moved successfully. C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin-9.xml moved successfully. C:\Users\AJDA\AppData\Roaming\Mozilla\Firefox\Profiles\wmiz205z.default\searchplugins\icqplugin.xml moved successfully. C:\USERS\AJDA\APPDATA\ROAMING\5055\components folder moved successfully. C:\USERS\AJDA\APPDATA\ROAMING\5055 folder moved successfully. C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchstonicde.xml moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully. C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64182481-4F71-486b-A045-B233BD0DA8FC}\ deleted successfully. C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.6\bh\facemoods.dll moved successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ deleted successfully. C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}\ deleted successfully. C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.6\facemoodsTlbr.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! C:\autoexec.bat moved successfully. C:\Users\AJDA\AppData\Local\Babylon\Setup\HtmlScreens folder moved successfully. C:\Users\AJDA\AppData\Local\Babylon\Setup folder moved successfully. C:\Users\AJDA\AppData\Local\Babylon folder moved successfully. C:\Users\AJDA\AppData\Roaming\Babylon folder moved successfully. C:\ProgramData\Babylon folder moved successfully. C:\Users\Public\Desktop\Babylon.lnk moved successfully. C:\ProgramData\FullRemove.exe moved successfully. Folder C:\Users\AJDA\AppData\Roaming\Babylon\ not found. C:\Users\AJDA\AppData\Roaming\kock folder moved successfully. C:\Users\AJDA\AppData\Roaming\xmldm folder moved successfully. C:\Users\AJDA\AppData\Roaming\{90140011-0066-0407-0000-0000000FF1CE} folder moved successfully. ========== FILES ========== C:\Users\AJDA\Downloads\SoftonicDownloader_fuer_windows-live-messenger(1).exe moved successfully. C:\Users\AJDA\Downloads\SoftonicDownloader_fuer_windows-live-messenger.exe moved successfully. C:\Users\AJDA\AppData\Roaming\5048\components folder moved successfully. C:\Users\AJDA\AppData\Roaming\5048 folder moved successfully. C:\Users\AJDA\AppData\Roaming\5049\components folder moved successfully. C:\Users\AJDA\AppData\Roaming\5049 folder moved successfully. C:\Users\AJDA\AppData\Roaming\5050\components folder moved successfully. C:\Users\AJDA\AppData\Roaming\5050 folder moved successfully. C:\Users\AJDA\AppData\Roaming\5051\components folder moved successfully. C:\Users\AJDA\AppData\Roaming\5051 folder moved successfully. C:\Users\AJDA\AppData\Roaming\5052\components folder moved successfully. C:\Users\AJDA\AppData\Roaming\5052 folder moved successfully. C:\Users\AJDA\AppData\Roaming\5053\components folder moved successfully. C:\Users\AJDA\AppData\Roaming\5053 folder moved successfully. C:\Users\AJDA\AppData\Roaming\5054\components folder moved successfully. C:\Users\AJDA\AppData\Roaming\5054 folder moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: AJDA ->Temp folder emptied: 328335579 bytes ->Temporary Internet Files folder emptied: 125630659 bytes ->Java cache emptied: 4752409 bytes ->FireFox cache emptied: 49321610 bytes ->Google Chrome cache emptied: 230447097 bytes ->Flash cache emptied: 3095035 bytes User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 1893080 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 551210 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67832 bytes RecycleBin emptied: 9705592 bytes Total Files Cleaned = 719,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.31.0 log created on 02072012_221250 Files\Folders moved on Reboot... C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\ffxtlbr@babylon.com\content folder moved successfully. C:\Users\AJDA\AppData\Roaming\mozilla\Firefox\Profiles\wmiz205z.default\extensions\ffxtlbr@babylon.com folder moved successfully. C:\Users\AJDA\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. File\Folder C:\Users\AJDA\AppData\Local\Temp\~PI3E96.tmp not found! File\Folder C:\Users\AJDA\AppData\Local\Temp\~PI422F.tmp not found! File\Folder C:\Users\AJDA\AppData\Local\Temp\~PI8068.tmp not found! File\Folder C:\Users\AJDA\AppData\Local\Temp\~PI825C.tmp not found! File\Folder C:\Users\AJDA\AppData\Local\Temp\~PI846F.tmp not found! Registry entries deleted on Reboot... |
|
07.02.2012, 22:29
| #19 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kriege Spy Hunter nicht gelöscht Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.02.2012, 22:46
| #20 |
| | Kriege Spy Hunter nicht gelöscht Bei mir steht dass nichts gefunden wurde,auch nach einem zweiten mal.. |
|
07.02.2012, 23:00
| #21 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kriege Spy Hunter nicht gelöscht Trotzdem möchte ich das Log sehen 
__________________ --> Kriege Spy Hunter nicht gelöscht |
|
07.02.2012, 23:05
| #22 |
| | Kriege Spy Hunter nicht gelöscht 23:01:47.0715 4388 TDSS rootkit removing tool 2.7.10.0 Feb 7 2012 15:14:46 23:01:47.0824 4388 ============================================================ 23:01:47.0824 4388 Current date / time: 2012/02/07 23:01:47.0824 23:01:47.0824 4388 SystemInfo: 23:01:47.0824 4388 23:01:47.0824 4388 OS Version: 6.1.7601 ServicePack: 1.0 23:01:47.0824 4388 Product type: Workstation 23:01:47.0824 4388 ComputerName: AJDA-PC 23:01:47.0824 4388 UserName: AJDA 23:01:47.0824 4388 Windows directory: C:\Windows 23:01:47.0824 4388 System windows directory: C:\Windows 23:01:47.0824 4388 Running under WOW64 23:01:47.0824 4388 Processor architecture: Intel x64 23:01:47.0824 4388 Number of processors: 4 23:01:47.0824 4388 Page size: 0x1000 23:01:47.0824 4388 Boot type: Normal boot 23:01:47.0824 4388 ============================================================ 23:01:52.0208 4388 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 23:01:52.0208 4388 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 23:01:52.0208 4388 \Device\Harddisk0\DR0: 23:01:52.0208 4388 MBR used 23:01:52.0208 4388 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2AF8040, BlocksNum 0xE671A8D 23:01:52.0270 4388 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1116A2CD, BlocksNum 0x2921BD63 23:01:52.0270 4388 \Device\Harddisk1\DR1: 23:01:52.0270 4388 MBR used 23:01:52.0270 4388 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0x1D1C4542 23:01:52.0270 4388 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x1D1C8481, BlocksNum 0x1D1BC7C0 23:01:52.0457 4388 Initialize success 23:01:52.0457 4388 ============================================================ 23:02:21.0860 4788 ============================================================ 23:02:21.0860 4788 Scan started 23:02:21.0860 4788 Mode: Manual; SigCheck; TDLFS; 23:02:21.0860 4788 ============================================================ 23:02:22.0265 4788 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 23:02:22.0375 4788 1394ohci - ok 23:02:22.0484 4788 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 23:02:22.0531 4788 ACPI - ok 23:02:22.0624 4788 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 23:02:22.0702 4788 AcpiPmi - ok 23:02:22.0811 4788 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 23:02:22.0843 4788 adp94xx - ok 23:02:22.0889 4788 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 23:02:22.0921 4788 adpahci - ok 23:02:22.0952 4788 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 23:02:22.0967 4788 adpu320 - ok 23:02:23.0092 4788 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys 23:02:23.0170 4788 AFD - ok 23:02:23.0264 4788 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 23:02:23.0279 4788 agp440 - ok 23:02:23.0311 4788 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 23:02:23.0326 4788 aliide - ok 23:02:23.0357 4788 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 23:02:23.0373 4788 amdide - ok 23:02:23.0404 4788 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 23:02:23.0467 4788 AmdK8 - ok 23:02:23.0732 4788 amdkmdag (91890b3670c129e2b3466d2afae05eac) C:\Windows\system32\DRIVERS\atikmdag.sys 23:02:23.0919 4788 amdkmdag - ok 23:02:24.0028 4788 amdkmdap (cc5b75d4a24e7493408510d061df51aa) C:\Windows\system32\DRIVERS\atikmpag.sys 23:02:24.0075 4788 amdkmdap - ok 23:02:24.0169 4788 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 23:02:24.0231 4788 AmdPPM - ok 23:02:24.0309 4788 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 23:02:24.0325 4788 amdsata - ok 23:02:24.0371 4788 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 23:02:24.0387 4788 amdsbs - ok 23:02:24.0481 4788 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 23:02:24.0496 4788 amdxata - ok 23:02:24.0527 4788 AmUStor (9c7f164b49cadc658d1b3c575782f346) C:\Windows\system32\drivers\AmUStor.SYS 23:02:24.0574 4788 AmUStor - ok 23:02:24.0668 4788 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 23:02:24.0855 4788 AppID - ok 23:02:24.0964 4788 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 23:02:24.0995 4788 arc - ok 23:02:25.0027 4788 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 23:02:25.0058 4788 arcsas - ok 23:02:25.0120 4788 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 23:02:25.0151 4788 ASMMAP64 - ok 23:02:25.0245 4788 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 23:02:25.0401 4788 AsyncMac - ok 23:02:25.0479 4788 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 23:02:25.0495 4788 atapi - ok 23:02:25.0573 4788 athr (f8633cdd09647a64ee8db550630427ff) C:\Windows\system32\DRIVERS\athrx.sys 23:02:25.0651 4788 athr - ok 23:02:25.0744 4788 AtiHDAudioService (e02b26650acc2f4901342d4a66774ad7) C:\Windows\system32\drivers\AtihdW76.sys 23:02:25.0760 4788 AtiHDAudioService - ok 23:02:25.0822 4788 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys 23:02:25.0838 4788 avgntflt - ok 23:02:25.0869 4788 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys 23:02:25.0869 4788 avipbb - ok 23:02:25.0916 4788 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 23:02:25.0978 4788 b06bdrv - ok 23:02:26.0072 4788 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 23:02:26.0119 4788 b57nd60a - ok 23:02:26.0212 4788 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 23:02:26.0306 4788 Beep - ok 23:02:26.0337 4788 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 23:02:26.0384 4788 blbdrive - ok 23:02:26.0446 4788 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 23:02:26.0509 4788 bowser - ok 23:02:26.0602 4788 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 23:02:26.0680 4788 BrFiltLo - ok 23:02:26.0774 4788 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 23:02:26.0805 4788 BrFiltUp - ok 23:02:26.0852 4788 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\system32\Drivers\Brserid.sys 23:02:26.0930 4788 Brserid - ok 23:02:27.0008 4788 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 23:02:27.0055 4788 BrSerWdm - ok 23:02:27.0101 4788 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 23:02:27.0148 4788 BrUsbMdm - ok 23:02:27.0211 4788 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\Drivers\BrUsbSer.sys 23:02:27.0257 4788 BrUsbSer - ok 23:02:27.0304 4788 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 23:02:27.0367 4788 BTHMODEM - ok 23:02:27.0476 4788 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 23:02:27.0569 4788 cdfs - ok 23:02:27.0632 4788 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 23:02:27.0679 4788 cdrom - ok 23:02:27.0772 4788 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 23:02:27.0819 4788 circlass - ok 23:02:27.0881 4788 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 23:02:27.0913 4788 CLFS - ok 23:02:27.0975 4788 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 23:02:28.0022 4788 CmBatt - ok 23:02:28.0084 4788 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 23:02:28.0100 4788 cmdide - ok 23:02:28.0162 4788 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 23:02:28.0209 4788 CNG - ok 23:02:28.0256 4788 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 23:02:28.0271 4788 Compbatt - ok 23:02:28.0303 4788 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 23:02:28.0334 4788 CompositeBus - ok 23:02:28.0381 4788 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 23:02:28.0396 4788 crcdisk - ok 23:02:28.0459 4788 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 23:02:28.0537 4788 DfsC - ok 23:02:28.0615 4788 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 23:02:28.0677 4788 discache - ok 23:02:28.0724 4788 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 23:02:28.0755 4788 Disk - ok 23:02:28.0786 4788 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 23:02:28.0833 4788 drmkaud - ok 23:02:28.0942 4788 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 23:02:28.0973 4788 DXGKrnl - ok 23:02:29.0114 4788 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 23:02:29.0207 4788 ebdrv - ok 23:02:29.0332 4788 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 23:02:29.0363 4788 elxstor - ok 23:02:29.0426 4788 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 23:02:29.0473 4788 ErrDev - ok 23:02:29.0535 4788 esgiguard - ok 23:02:29.0597 4788 ETD (05b0dcda418e297a1b4cd8d7b8ade403) C:\Windows\system32\DRIVERS\ETD.sys 23:02:29.0644 4788 ETD - ok 23:02:29.0769 4788 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 23:02:29.0847 4788 exfat - ok 23:02:29.0894 4788 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 23:02:29.0987 4788 fastfat - ok 23:02:30.0097 4788 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 23:02:30.0128 4788 fdc - ok 23:02:30.0159 4788 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 23:02:30.0190 4788 FileInfo - ok 23:02:30.0206 4788 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 23:02:30.0284 4788 Filetrace - ok 23:02:30.0362 4788 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 23:02:30.0409 4788 flpydisk - ok 23:02:30.0471 4788 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 23:02:30.0502 4788 FltMgr - ok 23:02:30.0549 4788 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 23:02:30.0565 4788 FsDepends - ok 23:02:30.0596 4788 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys 23:02:30.0611 4788 fssfltr - ok 23:02:30.0627 4788 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 23:02:30.0643 4788 Fs_Rec - ok 23:02:30.0674 4788 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 23:02:30.0705 4788 fvevol - ok 23:02:30.0736 4788 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 23:02:30.0752 4788 gagp30kx - ok 23:02:30.0799 4788 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 23:02:30.0845 4788 hcw85cir - ok 23:02:30.0923 4788 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 23:02:30.0970 4788 HdAudAddService - ok 23:02:31.0033 4788 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 23:02:31.0064 4788 HDAudBus - ok 23:02:31.0157 4788 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys 23:02:31.0173 4788 HECIx64 - ok 23:02:31.0220 4788 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 23:02:31.0251 4788 HidBatt - ok 23:02:31.0298 4788 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 23:02:31.0345 4788 HidBth - ok 23:02:31.0360 4788 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 23:02:31.0407 4788 HidIr - ok 23:02:31.0469 4788 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys 23:02:31.0516 4788 HidUsb - ok 23:02:31.0579 4788 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 23:02:31.0594 4788 HpSAMD - ok 23:02:31.0672 4788 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 23:02:31.0766 4788 HTTP - ok 23:02:31.0813 4788 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 23:02:31.0828 4788 hwpolicy - ok 23:02:31.0875 4788 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 23:02:31.0891 4788 i8042prt - ok 23:02:31.0984 4788 iaStor (2064090c9faad92c090d77e50e735b2e) C:\Windows\system32\DRIVERS\iaStor.sys 23:02:32.0015 4788 iaStor - ok 23:02:32.0078 4788 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 23:02:32.0093 4788 iaStorV - ok 23:02:32.0140 4788 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 23:02:32.0156 4788 iirsp - ok 23:02:32.0187 4788 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys 23:02:32.0249 4788 Impcd - ok 23:02:32.0405 4788 IntcAzAudAddService (589b94a9b73a0e819ff873743a480834) C:\Windows\system32\drivers\RTKVHD64.sys 23:02:32.0468 4788 IntcAzAudAddService - ok 23:02:32.0530 4788 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 23:02:32.0546 4788 intelide - ok 23:02:32.0593 4788 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 23:02:32.0624 4788 intelppm - ok 23:02:32.0686 4788 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 23:02:32.0764 4788 IpFilterDriver - ok 23:02:32.0842 4788 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 23:02:32.0889 4788 IPMIDRV - ok 23:02:32.0967 4788 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 23:02:33.0045 4788 IPNAT - ok 23:02:33.0076 4788 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 23:02:33.0123 4788 IRENUM - ok 23:02:33.0185 4788 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 23:02:33.0201 4788 isapnp - ok 23:02:33.0232 4788 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 23:02:33.0263 4788 iScsiPrt - ok 23:02:33.0295 4788 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 23:02:33.0310 4788 kbdclass - ok 23:02:33.0341 4788 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 23:02:33.0388 4788 kbdhid - ok 23:02:33.0466 4788 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys 23:02:33.0466 4788 kbfiltr - ok 23:02:33.0560 4788 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 23:02:33.0575 4788 KSecDD - ok 23:02:33.0622 4788 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 23:02:33.0638 4788 KSecPkg - ok 23:02:33.0685 4788 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 23:02:33.0747 4788 ksthunk - ok 23:02:33.0841 4788 L1C (48686c29856f46443952a831424f8d6f) C:\Windows\system32\DRIVERS\L1C62x64.sys 23:02:33.0856 4788 L1C - ok 23:02:33.0919 4788 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 23:02:33.0997 4788 lltdio - ok 23:02:34.0028 4788 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 23:02:34.0043 4788 LSI_FC - ok 23:02:34.0043 4788 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 23:02:34.0059 4788 LSI_SAS - ok 23:02:34.0075 4788 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 23:02:34.0090 4788 LSI_SAS2 - ok 23:02:34.0090 4788 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 23:02:34.0106 4788 LSI_SCSI - ok 23:02:34.0137 4788 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 23:02:34.0199 4788 luafv - ok 23:02:34.0231 4788 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 23:02:34.0231 4788 megasas - ok 23:02:34.0262 4788 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 23:02:34.0277 4788 MegaSR - ok 23:02:34.0293 4788 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 23:02:34.0387 4788 Modem - ok 23:02:34.0418 4788 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 23:02:34.0465 4788 monitor - ok 23:02:34.0543 4788 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys 23:02:34.0558 4788 mouclass - ok 23:02:34.0621 4788 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 23:02:34.0652 4788 mouhid - ok 23:02:34.0714 4788 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 23:02:34.0745 4788 mountmgr - ok 23:02:34.0792 4788 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 23:02:34.0808 4788 mpio - ok 23:02:34.0855 4788 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 23:02:34.0917 4788 mpsdrv - ok 23:02:34.0995 4788 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 23:02:35.0089 4788 MRxDAV - ok 23:02:35.0182 4788 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 23:02:35.0229 4788 mrxsmb - ok 23:02:35.0323 4788 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 23:02:35.0354 4788 mrxsmb10 - ok 23:02:35.0401 4788 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 23:02:35.0448 4788 mrxsmb20 - ok 23:02:35.0494 4788 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 23:02:35.0510 4788 msahci - ok 23:02:35.0541 4788 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 23:02:35.0557 4788 msdsm - ok 23:02:35.0619 4788 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 23:02:35.0697 4788 Msfs - ok 23:02:35.0713 4788 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 23:02:35.0775 4788 mshidkmdf - ok 23:02:35.0822 4788 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 23:02:35.0822 4788 msisadrv - ok 23:02:35.0869 4788 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 23:02:35.0931 4788 MSKSSRV - ok 23:02:35.0962 4788 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 23:02:36.0040 4788 MSPCLOCK - ok 23:02:36.0056 4788 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 23:02:36.0134 4788 MSPQM - ok 23:02:36.0212 4788 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 23:02:36.0243 4788 MsRPC - ok 23:02:36.0290 4788 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 23:02:36.0306 4788 mssmbios - ok 23:02:36.0337 4788 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 23:02:36.0415 4788 MSTEE - ok 23:02:36.0493 4788 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 23:02:36.0524 4788 MTConfig - ok 23:02:36.0571 4788 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys 23:02:36.0586 4788 MTsensor - ok 23:02:36.0633 4788 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 23:02:36.0649 4788 Mup - ok 23:02:36.0696 4788 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 23:02:36.0742 4788 NativeWifiP - ok 23:02:36.0836 4788 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 23:02:36.0883 4788 NDIS - ok 23:02:36.0930 4788 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 23:02:37.0008 4788 NdisCap - ok 23:02:37.0054 4788 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 23:02:37.0132 4788 NdisTapi - ok 23:02:37.0179 4788 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 23:02:37.0242 4788 Ndisuio - ok 23:02:37.0351 4788 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 23:02:37.0429 4788 NdisWan - ok 23:02:37.0507 4788 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 23:02:37.0585 4788 NDProxy - ok 23:02:37.0678 4788 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 23:02:37.0756 4788 NetBIOS - ok 23:02:37.0803 4788 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 23:02:37.0881 4788 NetBT - ok 23:02:37.0990 4788 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 23:02:38.0006 4788 nfrd960 - ok 23:02:38.0053 4788 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 23:02:38.0131 4788 Npfs - ok 23:02:38.0224 4788 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 23:02:38.0302 4788 nsiproxy - ok 23:02:38.0380 4788 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 23:02:38.0427 4788 Ntfs - ok 23:02:38.0474 4788 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 23:02:38.0568 4788 Null - ok 23:02:38.0661 4788 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 23:02:38.0677 4788 nvraid - ok 23:02:38.0802 4788 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 23:02:38.0817 4788 nvstor - ok 23:02:38.0848 4788 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 23:02:38.0864 4788 nv_agp - ok 23:02:38.0911 4788 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 23:02:38.0942 4788 ohci1394 - ok 23:02:39.0051 4788 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 23:02:39.0082 4788 Parport - ok 23:02:39.0129 4788 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 23:02:39.0145 4788 partmgr - ok 23:02:39.0207 4788 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 23:02:39.0223 4788 pci - ok 23:02:39.0238 4788 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 23:02:39.0254 4788 pciide - ok 23:02:39.0285 4788 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 23:02:39.0301 4788 pcmcia - ok 23:02:39.0332 4788 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 23:02:39.0348 4788 pcw - ok 23:02:39.0379 4788 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 23:02:39.0457 4788 PEAUTH - ok 23:02:39.0582 4788 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 23:02:39.0660 4788 PptpMiniport - ok 23:02:39.0706 4788 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 23:02:39.0738 4788 Processor - ok 23:02:39.0784 4788 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 23:02:39.0862 4788 Psched - ok 23:02:39.0925 4788 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 23:02:39.0972 4788 ql2300 - ok 23:02:39.0987 4788 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 23:02:40.0003 4788 ql40xx - ok 23:02:40.0034 4788 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 23:02:40.0065 4788 QWAVEdrv - ok 23:02:40.0112 4788 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 23:02:40.0174 4788 RasAcd - ok 23:02:40.0221 4788 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 23:02:40.0268 4788 RasAgileVpn - ok 23:02:40.0315 4788 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 23:02:40.0377 4788 Rasl2tp - ok 23:02:40.0455 4788 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 23:02:40.0533 4788 RasPppoe - ok 23:02:40.0580 4788 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 23:02:40.0642 4788 RasSstp - ok 23:02:40.0705 4788 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 23:02:40.0783 4788 rdbss - ok 23:02:40.0830 4788 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 23:02:40.0876 4788 rdpbus - ok 23:02:40.0908 4788 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 23:02:40.0986 4788 RDPCDD - ok 23:02:41.0001 4788 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 23:02:41.0095 4788 RDPENCDD - ok 23:02:41.0110 4788 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 23:02:41.0157 4788 RDPREFMP - ok 23:02:41.0235 4788 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 23:02:41.0298 4788 RDPWD - ok 23:02:41.0376 4788 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 23:02:41.0391 4788 rdyboost - ok 23:02:41.0532 4788 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 23:02:41.0610 4788 rspndr - ok 23:02:41.0672 4788 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 23:02:41.0688 4788 sbp2port - ok 23:02:41.0766 4788 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 23:02:41.0844 4788 scfilter - ok 23:02:41.0890 4788 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 23:02:41.0984 4788 secdrv - ok 23:02:42.0015 4788 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 23:02:42.0046 4788 Serenum - ok 23:02:42.0140 4788 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 23:02:42.0171 4788 Serial - ok 23:02:42.0202 4788 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 23:02:42.0249 4788 sermouse - ok 23:02:42.0280 4788 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 23:02:42.0327 4788 sffdisk - ok 23:02:42.0405 4788 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 23:02:42.0452 4788 sffp_mmc - ok 23:02:42.0483 4788 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 23:02:42.0514 4788 sffp_sd - ok 23:02:42.0624 4788 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 23:02:42.0655 4788 sfloppy - ok 23:02:42.0733 4788 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys 23:02:42.0764 4788 Sftfs - ok 23:02:42.0811 4788 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys 23:02:42.0826 4788 Sftplay - ok 23:02:42.0858 4788 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys 23:02:42.0873 4788 Sftredir - ok 23:02:42.0889 4788 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys 23:02:42.0889 4788 Sftvol - ok 23:02:43.0014 4788 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys 23:02:43.0045 4788 SiSGbeLH - ok 23:02:43.0092 4788 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 23:02:43.0107 4788 SiSRaid2 - ok 23:02:43.0138 4788 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 23:02:43.0154 4788 SiSRaid4 - ok 23:02:43.0232 4788 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 23:02:43.0310 4788 Smb - ok 23:02:43.0435 4788 SNP2UVC (c98375d19f9e9966f6201bae65fb3728) C:\Windows\system32\DRIVERS\snp2uvc.sys 23:02:43.0497 4788 SNP2UVC - ok 23:02:43.0528 4788 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 23:02:43.0544 4788 spldr - ok 23:02:43.0622 4788 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 23:02:43.0684 4788 srv - ok 23:02:43.0794 4788 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 23:02:43.0840 4788 srv2 - ok 23:02:43.0934 4788 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 23:02:43.0965 4788 srvnet - ok 23:02:44.0059 4788 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 23:02:44.0074 4788 stexstor - ok 23:02:44.0106 4788 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 23:02:44.0121 4788 swenum - ok 23:02:44.0199 4788 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 23:02:44.0262 4788 Tcpip - ok 23:02:44.0324 4788 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 23:02:44.0371 4788 TCPIP6 - ok 23:02:44.0402 4788 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 23:02:44.0464 4788 tcpipreg - ok 23:02:44.0496 4788 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 23:02:44.0542 4788 TDPIPE - ok 23:02:44.0574 4788 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 23:02:44.0620 4788 TDTCP - ok 23:02:44.0667 4788 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 23:02:44.0730 4788 tdx - ok 23:02:44.0823 4788 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 23:02:44.0839 4788 TermDD - ok 23:02:44.0917 4788 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 23:02:44.0995 4788 tssecsrv - ok 23:02:45.0073 4788 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 23:02:45.0120 4788 TsUsbFlt - ok 23:02:45.0307 4788 TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys 23:02:45.0307 4788 TuneUpUtilitiesDrv - ok 23:02:45.0385 4788 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 23:02:45.0463 4788 tunnel - ok 23:02:45.0510 4788 TurboB (c45a3e051c65106a28982caed125f855) C:\Windows\system32\DRIVERS\TurboB.sys 23:02:45.0510 4788 TurboB - ok 23:02:45.0541 4788 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 23:02:45.0572 4788 uagp35 - ok 23:02:45.0603 4788 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 23:02:45.0666 4788 udfs - ok 23:02:45.0697 4788 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 23:02:45.0712 4788 uliagpkx - ok 23:02:45.0728 4788 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 23:02:45.0759 4788 umbus - ok 23:02:45.0790 4788 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 23:02:45.0837 4788 UmPass - ok 23:02:45.0900 4788 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 23:02:45.0962 4788 USBAAPL64 - ok 23:02:46.0009 4788 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys 23:02:46.0056 4788 usbaudio - ok 23:02:46.0149 4788 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 23:02:46.0196 4788 usbccgp - ok 23:02:46.0290 4788 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 23:02:46.0336 4788 usbcir - ok 23:02:46.0383 4788 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 23:02:46.0430 4788 usbehci - ok 23:02:46.0477 4788 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 23:02:46.0524 4788 usbhub - ok 23:02:46.0602 4788 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 23:02:46.0633 4788 usbohci - ok 23:02:46.0695 4788 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 23:02:46.0726 4788 usbprint - ok 23:02:46.0789 4788 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 23:02:46.0820 4788 usbscan - ok 23:02:46.0882 4788 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 23:02:46.0929 4788 USBSTOR - ok 23:02:47.0007 4788 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 23:02:47.0038 4788 usbuhci - ok 23:02:47.0116 4788 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 23:02:47.0148 4788 usbvideo - ok 23:02:47.0257 4788 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 23:02:47.0272 4788 vdrvroot - ok 23:02:47.0319 4788 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 23:02:47.0335 4788 vga - ok 23:02:47.0366 4788 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 23:02:47.0444 4788 VgaSave - ok 23:02:47.0491 4788 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 23:02:47.0506 4788 vhdmp - ok 23:02:47.0553 4788 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 23:02:47.0569 4788 viaide - ok 23:02:47.0600 4788 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 23:02:47.0616 4788 volmgr - ok 23:02:47.0647 4788 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 23:02:47.0662 4788 volmgrx - ok 23:02:47.0694 4788 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 23:02:47.0725 4788 volsnap - ok 23:02:47.0756 4788 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 23:02:47.0772 4788 vsmraid - ok 23:02:47.0818 4788 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 23:02:47.0850 4788 vwifibus - ok 23:02:47.0943 4788 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 23:02:47.0974 4788 vwififlt - ok 23:02:48.0021 4788 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 23:02:48.0052 4788 vwifimp - ok 23:02:48.0068 4788 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 23:02:48.0115 4788 WacomPen - ok 23:02:48.0208 4788 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 23:02:48.0286 4788 WANARP - ok 23:02:48.0302 4788 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 23:02:48.0349 4788 Wanarpv6 - ok 23:02:48.0442 4788 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 23:02:48.0458 4788 Wd - ok 23:02:48.0489 4788 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 23:02:48.0520 4788 Wdf01000 - ok 23:02:48.0567 4788 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 23:02:48.0614 4788 WfpLwf - ok 23:02:48.0661 4788 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys 23:02:48.0676 4788 WimFltr - ok 23:02:48.0708 4788 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 23:02:48.0723 4788 WIMMount - ok 23:02:48.0801 4788 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 23:02:48.0832 4788 WinUsb - ok 23:02:48.0895 4788 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 23:02:48.0926 4788 WmiAcpi - ok 23:02:49.0020 4788 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 23:02:49.0098 4788 ws2ifsl - ok 23:02:49.0160 4788 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 23:02:49.0222 4788 WudfPf - ok 23:02:49.0254 4788 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 23:02:49.0316 4788 WUDFRd - ok 23:02:49.0410 4788 {B154377D-700F-42cc-9474-23858FBDF4BD} (74983addca2d9618512c088d856d6615) C:\Program Files (x86)\Cyberlink\PowerDVD9\000.fcl 23:02:49.0425 4788 {B154377D-700F-42cc-9474-23858FBDF4BD} - ok 23:02:49.0441 4788 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 23:02:49.0628 4788 \Device\Harddisk0\DR0 - ok 23:02:53.0185 4788 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1 23:02:54.0261 4788 \Device\Harddisk1\DR1 - ok 23:02:54.0277 4788 Boot (0x1200) (3a1826300fb6dca53980ec975e581e65) \Device\Harddisk0\DR0\Partition0 23:02:54.0277 4788 \Device\Harddisk0\DR0\Partition0 - ok 23:02:54.0339 4788 Boot (0x1200) (f780f8811c7b66a83b30d481b16a02b4) \Device\Harddisk0\DR0\Partition1 23:02:54.0339 4788 \Device\Harddisk0\DR0\Partition1 - ok 23:02:54.0355 4788 Boot (0x1200) (3564e06fa325981c0af053cb1180cec2) \Device\Harddisk1\DR1\Partition0 23:02:54.0355 4788 \Device\Harddisk1\DR1\Partition0 - ok 23:02:54.0355 4788 Boot (0x1200) (087a7183d27cbe0b5a07628488198b06) \Device\Harddisk1\DR1\Partition1 23:02:54.0355 4788 \Device\Harddisk1\DR1\Partition1 - ok 23:02:54.0355 4788 ============================================================ 23:02:54.0355 4788 Scan finished 23:02:54.0355 4788 ============================================================ 23:02:54.0370 4060 Detected object count: 0 23:02:54.0370 4060 Actual detected object count: 0 23:04:01.0794 4496 ============================================================ 23:04:01.0794 4496 Scan started 23:04:01.0794 4496 Mode: Manual; SigCheck; TDLFS; 23:04:01.0794 4496 ============================================================ 23:04:02.0106 4496 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 23:04:02.0121 4496 1394ohci - ok 23:04:02.0168 4496 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 23:04:02.0184 4496 ACPI - ok 23:04:02.0199 4496 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 23:04:02.0215 4496 AcpiPmi - ok 23:04:02.0262 4496 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 23:04:02.0277 4496 adp94xx - ok 23:04:02.0308 4496 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 23:04:02.0308 4496 adpahci - ok 23:04:02.0340 4496 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 23:04:02.0355 4496 adpu320 - ok 23:04:02.0386 4496 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys 23:04:02.0418 4496 AFD - ok 23:04:02.0433 4496 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 23:04:02.0449 4496 agp440 - ok 23:04:02.0480 4496 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 23:04:02.0496 4496 aliide - ok 23:04:02.0511 4496 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 23:04:02.0527 4496 amdide - ok 23:04:02.0558 4496 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 23:04:02.0574 4496 AmdK8 - ok 23:04:02.0745 4496 amdkmdag (91890b3670c129e2b3466d2afae05eac) C:\Windows\system32\DRIVERS\atikmdag.sys 23:04:02.0839 4496 amdkmdag - ok 23:04:02.0870 4496 amdkmdap (cc5b75d4a24e7493408510d061df51aa) C:\Windows\system32\DRIVERS\atikmpag.sys 23:04:02.0886 4496 amdkmdap - ok 23:04:02.0917 4496 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 23:04:02.0917 4496 AmdPPM - ok 23:04:02.0979 4496 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 23:04:02.0995 4496 amdsata - ok 23:04:03.0057 4496 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 23:04:03.0073 4496 amdsbs - ok 23:04:03.0104 4496 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 23:04:03.0120 4496 amdxata - ok 23:04:03.0151 4496 AmUStor (9c7f164b49cadc658d1b3c575782f346) C:\Windows\system32\drivers\AmUStor.SYS 23:04:03.0166 4496 AmUStor - ok 23:04:03.0213 4496 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 23:04:03.0260 4496 AppID - ok 23:04:03.0307 4496 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 23:04:03.0322 4496 arc - ok 23:04:03.0338 4496 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 23:04:03.0354 4496 arcsas - ok 23:04:03.0432 4496 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 23:04:03.0447 4496 ASMMAP64 - ok 23:04:03.0525 4496 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 23:04:03.0588 4496 AsyncMac - ok 23:04:03.0634 4496 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 23:04:03.0634 4496 atapi - ok 23:04:03.0697 4496 athr (f8633cdd09647a64ee8db550630427ff) C:\Windows\system32\DRIVERS\athrx.sys 23:04:03.0744 4496 athr - ok 23:04:03.0775 4496 AtiHDAudioService (e02b26650acc2f4901342d4a66774ad7) C:\Windows\system32\drivers\AtihdW76.sys 23:04:03.0775 4496 AtiHDAudioService - ok 23:04:03.0822 4496 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys 23:04:03.0822 4496 avgntflt - ok 23:04:03.0837 4496 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys 23:04:03.0853 4496 avipbb - ok 23:04:03.0884 4496 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 23:04:03.0900 4496 b06bdrv - ok 23:04:03.0931 4496 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 23:04:03.0931 4496 b57nd60a - ok 23:04:03.0962 4496 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 23:04:04.0009 4496 Beep - ok 23:04:04.0087 4496 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 23:04:04.0118 4496 blbdrive - ok 23:04:04.0165 4496 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 23:04:04.0180 4496 bowser - ok 23:04:04.0196 4496 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 23:04:04.0227 4496 BrFiltLo - ok 23:04:04.0243 4496 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 23:04:04.0258 4496 BrFiltUp - ok 23:04:04.0352 4496 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\system32\Drivers\Brserid.sys 23:04:04.0368 4496 Brserid - ok 23:04:04.0399 4496 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 23:04:04.0430 4496 BrSerWdm - ok 23:04:04.0461 4496 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 23:04:04.0477 4496 BrUsbMdm - ok 23:04:04.0492 4496 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\Drivers\BrUsbSer.sys 23:04:04.0524 4496 BrUsbSer - ok 23:04:04.0555 4496 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 23:04:04.0570 4496 BTHMODEM - ok 23:04:04.0602 4496 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 23:04:04.0633 4496 cdfs - ok 23:04:04.0711 4496 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 23:04:04.0726 4496 cdrom - ok 23:04:04.0773 4496 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 23:04:04.0804 4496 circlass - ok 23:04:04.0851 4496 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 23:04:04.0867 4496 CLFS - ok 23:04:04.0929 4496 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 23:04:04.0945 4496 CmBatt - ok 23:04:04.0960 4496 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 23:04:04.0976 4496 cmdide - ok 23:04:05.0007 4496 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 23:04:05.0023 4496 CNG - ok 23:04:05.0054 4496 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 23:04:05.0070 4496 Compbatt - ok 23:04:05.0085 4496 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 23:04:05.0101 4496 CompositeBus - ok 23:04:05.0116 4496 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 23:04:05.0132 4496 crcdisk - ok 23:04:05.0179 4496 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 23:04:05.0226 4496 DfsC - ok 23:04:05.0257 4496 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 23:04:05.0288 4496 discache - ok 23:04:05.0335 4496 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 23:04:05.0350 4496 Disk - ok 23:04:05.0382 4496 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 23:04:05.0397 4496 drmkaud - ok 23:04:05.0444 4496 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 23:04:05.0475 4496 DXGKrnl - ok 23:04:05.0569 4496 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 23:04:05.0631 4496 ebdrv - ok 23:04:05.0662 4496 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 23:04:05.0678 4496 elxstor - ok 23:04:05.0709 4496 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 23:04:05.0709 4496 ErrDev - ok 23:04:05.0756 4496 esgiguard - ok 23:04:05.0834 4496 ETD (05b0dcda418e297a1b4cd8d7b8ade403) C:\Windows\system32\DRIVERS\ETD.sys 23:04:05.0850 4496 ETD - ok 23:04:05.0896 4496 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 23:04:05.0959 4496 exfat - ok 23:04:05.0990 4496 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 23:04:06.0021 4496 fastfat - ok 23:04:06.0037 4496 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 23:04:06.0052 4496 fdc - ok 23:04:06.0099 4496 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 23:04:06.0099 4496 FileInfo - ok 23:04:06.0130 4496 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 23:04:06.0162 4496 Filetrace - ok 23:04:06.0177 4496 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 23:04:06.0193 4496 flpydisk - ok 23:04:06.0228 4496 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 23:04:06.0248 4496 FltMgr - ok 23:04:06.0288 4496 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 23:04:06.0298 4496 FsDepends - ok 23:04:06.0328 4496 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys 23:04:06.0338 4496 fssfltr - ok 23:04:06.0348 4496 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 23:04:06.0358 4496 Fs_Rec - ok 23:04:06.0388 4496 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 23:04:06.0408 4496 fvevol - ok 23:04:06.0438 4496 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 23:04:06.0448 4496 gagp30kx - ok 23:04:06.0498 4496 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 23:04:06.0518 4496 hcw85cir - ok 23:04:06.0548 4496 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 23:04:06.0568 4496 HdAudAddService - ok 23:04:06.0598 4496 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 23:04:06.0608 4496 HDAudBus - ok 23:04:06.0628 4496 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys 23:04:06.0638 4496 HECIx64 - ok 23:04:06.0658 4496 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 23:04:06.0678 4496 HidBatt - ok 23:04:06.0698 4496 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 23:04:06.0708 4496 HidBth - ok 23:04:06.0728 4496 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 23:04:06.0748 4496 HidIr - ok 23:04:06.0778 4496 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys 23:04:06.0788 4496 HidUsb - ok 23:04:06.0828 4496 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 23:04:06.0838 4496 HpSAMD - ok 23:04:06.0888 4496 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 23:04:06.0948 4496 HTTP - ok 23:04:06.0968 4496 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 23:04:06.0978 4496 hwpolicy - ok 23:04:07.0018 4496 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 23:04:07.0028 4496 i8042prt - ok 23:04:07.0078 4496 iaStor (2064090c9faad92c090d77e50e735b2e) C:\Windows\system32\DRIVERS\iaStor.sys 23:04:07.0098 4496 iaStor - ok 23:04:07.0138 4496 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 23:04:07.0158 4496 iaStorV - ok 23:04:07.0218 4496 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 23:04:07.0228 4496 iirsp - ok 23:04:07.0268 4496 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys 23:04:07.0278 4496 Impcd - ok 23:04:07.0368 4496 IntcAzAudAddService (589b94a9b73a0e819ff873743a480834) C:\Windows\system32\drivers\RTKVHD64.sys 23:04:07.0424 4496 IntcAzAudAddService - ok 23:04:07.0453 4496 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 23:04:07.0461 4496 intelide - ok 23:04:07.0487 4496 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 23:04:07.0497 4496 intelppm - ok 23:04:07.0533 4496 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 23:04:07.0565 4496 IpFilterDriver - ok 23:04:07.0594 4496 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 23:04:07.0604 4496 IPMIDRV - ok 23:04:07.0634 4496 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 23:04:07.0668 4496 IPNAT - ok 23:04:07.0686 4496 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 23:04:07.0700 4496 IRENUM - ok 23:04:07.0733 4496 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 23:04:07.0741 4496 isapnp - ok 23:04:07.0765 4496 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 23:04:07.0778 4496 iScsiPrt - ok 23:04:07.0800 4496 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 23:04:07.0809 4496 kbdclass - ok 23:04:07.0831 4496 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 23:04:07.0843 4496 kbdhid - ok 23:04:07.0869 4496 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys 23:04:07.0875 4496 kbfiltr - ok 23:04:07.0916 4496 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 23:04:07.0927 4496 KSecDD - ok 23:04:07.0959 4496 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 23:04:07.0978 4496 KSecPkg - ok 23:04:08.0009 4496 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 23:04:08.0051 4496 ksthunk - ok 23:04:08.0076 4496 L1C (48686c29856f46443952a831424f8d6f) C:\Windows\system32\DRIVERS\L1C62x64.sys 23:04:08.0085 4496 L1C - ok 23:04:08.0108 4496 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 23:04:08.0144 4496 lltdio - ok 23:04:08.0169 4496 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 23:04:08.0178 4496 LSI_FC - ok 23:04:08.0189 4496 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 23:04:08.0198 4496 LSI_SAS - ok 23:04:08.0208 4496 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 23:04:08.0216 4496 LSI_SAS2 - ok 23:04:08.0227 4496 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 23:04:08.0235 4496 LSI_SCSI - ok 23:04:08.0252 4496 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 23:04:08.0285 4496 luafv - ok 23:04:08.0305 4496 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 23:04:08.0312 4496 megasas - ok 23:04:08.0341 4496 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 23:04:08.0352 4496 MegaSR - ok 23:04:08.0364 4496 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 23:04:08.0396 4496 Modem - ok 23:04:08.0426 4496 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 23:04:08.0442 4496 monitor - ok 23:04:08.0470 4496 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys 23:04:08.0479 4496 mouclass - ok 23:04:08.0514 4496 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 23:04:08.0527 4496 mouhid - ok 23:04:08.0554 4496 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 23:04:08.0565 4496 mountmgr - ok 23:04:08.0599 4496 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 23:04:08.0611 4496 mpio - ok 23:04:08.0647 4496 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 23:04:08.0700 4496 mpsdrv - ok 23:04:08.0728 4496 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 23:04:08.0743 4496 MRxDAV - ok 23:04:08.0774 4496 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 23:04:08.0784 4496 mrxsmb - ok 23:04:08.0819 4496 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 23:04:08.0832 4496 mrxsmb10 - ok 23:04:08.0856 4496 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 23:04:08.0868 4496 mrxsmb20 - ok 23:04:08.0900 4496 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 23:04:08.0909 4496 msahci - ok 23:04:08.0929 4496 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 23:04:08.0942 4496 msdsm - ok 23:04:08.0976 4496 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 23:04:09.0014 4496 Msfs - ok 23:04:09.0036 4496 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 23:04:09.0071 4496 mshidkmdf - ok 23:04:09.0109 4496 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 23:04:09.0119 4496 msisadrv - ok 23:04:09.0152 4496 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 23:04:09.0192 4496 MSKSSRV - ok 23:04:09.0213 4496 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 23:04:09.0251 4496 MSPCLOCK - ok 23:04:09.0263 4496 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 23:04:09.0296 4496 MSPQM - ok 23:04:09.0326 4496 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 23:04:09.0339 4496 MsRPC - ok 23:04:09.0370 4496 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 23:04:09.0379 4496 mssmbios - ok 23:04:09.0419 4496 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 23:04:09.0454 4496 MSTEE - ok 23:04:09.0470 4496 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 23:04:09.0485 4496 MTConfig - ok 23:04:09.0516 4496 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys 23:04:09.0516 4496 MTsensor - ok 23:04:09.0579 4496 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 23:04:09.0610 4496 Mup - ok 23:04:09.0641 4496 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 23:04:09.0672 4496 NativeWifiP - ok 23:04:09.0704 4496 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 23:04:09.0735 4496 NDIS - ok 23:04:09.0750 4496 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 23:04:09.0782 4496 NdisCap - ok 23:04:09.0813 4496 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 23:04:09.0844 4496 NdisTapi - ok 23:04:09.0922 4496 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 23:04:09.0969 4496 Ndisuio - ok 23:04:10.0000 4496 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 23:04:10.0047 4496 NdisWan - ok 23:04:10.0094 4496 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 23:04:10.0140 4496 NDProxy - ok 23:04:10.0172 4496 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 23:04:10.0203 4496 NetBIOS - ok 23:04:10.0234 4496 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 23:04:10.0281 4496 NetBT - ok 23:04:10.0296 4496 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 23:04:10.0312 4496 nfrd960 - ok 23:04:10.0343 4496 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 23:04:10.0374 4496 Npfs - ok 23:04:10.0452 4496 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 23:04:10.0499 4496 nsiproxy - ok 23:04:10.0562 4496 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 23:04:10.0593 4496 Ntfs - ok 23:04:10.0640 4496 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 23:04:10.0686 4496 Null - ok 23:04:10.0718 4496 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 23:04:10.0733 4496 nvraid - ok 23:04:10.0764 4496 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 23:04:10.0764 4496 nvstor - ok 23:04:10.0796 4496 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 23:04:10.0811 4496 nv_agp - ok 23:04:10.0842 4496 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 23:04:10.0842 4496 ohci1394 - ok 23:04:10.0889 4496 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 23:04:10.0905 4496 Parport - ok 23:04:10.0936 4496 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 23:04:10.0936 4496 partmgr - ok 23:04:10.0983 4496 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 23:04:10.0998 4496 pci - ok 23:04:11.0014 4496 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 23:04:11.0014 4496 pciide - ok 23:04:11.0045 4496 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 23:04:11.0061 4496 pcmcia - ok 23:04:11.0092 4496 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 23:04:11.0092 4496 pcw - ok 23:04:11.0132 4496 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 23:04:11.0169 4496 PEAUTH - ok 23:04:11.0209 4496 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 23:04:11.0243 4496 PptpMiniport - ok 23:04:11.0278 4496 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 23:04:11.0290 4496 Processor - ok 23:04:11.0326 4496 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 23:04:11.0362 4496 Psched - ok 23:04:11.0427 4496 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 23:04:11.0472 4496 ql2300 - ok 23:04:11.0496 4496 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 23:04:11.0505 4496 ql40xx - ok 23:04:11.0529 4496 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 23:04:11.0544 4496 QWAVEdrv - ok 23:04:11.0564 4496 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 23:04:11.0598 4496 RasAcd - ok 23:04:11.0626 4496 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 23:04:11.0660 4496 RasAgileVpn - ok 23:04:11.0692 4496 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 23:04:11.0725 4496 Rasl2tp - ok 23:04:11.0816 4496 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 23:04:11.0873 4496 RasPppoe - ok 23:04:11.0913 4496 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 23:04:11.0955 4496 RasSstp - ok 23:04:12.0000 4496 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 23:04:12.0051 4496 rdbss - ok 23:04:12.0090 4496 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 23:04:12.0102 4496 rdpbus - ok 23:04:12.0108 4496 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 23:04:12.0154 4496 RDPCDD - ok 23:04:12.0186 4496 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 23:04:12.0248 4496 RDPENCDD - ok 23:04:12.0264 4496 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 23:04:12.0279 4496 RDPREFMP - ok 23:04:12.0310 4496 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 23:04:12.0357 4496 RDPWD - ok 23:04:12.0388 4496 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 23:04:12.0404 4496 rdyboost - ok 23:04:12.0451 4496 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 23:04:12.0482 4496 rspndr - ok 23:04:12.0513 4496 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 23:04:12.0529 4496 sbp2port - ok 23:04:12.0560 4496 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 23:04:12.0607 4496 scfilter - ok 23:04:12.0638 4496 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 23:04:12.0669 4496 secdrv - ok 23:04:12.0685 4496 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 23:04:12.0700 4496 Serenum - ok 23:04:12.0732 4496 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 23:04:12.0732 4496 Serial - ok 23:04:12.0763 4496 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 23:04:12.0778 4496 sermouse - ok 23:04:12.0794 4496 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 23:04:12.0810 4496 sffdisk - ok 23:04:12.0872 4496 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 23:04:12.0888 4496 sffp_mmc - ok 23:04:12.0934 4496 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 23:04:12.0950 4496 sffp_sd - ok 23:04:12.0981 4496 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 23:04:12.0997 4496 sfloppy - ok 23:04:13.0059 4496 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys 23:04:13.0090 4496 Sftfs - ok 23:04:13.0153 4496 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys 23:04:13.0168 4496 Sftplay - ok 23:04:13.0200 4496 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys 23:04:13.0200 4496 Sftredir - ok 23:04:13.0215 4496 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys 23:04:13.0231 4496 Sftvol - ok 23:04:13.0262 4496 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys 23:04:13.0278 4496 SiSGbeLH - ok 23:04:13.0309 4496 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 23:04:13.0324 4496 SiSRaid2 - ok 23:04:13.0340 4496 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 23:04:13.0356 4496 SiSRaid4 - ok 23:04:13.0371 4496 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 23:04:13.0418 4496 Smb - ok 23:04:13.0480 4496 SNP2UVC (c98375d19f9e9966f6201bae65fb3728) C:\Windows\system32\DRIVERS\snp2uvc.sys 23:04:13.0512 4496 SNP2UVC - ok 23:04:13.0543 4496 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 23:04:13.0558 4496 spldr - ok 23:04:13.0590 4496 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 23:04:13.0605 4496 srv - ok 23:04:13.0652 4496 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 23:04:13.0652 4496 srv2 - ok 23:04:13.0730 4496 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 23:04:13.0761 4496 srvnet - ok 23:04:13.0839 4496 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 23:04:13.0855 4496 stexstor - ok 23:04:13.0933 4496 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 23:04:13.0948 4496 swenum - ok 23:04:14.0058 4496 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 23:04:14.0089 4496 Tcpip - ok 23:04:14.0182 4496 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 23:04:14.0229 4496 TCPIP6 - ok 23:04:14.0276 4496 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 23:04:14.0307 4496 tcpipreg - ok 23:04:14.0354 4496 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 23:04:14.0385 4496 TDPIPE - ok 23:04:14.0432 4496 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 23:04:14.0479 4496 TDTCP - ok 23:04:14.0526 4496 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 23:04:14.0557 4496 tdx - ok 23:04:14.0588 4496 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 23:04:14.0604 4496 TermDD - ok 23:04:14.0650 4496 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 23:04:14.0682 4496 tssecsrv - ok 23:04:14.0697 4496 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 23:04:14.0713 4496 TsUsbFlt - ok 23:04:14.0884 4496 TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys 23:04:14.0884 4496 TuneUpUtilitiesDrv - ok 23:04:14.0962 4496 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 23:04:15.0025 4496 tunnel - ok 23:04:15.0072 4496 TurboB (c45a3e051c65106a28982caed125f855) C:\Windows\system32\DRIVERS\TurboB.sys 23:04:15.0072 4496 TurboB - ok 23:04:15.0103 4496 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 23:04:15.0118 4496 uagp35 - ok 23:04:15.0165 4496 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 23:04:15.0212 4496 udfs - ok 23:04:15.0243 4496 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 23:04:15.0259 4496 uliagpkx - ok 23:04:15.0274 4496 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 23:04:15.0290 4496 umbus - ok 23:04:15.0321 4496 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 23:04:15.0337 4496 UmPass - ok 23:04:15.0368 4496 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 23:04:15.0368 4496 USBAAPL64 - ok 23:04:15.0399 4496 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys 23:04:15.0430 4496 usbaudio - ok 23:04:15.0462 4496 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 23:04:15.0493 4496 usbccgp - ok 23:04:15.0508 4496 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 23:04:15.0540 4496 usbcir - ok 23:04:15.0571 4496 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 23:04:15.0586 4496 usbehci - ok 23:04:15.0602 4496 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 23:04:15.0618 4496 usbhub - ok 23:04:15.0633 4496 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 23:04:15.0649 4496 usbohci - ok 23:04:15.0680 4496 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 23:04:15.0696 4496 usbprint - ok 23:04:15.0727 4496 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 23:04:15.0758 4496 usbscan - ok 23:04:15.0774 4496 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 23:04:15.0789 4496 USBSTOR - ok 23:04:15.0820 4496 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 23:04:15.0836 4496 usbuhci - ok 23:04:15.0867 4496 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 23:04:15.0883 4496 usbvideo - ok 23:04:15.0914 4496 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 23:04:15.0914 4496 vdrvroot - ok 23:04:15.0945 4496 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 23:04:15.0961 4496 vga - ok 23:04:15.0976 4496 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 23:04:16.0008 4496 VgaSave - ok 23:04:16.0054 4496 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 23:04:16.0054 4496 vhdmp - ok 23:04:16.0101 4496 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 23:04:16.0117 4496 viaide - ok 23:04:16.0164 4496 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 23:04:16.0179 4496 volmgr - ok 23:04:16.0210 4496 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 23:04:16.0226 4496 volmgrx - ok 23:04:16.0257 4496 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 23:04:16.0288 4496 volsnap - ok 23:04:16.0335 4496 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 23:04:16.0366 4496 vsmraid - ok 23:04:16.0398 4496 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 23:04:16.0429 4496 vwifibus - ok 23:04:16.0444 4496 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 23:04:16.0476 4496 vwififlt - ok 23:04:16.0538 4496 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 23:04:16.0569 4496 vwifimp - ok 23:04:16.0600 4496 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 23:04:16.0632 4496 WacomPen - ok 23:04:16.0663 4496 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 23:04:16.0710 4496 WANARP - ok 23:04:16.0725 4496 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 23:04:16.0756 4496 Wanarpv6 - ok 23:04:16.0834 4496 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 23:04:16.0850 4496 Wd - ok 23:04:16.0881 4496 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 23:04:16.0912 4496 Wdf01000 - ok 23:04:16.0975 4496 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 23:04:17.0022 4496 WfpLwf - ok 23:04:17.0084 4496 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys 23:04:17.0100 4496 WimFltr - ok 23:04:17.0131 4496 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 23:04:17.0131 4496 WIMMount - ok 23:04:17.0193 4496 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 23:04:17.0209 4496 WinUsb - ok 23:04:17.0256 4496 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 23:04:17.0256 4496 WmiAcpi - ok 23:04:17.0302 4496 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 23:04:17.0349 4496 ws2ifsl - ok 23:04:17.0365 4496 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 23:04:17.0412 4496 WudfPf - ok 23:04:17.0427 4496 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 23:04:17.0458 4496 WUDFRd - ok 23:04:17.0568 4496 {B154377D-700F-42cc-9474-23858FBDF4BD} (74983addca2d9618512c088d856d6615) C:\Program Files (x86)\Cyberlink\PowerDVD9\000.fcl 23:04:17.0583 4496 {B154377D-700F-42cc-9474-23858FBDF4BD} - ok 23:04:17.0599 4496 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 23:04:17.0770 4496 \Device\Harddisk0\DR0 - ok 23:04:21.0452 4496 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1 23:04:22.0248 4496 \Device\Harddisk1\DR1 - ok 23:04:22.0263 4496 Boot (0x1200) (3a1826300fb6dca53980ec975e581e65) \Device\Harddisk0\DR0\Partition0 23:04:22.0263 4496 \Device\Harddisk0\DR0\Partition0 - ok 23:04:22.0326 4496 Boot (0x1200) (f780f8811c7b66a83b30d481b16a02b4) \Device\Harddisk0\DR0\Partition1 23:04:22.0326 4496 \Device\Harddisk0\DR0\Partition1 - ok 23:04:22.0326 4496 Boot (0x1200) (3564e06fa325981c0af053cb1180cec2) \Device\Harddisk1\DR1\Partition0 23:04:22.0341 4496 \Device\Harddisk1\DR1\Partition0 - ok 23:04:22.0341 4496 Boot (0x1200) (087a7183d27cbe0b5a07628488198b06) \Device\Harddisk1\DR1\Partition1 23:04:22.0341 4496 \Device\Harddisk1\DR1\Partition1 - ok 23:04:22.0341 4496 ============================================================ 23:04:22.0341 4496 Scan finished 23:04:22.0341 4496 ============================================================ 23:04:22.0357 3280 Detected object count: 0 23:04:22.0357 3280 Actual detected object count: 0 |
|
08.02.2012, 09:47
| #23 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kriege Spy Hunter nicht gelöscht Bitte die nächsten Logs wieder in CODE-Tags! Dann jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.02.2012, 21:19
| #24 |
| | Kriege Spy Hunter nicht gelöscht Combofix Logfile: Code:
ATTFilter ComboFix 12-02-08.02 - AJDA 08.02.2012 21:03:45.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.5997.4329 [GMT 1:00]
ausgeführt von:: c:\users\AJDA\Downloads\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-01-08 bis 2012-02-08 ))))))))))))))))))))))))))))))
.
.
2012-02-08 20:08 . 2012-02-08 20:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-08 18:41 . 2012-01-17 03:39 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{07B76ACF-0633-4BA0-86DD-A21D314642BB}\mpengine.dll
2012-02-07 21:12 . 2012-02-07 21:12 -------- d-----w- C:\_OTL
2012-02-06 16:40 . 2012-02-06 16:40 -------- d-----w- c:\users\AJDA\.thumbnails
2012-02-06 16:37 . 2012-02-06 16:41 -------- d-----w- c:\users\AJDA\.gimp-2.6
2012-02-03 16:25 . 2011-12-14 11:23 35648 ----a-w- c:\windows\system32\uxtuneup.dll
2012-02-03 16:25 . 2011-12-14 11:23 28992 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2012-02-02 18:43 . 2012-02-02 18:43 -------- d-----w- c:\programdata\AVG Secure Search
2012-02-02 13:11 . 2012-02-02 13:11 -------- d-----w- c:\users\AJDA\AppData\Roaming\Malwarebytes
2012-02-02 13:11 . 2012-02-02 13:11 -------- d-----w- c:\programdata\Malwarebytes
2012-02-02 13:11 . 2012-02-02 13:11 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-02-02 13:11 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-02 13:06 . 2011-12-14 11:23 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2012-02-02 13:06 . 2011-12-14 11:23 25920 ----a-w- c:\windows\system32\authuitu.dll
2012-02-02 13:06 . 2011-12-14 11:23 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2012-02-01 19:38 . 2012-02-01 19:38 -------- d-----w- c:\program files (x86)\ESET
2012-02-01 19:29 . 2012-02-07 16:21 -------- d-----w- c:\program files (x86)\AVG Secure Search
2012-02-01 19:29 . 2012-02-01 19:29 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2012-02-01 19:29 . 2012-02-01 19:29 -------- d-----w- c:\programdata\Common Files
2012-02-01 19:29 . 2012-02-03 16:25 -------- d-----w- c:\users\AJDA\AppData\Roaming\TuneUp Software
2012-02-01 19:29 . 2012-02-02 13:05 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2012
2012-02-01 19:25 . 2012-02-02 13:06 -------- d-----w- c:\programdata\TuneUp Software
2012-02-01 19:25 . 2012-02-01 19:25 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-01-27 15:47 . 2012-01-26 23:52 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-01-26 18:03 . 2004-12-18 19:32 38229 ------w- c:\windows\SysWow64\drivers\StMp3Rec.sys
2012-01-26 18:03 . 2012-01-26 18:03 -------- d-----w- c:\program files (x86)\iPod
2012-01-24 18:44 . 2012-01-26 18:04 -------- d-----w- c:\windows\Downloaded Installations
2012-01-23 16:59 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll
2012-01-23 16:59 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll
2012-01-23 16:59 . 2011-10-26 05:25 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-01-23 16:59 . 2011-10-26 04:32 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-01-23 16:59 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-01-23 16:59 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-01-23 16:59 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-01-23 16:59 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-24 04:52 . 2011-12-14 13:04 3145216 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2012-02-08_19.42.22 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-02-08 20:08 . 2012-02-08 20:08 13306 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2012-02-08 19:41 . 2012-02-08 19:41 13306 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
+ 2011-03-08 21:49 . 2012-02-08 19:52 61200 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-02-08 19:52 35676 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-03-23 20:57 . 2012-02-08 19:52 10772 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2285515195-610978323-2317577071-1000_UserData.bin
+ 2011-04-03 00:34 . 2012-02-08 19:49 5260 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2012-02-08 20:09 . 2012-02-08 20:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-02-08 19:41 . 2012-02-08 19:41 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-02-08 19:41 . 2012-02-08 19:41 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-02-08 20:09 . 2012-02-08 20:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2012-02-08 19:41 282556 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-02-08 20:08 282556 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-04-18 20:15 . 2012-02-08 20:08 2583276 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2285515195-610978323-2317577071-1000-12288.dat
- 2011-04-18 20:15 . 2012-02-07 22:38 2583276 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2285515195-610978323-2317577071-1000-12288.dat
- 2011-03-24 00:02 . 2012-02-08 19:41 43001624 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2285515195-610978323-2317577071-1000-8192.dat
+ 2011-03-24 00:02 . 2012-02-08 20:08 43001624 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2285515195-610978323-2317577071-1000-8192.dat
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{7C9B39E6-6606-4ED2-8A3F-36E39C78CBDC}]
2012-02-02 13:33 269824 ----a-w- c:\users\AJDA\AppData\LocalLow\ReminderFox\IE\ReminderFox.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-02-02 18:43 1811296 ----a-w- c:\program files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll" [2012-02-02 1811296]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-06 222496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2011-6-17 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "c:\programdata\Nuance\PDF Reader\Ereg\Ereg.ini"
"SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe"
"PaperPort PTD"=c:\program files (x86)\ScanSoft\PaperPort\pptd40nt.exe
"facemoods"="c:\program files (x86)\facemoods.com\facemoods\1.4.17.6\facemoodssrv.exe" /md I
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"BDRegion"=c:\program files (x86)\Cyberlink\Shared files\brs.exe
"BabylonToolbar"="c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I
"ATKMEDIA"=c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
"ASUSWebStorage"=c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
"Wireless Console 3"=c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe
"RemoteControl9"="c:\program files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe"
"IndexSearch"=c:\program files (x86)\ScanSoft\PaperPort\IndexSearch.exe
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "c:\program files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "c:\program files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
"ROC_roc_dec12"="c:\program files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
"HControlUser"=c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-08 135664]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-08 135664]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R4 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
R4 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-07-07 195336]
R4 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-06-15 249648]
R4 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-04-15 2280312]
R4 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-08-06 118672]
R4 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2011/03/08 12:48];c:\program files (x86)\Cyberlink\PowerDVD9\000.fcl [2010-02-24 19:14 146928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-05-30 136360]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
S2 ReminderFoxUpdater;ReminderFox Updater;c:\users\AJDA\AppData\LocalLow\ReminderFox\IE\ReminderFoxUpdater.exe [2012-02-02 18432]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-14 2123584]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 vToolbarUpdater;vToolbarUpdater;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe [2012-02-02 909152]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-12-12 11856]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-02-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2285515195-610978323-2317577071-1000Core.job
- c:\users\AJDA\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-02 19:27]
.
2012-02-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2285515195-610978323-2317577071-1000UA.job
- c:\users\AJDA\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-02 19:27]
.
2012-02-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-08 20:56]
.
2012-02-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-08 20:56]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"snp2uvc"="c:\windows\vsnp2uvc.exe" [2010-01-21 909824]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mStart Page =
mLocal Page =
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files (x86)\Cyberlink\PowerDVD9\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-02-08 21:14:09 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-02-08 20:14
ComboFix2.txt 2012-02-08 19:46
.
Vor Suchlauf: 17 Verzeichnis(se), 72.646.201.344 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 72.338.395.136 Bytes frei
.
- - End Of File - - 48DFC7EC76FC93C5B3779C4E6FA707EF
|
|
09.02.2012, 14:11
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kriege Spy Hunter nicht gelöscht Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.02.2012, 17:16
| #26 |
| | Kriege Spy Hunter nicht gelöscht aswMBR version 0.9.9.1532 Copyright(c) 2011 AVAST Software Run date: 2012-02-09 17:05:43 ----------------------------- 17:05:43.766 OS Version: Windows x64 6.1.7601 Service Pack 1 17:05:43.766 Number of processors: 4 586 0x2505 17:05:43.766 ComputerName: AJDA-PC UserName: AJDA 17:05:50.198 Initialize success 17:08:17.650 AVAST engine defs: 12020902 17:08:53.450 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 17:08:53.450 Disk 0 Vendor: ST950032 0003 Size: 476940MB BusType: 3 17:08:53.450 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2 17:08:53.466 Disk 1 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3 17:08:53.466 Disk 0 MBR read successfully 17:08:53.481 Disk 0 MBR scan 17:08:53.497 Disk 0 Windows 7 default MBR code 17:08:53.512 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 22000 MB offset 64 17:08:53.528 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 117987 MB offset 45056064 17:08:53.544 Disk 0 Partition - 00 0F Extended LBA 336952 MB offset 286694093 17:08:53.559 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 336951 MB offset 286696141 17:08:53.575 Service scanning 17:09:01.406 Modules scanning 17:09:01.406 Disk 0 trace - called modules: 17:09:01.453 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll 17:09:01.453 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800658d060] 17:09:01.468 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa800544f040] 17:09:01.468 5 ACPI.sys[fffff88000f7f7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800628b050] 17:09:03.060 AVAST engine scan C:\Windows 17:09:11.390 AVAST engine scan C:\Windows\system32 17:14:23.042 AVAST engine scan C:\Windows\system32\drivers 17:14:40.044 AVAST engine scan C:\Users\AJDA 17:15:37.221 Disk 0 MBR has been saved successfully to "C:\Users\AJDA\Desktop\MBR.dat" 17:15:37.221 The log file has been saved successfully to "C:\Users\AJDA\Desktop\aswMBR.txt" |
|
09.02.2012, 20:37
| #27 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kriege Spy Hunter nicht gelöscht Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.02.2012, 21:42
| #28 |
| | Kriege Spy Hunter nicht gelöscht Malwarebytes Anti-Malware 1.60.1.1000 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: v2012.02.12.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 AJDA :: AJDA-PC [Administrator] 12.02.2012 20:04:22 mbam-log-2012-02-12 (20-04-22).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 338163 Laufzeit: 58 Minute(n), 21 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
13.02.2012, 11:21
| #29 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kriege Spy Hunter nicht gelöscht Ok, fehlt noch SASW
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.02.2012, 19:23
| #30 |
| | Kriege Spy Hunter nicht gelöscht SUPERAntiSpyware Scan Log SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware! Generated 02/13/2012 at 07:14 PM Application Version : 5.0.1144 Core Rules Database Version : 8231 Trace Rules Database Version: 6043 Scan type : Complete Scan Total Scan Time : 00:59:55 Operating System Information Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601) UAC On - Limited User Memory items scanned : 491 Memory threats detected : 0 Registry items scanned : 65259 Registry threats detected : 0 File items scanned : 81007 File threats detected : 73 Adware.Tracking Cookie C:\Users\AJDA\AppData\Roaming\Microsoft\Windows\Cookies\QU1G2LWB.txt [ /mediaplex.com ] C:\Users\AJDA\AppData\Roaming\Microsoft\Windows\Cookies\V9DKK4HF.txt [ /doubleclick.net ] C:\Users\AJDA\AppData\Roaming\Microsoft\Windows\Cookies\HQ1W4YZ6.txt [ /smartadserver.com ] C:\Users\AJDA\AppData\Roaming\Microsoft\Windows\Cookies\3DJWWPDG.txt [ /atdmt.com ] C:\Users\AJDA\AppData\Roaming\Microsoft\Windows\Cookies\H6E8WTOZ.txt [ /apmebf.com ] C:\USERS\AJDA\Cookies\QU1G2LWB.txt [ Cookie:ajda@mediaplex.com/ ] C:\USERS\AJDA\Cookies\V9DKK4HF.txt [ Cookie:ajda@doubleclick.net/ ] C:\USERS\AJDA\Cookies\HQ1W4YZ6.txt [ Cookie:ajda@smartadserver.com/ ] C:\USERS\AJDA\Cookies\3DJWWPDG.txt [ Cookie:ajda@atdmt.com/ ] C:\USERS\AJDA\Cookies\H6E8WTOZ.txt [ Cookie:ajda@apmebf.com/ ] .atdmt.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .h.atdmt.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .h.atdmt.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .atdmt.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .atdmt.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .h.atdmt.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .h.atdmt.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tracking.quisma.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .atdmt.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .webmasterplan.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tracking.quisma.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tracking.quisma.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] tracking.quisma.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] tracking.quisma.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .doubleclick.net [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .doubleclick.net [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adfarm1.adition.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adfarm1.adition.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .efeducationfirst.112.2o7.net [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adserver.adtechus.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tribalfusion.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .im.banner.t-online.de [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .apmebf.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .mediaplex.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .mediaplex.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .webmasterplan.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .webmasterplan.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .webmasterplan.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .traffictrack.de [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .webmasterplan.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tracking.mindshare.de [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .webmasterplan.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .webmasterplan.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .im.banner.t-online.de [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .invitemedia.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .webmasterplan.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .webmasterplan.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .webmasterplan.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .webmasterplan.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .zanox.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .webmasterplan.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.zanox.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tradedoubler.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tradedoubler.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tradedoubler.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adfarm1.adition.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adfarm1.adition.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adfarm1.adition.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adfarm1.adition.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adfarm1.adition.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad2.adfarm1.adition.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adfarm1.adition.com [ C:\USERS\AJDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] Trojan.Agent/Gen-SoftonicDownloader C:\_OTL\MOVEDFILES\02072012_221250\C_USERS\AJDA\DOWNLOADS\SOFTONICDOWNLOADER_FUER_WINDOWS-LIVE-MESSENGER(1).EXE C:\_OTL\MOVEDFILES\02072012_221250\C_USERS\AJDA\DOWNLOADS\SOFTONICDOWNLOADER_FUER_WINDOWS-LIVE-MESSENGER.EXE |
|
Linear-Darstellung
