MyStart By IncrediBar lässt sich nicht Löschen

cosinus · 07.09.2012, 10:08

Hm, da ist immer noch Toolbar-Müll drin
Bitte mal den aktuellen adwCleaner runterladen, also die alte adwcleaner löschen und neu runterladen

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!

Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Suche.
Nach Ende des Suchlaufs öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)

sentinel · 08.09.2012, 11:49

Code:

ATTFilter

# AdwCleaner v2.000 - Datei am 09/08/2012 um 12:17:09 erstellt
# Aktualisiert am 30/08/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Business Service Pack 2 (32 bits)
# Benutzer : ****l - ****-PC
# Normaler Modus : Normal
# Ausgeführt unter : C:\Users\Jandl\Downloads\adwcleaner (2).exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Gelöscht mit Neustart : C:\Program Files\Common Files\AVG Secure Search

***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v12.0 (de)

Profilname : default 
Datei : C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\tl2r70oi.default\prefs.js

Gelöscht : user_pref("extensions.enabledAddons", "ffxtlbr@Facemoods.com:1.4.0,longurlplease@darragh.curran:0.5.[...]
Gelöscht : user_pref("extensions.facemoods._xpiupdate", true);
Gelöscht : user_pref("extensions.facemoods.aflt", "_#wbst");
Gelöscht : user_pref("extensions.facemoods.fcmdVrsn", "1.2.7.5.4");
Gelöscht : user_pref("extensions.facemoods.firstRun", false);
Gelöscht : user_pref("extensions.facemoods.first_time", false);
Gelöscht : user_pref("extensions.facemoods.id", "_#a3521f6715184291a19f521d7a1b40b7");
Gelöscht : user_pref("extensions.facemoods.instlDay", "_#15589");
Gelöscht : user_pref("extensions.facemoods.prtnrId", "_#facemoods.com");
Gelöscht : user_pref("extensions.facemoods.sid", "_#a3521f6715184291a19f521d7a1b40b7");
Gelöscht : user_pref("extensions.facemoods.update", "_#v1.4.0");
Gelöscht : user_pref("extensions.facemoods.vrsn", "_#1.4.17.5");

-\\ Google Chrome v21.0.1180.89

Datei : C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

wenn ich bei den hosts nach incredibar suche finde ich noch
browser.newtab.url;hxxp://mystart.incredibar.com/mb178?a=6PQFK6S14G&loc=FF_NT
ist zwar jetzt nur noch das Einziege was er jetzt noch findet,am Anfang waren es über 50
Beim Öffnen von Firefox seh ich jetzt aber die Seite niegends

cosinus · 10.09.2012, 14:58

Es gibt schon wieder eine neue Version vom adwCleaner
Bitte neu runterladen, die alte Version überschreiben und einen neuen Suchlauf bitte machen

sentinel · 12.09.2012, 00:28

So Hallo sorry das ich gerade so lange brauche ist gerade wegen der schicht so.
hab mir die neue jetzt runtergeladen
hier der bericht

Code:

ATTFilter

# AdwCleaner v2.001 - Datei am 09/12/2012 um 01:21:34 erstellt
# Aktualisiert am 09/09/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Business Service Pack 2 (32 bits)
# Benutzer : **** - ****-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\****\Desktop\adwcleaner2.001.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Gelöscht mit Neustart : C:\Program Files\Common Files\AVG Secure Search

***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v15.0.1 (de)

Profilname : default 
Datei : C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\tl2r70oi.default\prefs.js

Gelöscht : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb178?a=6PQFK6S14G&loc=FF_NT");
Gelöscht : user_pref("extensions.facemoods._xpiupdate", true);
Gelöscht : user_pref("extensions.facemoods.aflt", "_#wbst");
Gelöscht : user_pref("extensions.facemoods.fcmdVrsn", "1.2.7.5.4");
Gelöscht : user_pref("extensions.facemoods.firstRun", false);
Gelöscht : user_pref("extensions.facemoods.first_time", false);
Gelöscht : user_pref("extensions.facemoods.id", "_#320d72ba6f934bb780beda64fbb59c11");
Gelöscht : user_pref("extensions.facemoods.instlDay", "_#15591");
Gelöscht : user_pref("extensions.facemoods.prtnrId", "_#facemoods.com");
Gelöscht : user_pref("extensions.facemoods.sid", "_#320d72ba6f934bb780beda64fbb59c11");
Gelöscht : user_pref("extensions.facemoods.update", "_#v1.4.0");
Gelöscht : user_pref("extensions.facemoods.vrsn", "_#1.4.17.5");

-\\ Google Chrome v21.0.1180.89

Datei : C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [766 octets] - [04/09/2012 21:47:16]
AdwCleaner[R3].txt - [22166 octets] - [05/09/2012 17:15:43]
AdwCleaner[S2].txt - [385 octets] - [05/09/2012 17:18:05]
AdwCleaner[R4].txt - [22286 octets] - [06/09/2012 18:43:27]
AdwCleaner[S3].txt - [385 octets] - [06/09/2012 18:46:20]
AdwCleaner[R5].txt - [22406 octets] - [06/09/2012 18:58:35]
AdwCleaner[S4].txt - [22294 octets] - [06/09/2012 18:58:59]
AdwCleaner[R6].txt - [2389 octets] - [08/09/2012 12:14:05]
AdwCleaner[S5].txt - [2457 octets] - [08/09/2012 12:17:09]
AdwCleaner[R7].txt - [2494 octets] - [12/09/2012 01:21:04]
AdwCleaner[S6].txt - [2433 octets] - [12/09/2012 01:21:35]

########## EOF - C:\AdwCleaner[S6].txt - [2493 octets] ##########

cosinus · 12.09.2012, 00:35

Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

sentinel · 12.09.2012, 00:43

Also ich vermisse jetzt gerade nichts auf meinen Startmenü.
leere Ordner hab ich jetzt auch nicht gesehen.
Müsste den was Fehlen?
Mein Windows geht ohne einschränkungen

cosinus · 12.09.2012, 12:33

Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code:

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf .
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

sentinel · 13.09.2012, 00:29

Code:

ATTFilter

OTL logfile created on: 13.09.2012 00:21:31 - Run 2
OTL by OldTimer - Version 3.2.61.3     Folder = C:\Users\****\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 1,24 Gb Available Physical Memory | 61,97% Memory free
4,22 Gb Paging File | 2,87 Gb Available in Paging File | 67,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 296,07 Gb Total Space | 117,81 Gb Free Space | 39,79% Space Free | Partition Type: NTFS
Drive D: | 2,00 Gb Total Space | 1,93 Gb Free Space | 96,36% Space Free | Partition Type: FAT32
 
Computer Name: ****-PC | User Name: **** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.09.13 00:14:10 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\****\Desktop\OTL.exe
PRC - [2012.08.30 22:23:55 | 000,722,528 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
PRC - [2012.08.13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012.07.31 03:37:02 | 002,596,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.26 14:16:12 | 000,247,768 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2012.07.26 03:23:08 | 000,758,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~2\AVG\AVG2012\avgrsx.exe
PRC - [2012.06.13 03:48:24 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012.05.31 22:19:18 | 000,200,784 | ---- | M] (Somoto) -- C:\Program Files\FilesFrog Update Checker\update_checker.exe
PRC - [2012.05.04 07:37:10 | 000,021,392 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012.03.19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2012.02.23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
PRC - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012.02.14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011.01.25 17:40:22 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010.10.11 11:00:04 | 000,093,752 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\Marketsplash by HP\HPLocalWebPrintAgent.exe
PRC - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009.09.16 18:52:14 | 000,331,776 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files\ArcSoft\TotalMedia Backup\uBBMonitor.exe
PRC - [2009.07.27 16:32:56 | 000,076,344 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
PRC - [2009.07.15 15:44:40 | 000,106,040 | ---- | M] (Hewlett-Packard Development Company L.P.) -- C:\Programme\Hewlett-Packard\Shared\hpCaslNotification.exe
PRC - [2009.06.17 10:56:16 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009.06.17 10:56:14 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.03.26 10:24:22 | 000,346,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Programme\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
PRC - [2009.03.25 02:28:52 | 000,075,024 | ---- | M] (Bioscrypt Inc.) -- C:\Programme\Hewlett-Packard\IAM\Bin\asghost.exe
PRC - [2009.03.02 00:21:32 | 000,567,848 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2009.02.27 08:54:22 | 000,870,672 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2009.02.27 07:38:38 | 000,473,360 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2009.02.20 10:18:54 | 000,256,544 | ---- | M] (SafeBoot International) -- C:\Programme\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
PRC - [2009.01.14 14:01:48 | 000,077,824 | ---- | M] (Hewlett-Packard) -- C:\Programme\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2009.01.14 14:01:12 | 011,223,040 | ---- | M] (Hewlett-Packard) -- C:\Programme\Hewlett-Packard\File Sanitizer\CoreShredder.exe
PRC - [2008.12.11 15:23:08 | 001,456,768 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2008.12.11 15:23:08 | 000,604,776 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.10.03 13:33:12 | 001,185,016 | ---- | M] (AuthenTec, Inc.) -- C:\Programme\Fingerprint Sensor\AtService.exe
PRC - [2008.08.26 16:02:24 | 000,014,336 | ---- | M] (Agere Systems) -- C:\Programme\LSI SoftModem\agrsmsvc.exe
PRC - [2008.07.15 22:09:52 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE
PRC - [2008.07.04 12:52:18 | 000,014,336 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
PRC - [2007.07.24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007.01.04 20:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.08.11 03:42:23 | 000,115,137 | ---- | M] () -- C:\Users\****\AppData\Local\Temp\c25e8b3d-33a7-42bf-85e6-6880c6753136\CliSecureRT.dll
MOD - [2012.06.14 16:07:43 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\508b444db523c5cf20ff12c7f440837b\System.Web.ni.dll
MOD - [2012.06.14 14:42:54 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll
MOD - [2012.06.14 14:42:42 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll
MOD - [2012.06.13 23:37:36 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll
MOD - [2012.06.13 23:30:25 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll
MOD - [2012.06.13 23:30:08 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll
MOD - [2012.06.13 23:29:56 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll
MOD - [2012.06.13 23:29:48 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll
MOD - [2012.05.11 16:56:40 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll
MOD - [2012.05.11 16:52:41 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll
MOD - [2012.05.11 16:43:48 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012.05.11 16:43:40 | 000,679,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\442135bc0b503b42ab2d752c23bea631\System.Security.ni.dll
MOD - [2012.05.11 16:43:36 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll
MOD - [2012.05.11 16:43:19 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\1b337cf9a031145849bc48c11b2cfe58\Accessibility.ni.dll
MOD - [2012.05.11 16:19:52 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012.05.11 16:15:41 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012.05.11 16:14:36 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2012.05.10 23:55:05 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\31fab24c51c0cfe8b8115f24545f169f\System.Runtime.Remoting.ni.dll
MOD - [2012.05.10 23:54:56 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll
MOD - [2012.05.10 23:51:33 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll
MOD - [2012.05.10 23:47:05 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll
MOD - [2012.05.10 23:47:03 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll
MOD - [2012.05.10 23:47:00 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll
MOD - [2012.05.10 23:46:54 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll
MOD - [2012.05.10 23:46:45 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll
MOD - [2012.05.04 07:37:10 | 000,021,392 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2011.09.27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010.03.04 19:51:36 | 001,691,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3321.40317__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2010.03.04 19:51:36 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3321.40301__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2010.03.04 19:51:36 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3321.40319__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2010.03.04 19:51:36 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3321.40378__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2010.03.04 19:51:36 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3321.40314__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2010.03.04 19:51:36 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3321.40343__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2010.03.04 19:51:36 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3321.40308__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2010.03.04 19:51:35 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3321.40399__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2010.03.04 19:51:35 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3321.40363__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2010.03.04 19:51:35 | 000,147,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3321.40398__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2010.03.04 19:51:35 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3321.40400__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2010.03.04 19:51:35 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3321.40363__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2010.03.04 19:51:35 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3321.40308__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2010.03.04 19:51:35 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3321.40357__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2010.03.04 19:51:35 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3321.40362__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2010.03.04 19:51:35 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3321.40398__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2010.03.04 19:51:33 | 000,811,008 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3321.40346__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2010.03.04 19:51:33 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3321.40372__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2010.03.04 19:51:31 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3321.40345__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2010.03.04 19:51:30 | 000,712,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3321.40310__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2010.03.04 19:51:30 | 000,589,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3321.40320__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2010.03.04 19:51:30 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3321.40325__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2010.03.04 19:51:30 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3321.40320__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2010.03.04 19:51:30 | 000,126,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3321.40354__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2010.03.04 19:51:30 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3321.40324__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2010.03.04 19:51:30 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3321.40354__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2010.03.04 19:51:29 | 000,450,560 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3321.40340__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2010.03.04 19:51:29 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3321.40344__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2010.03.04 19:51:29 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3321.40356__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2010.03.04 19:51:29 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3321.40343__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2010.03.04 19:51:29 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3321.40344__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2010.03.04 19:51:29 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3321.40355__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2010.03.04 19:51:29 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3294.18728__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2010.03.04 19:51:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3294.18751__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2010.03.04 19:51:28 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3294.18708__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2010.03.04 19:51:28 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2010.03.04 19:51:28 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3294.18699__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2010.03.04 19:51:28 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3294.18701__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2010.03.04 19:51:28 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3294.18832__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2010.03.04 19:51:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3294.18753__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2010.03.04 19:51:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3294.18737__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2010.03.04 19:51:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3294.18731__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2010.03.04 19:51:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3294.18717__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2010.03.04 19:51:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3294.18709__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2010.03.04 19:51:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3294.18745__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2010.03.04 19:51:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3294.18787__90ba9c70f846762e\DEM.OS.dll
MOD - [2010.03.04 19:51:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2010.03.04 19:51:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3294.18755__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2010.03.04 19:51:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2010.03.04 19:51:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3294.18727__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2010.03.04 19:51:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3294.18787__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2010.03.04 19:51:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3294.18795__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2010.03.04 19:51:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3294.18747__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2010.03.04 19:51:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3294.18794__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2010.03.04 19:51:28 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2010.03.04 19:51:27 | 000,503,808 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3321.40431__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2010.03.04 19:51:27 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3321.40393__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2010.03.04 19:51:27 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3294.18772__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2010.03.04 19:51:27 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3294.18735__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2010.03.04 19:51:27 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3294.18767__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2010.03.04 19:51:27 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3294.18766__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2010.03.04 19:51:27 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3294.18771__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2010.03.04 19:51:27 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3294.18765__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2010.03.04 19:51:27 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3321.40409__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2010.03.04 19:51:27 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3294.18785__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2010.03.04 19:51:27 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3294.18771__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2010.03.04 19:51:27 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3294.18725__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2010.03.04 19:51:27 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3294.18742__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2010.03.04 19:51:27 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3294.18784__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2010.03.04 19:51:27 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3294.18760__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2010.03.04 19:51:27 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3294.18756__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2010.03.04 19:51:27 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3294.18748__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2010.03.04 19:51:27 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3294.18769__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2010.03.04 19:51:27 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2010.03.04 19:51:27 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3294.18720__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2010.03.04 19:51:27 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3294.18757__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2010.03.04 19:51:27 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3294.18746__90ba9c70f846762e\APM.Foundation.dll
MOD - [2010.03.04 19:51:27 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3294.18758__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2010.03.04 19:51:27 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3294.18755__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2010.03.04 19:51:27 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3294.18728__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2010.03.04 19:51:27 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2010.03.04 19:51:27 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2010.03.04 19:51:27 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3321.40297__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2010.03.04 19:51:26 | 001,142,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3321.40305__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2010.03.04 19:51:26 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3321.40314__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2010.03.04 19:51:26 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3321.40298__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2010.03.04 19:51:26 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3321.40391__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2010.03.04 19:51:26 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3321.40300__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2010.03.04 19:51:26 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3294.18750__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2010.03.04 19:51:26 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3294.18714__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2010.03.04 19:51:26 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3294.18740__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2010.03.04 19:51:26 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3294.18748__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2010.03.04 19:51:26 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3294.18745__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2010.03.04 19:51:26 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3294.18744__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2010.03.04 19:51:26 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3294.18774__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2010.03.04 19:51:25 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3321.40392__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2010.03.04 19:51:24 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3321.40299__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2010.03.04 19:51:24 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3321.40298__90ba9c70f846762e\APM.Server.dll
MOD - [2010.03.04 19:51:24 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3321.40297__90ba9c70f846762e\AEM.Server.dll
MOD - [2010.03.04 19:51:24 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009.03.30 06:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.03.30 06:42:12 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2009.03.30 06:42:12 | 000,167,936 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_de_b77a5c561934e089\System.Xml.resources.dll
MOD - [2009.03.30 06:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.02.03 21:00:00 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008.12.18 15:03:42 | 000,020,480 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2008.12.11 15:20:20 | 000,069,697 | ---- | M] () -- C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2008.08.06 16:19:14 | 000,294,912 | ---- | M] () -- C:\Windows\System32\flcdlmsg.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2012.09.11 00:29:28 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.30 22:23:55 | 000,722,528 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe -- (vToolbarUpdater12.2.6)
SRV - [2012.08.20 20:35:41 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.08.13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.26 14:16:14 | 000,092,632 | ---- | M] (TomTom) [Auto | Stopped] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011.11.10 15:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011.02.10 15:29:24 | 000,150,528 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2011.01.25 17:40:22 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.06.17 10:56:16 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTMON.EXE -- (IAANTMON)
SRV - [2009.06.13 20:13:20 | 001,120,752 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2009.03.26 10:13:18 | 000,045,056 | ---- | M] (Hewlett-Packard Development Company, L.P) [On_Demand | Stopped] -- C:\Programme\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2009.03.25 02:22:38 | 000,186,640 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- C:\Programme\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll -- (ASBroker)
SRV - [2009.03.25 02:22:30 | 000,149,776 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- C:\Programme\Hewlett-Packard\IAM\Bin\ASChnl.dll -- (ASChannel)
SRV - [2009.03.02 00:21:32 | 000,567,848 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009.02.27 08:54:22 | 000,870,672 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2009.02.27 07:38:38 | 000,473,360 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2009.02.20 10:18:54 | 000,256,544 | ---- | M] (SafeBoot International) [Auto | Running] -- C:\Programme\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
SRV - [2009.01.14 14:01:48 | 000,077,824 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Programme\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2008.10.03 13:33:12 | 001,185,016 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Programme\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2008.08.26 16:02:24 | 000,014,336 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Programme\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008.08.06 16:24:40 | 000,349,432 | ---- | M] (Hewlett-Packard Ltd) [On_Demand | Stopped] -- C:\Windows\System32\flcdlock.exe -- (FLCDLOCK)
SRV - [2008.07.15 22:09:52 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2008.07.04 12:52:18 | 000,014,336 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2008.01.21 04:23:59 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007.07.24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007.01.04 20:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006.11.03 09:56:28 | 000,920,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.08.30 22:23:56 | 000,027,496 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012.08.24 15:43:18 | 000,301,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012.07.26 03:21:30 | 000,237,408 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.04.19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012.02.24 11:14:42 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012.02.24 11:14:42 | 000,080,824 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012.01.31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011.12.23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011.12.23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011.12.23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011.12.23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2011.12.08 06:22:36 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2011.12.08 06:22:36 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2011.12.08 06:22:36 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2011.09.16 12:54:40 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2010.03.11 23:04:10 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2010.03.11 23:04:10 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010.03.11 23:04:10 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2009.07.08 12:48:38 | 000,025,656 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2009.07.08 12:48:22 | 000,033,848 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2009.07.02 11:40:34 | 001,765,168 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2009.04.29 09:46:54 | 000,015,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2009.04.11 06:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2009.03.04 11:49:22 | 004,232,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2009.02.20 11:20:42 | 000,051,408 | ---- | M] (SafeBoot N.V.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SbAlg.sys -- (SbAlg)
DRV - [2009.02.20 11:20:40 | 000,012,960 | ---- | M] (SafeBoot International) [File_System | Boot | Running] -- C:\Windows\System32\drivers\SbFsLock.sys -- (SbFsLock)
DRV - [2009.02.20 11:20:38 | 000,012,528 | ---- | M] (SafeBoot International) [Kernel | System | Running] -- C:\Windows\System32\drivers\rsvlock.sys -- (RsvLock)
DRV - [2009.02.20 11:20:34 | 000,109,216 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SafeBoot.sys -- (SafeBoot)
DRV - [2009.02.19 21:17:00 | 000,095,760 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.02.03 23:29:00 | 004,303,360 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.11.21 21:53:40 | 001,204,128 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008.10.21 10:22:48 | 000,114,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mdm.sys -- (s0017mdm)
DRV - [2008.10.21 10:22:48 | 000,109,736 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017unic.sys -- (s0017unic)
DRV - [2008.10.21 10:22:48 | 000,108,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mgmt.sys -- (s0017mgmt)
DRV - [2008.10.21 10:22:48 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017obex.sys -- (s0017obex)
DRV - [2008.10.21 10:22:48 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017bus.sys -- (s0017bus)
DRV - [2008.10.21 10:22:48 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017nd5.sys -- (s0017nd5)
DRV - [2008.10.21 10:22:48 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mdfl.sys -- (s0017mdfl)
DRV - [2008.08.06 15:43:30 | 000,032,256 | ---- | M] (Hewlett-Packard Development Company L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DAMDrv.sys -- (DAMDrv)
DRV - [2008.03.17 11:05:30 | 000,101,632 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008.01.21 04:23:46 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007.04.17 21:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-21-494918375-1025223979-4201845435-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-494918375-1025223979-4201845435-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-494918375-1025223979-4201845435-1000\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-494918375-1025223979-4201845435-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-494918375-1025223979-4201845435-1000\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-21-494918375-1025223979-4201845435-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-494918375-1025223979-4201845435-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-494918375-1025223979-4201845435-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-494918375-1025223979-4201845435-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-494918375-1025223979-4201845435-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: leethax@leethax.net:2012.08.28
FF - prefs.js..extensions.enabledAddons: longurlplease@darragh.curran:0.5.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
FF - prefs.js..extensions.enabledItems: {b66bc4c3-6d25-4a10-8c59-01daa9063051}:1.5.5
FF - prefs.js..extensions.enabledItems: foxgame2@foxgame.org:2.0 Beta
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.0.36949
FF - prefs.js..extensions.enabledItems: longurlplease@darragh.curran:0.4.3
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.48.3
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: pickemfirst@pickemfirst.com:2.0.992
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "hxxp://www.google.de/"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\****\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\****\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\****\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\****\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\****\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012.09.11 11:49:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012.07.03 11:21:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.11 00:29:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.09.03 19:01:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.11 00:29:29 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.09.03 19:01:55 | 000,000,000 | ---D | M]
 
[2012.09.02 04:34:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Extensions
[2010.04.28 21:03:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2012.09.06 18:59:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\tl2r70oi.default\extensions
[2012.07.31 16:32:42 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\tl2r70oi.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.09.02 01:56:01 | 000,002,443 | ---- | M] () (No name found) -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\extensions\aboutconfigbutton@firefox.xpi
[2011.08.18 10:54:44 | 000,025,939 | ---- | M] () (No name found) -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\extensions\ffxtlbr@Facemoods.com.xpi
[2012.08.30 21:22:05 | 000,021,524 | ---- | M] () (No name found) -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\extensions\leethax@leethax.net.xpi
[2012.03.26 18:34:18 | 000,008,503 | ---- | M] () (No name found) -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\extensions\longurlplease@darragh.curran.xpi
[2012.04.06 01:06:24 | 000,138,040 | ---- | M] () (No name found) -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\extensions\pickemfirst@pickemfirst.com.xpi
[2012.07.31 16:32:42 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.02.17 22:33:05 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2011.07.19 16:15:08 | 000,002,023 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\badoo.xml
[2012.09.06 22:33:09 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-1.xml
[2011.08.18 11:06:57 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-10.xml
[2011.09.18 10:20:28 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-11.xml
[2011.11.06 01:29:22 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-12.xml
[2011.12.13 18:33:30 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-13.xml
[2012.02.11 16:46:33 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-14.xml
[2012.06.10 11:56:51 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-15.xml
[2012.08.06 14:49:09 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-16.xml
[2011.03.06 16:29:13 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-2.xml
[2011.03.26 13:38:44 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-3.xml
[2011.04.06 03:04:40 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-4.xml
[2011.04.07 23:05:48 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-5.xml
[2011.05.16 00:12:03 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-6.xml
[2011.06.23 12:43:07 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-7.xml
[2011.07.19 16:15:14 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-8.xml
[2011.07.21 16:50:19 | 000,000,656 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-9.xml
[2011.02.22 00:28:05 | 000,001,056 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin.xml
[2012.09.02 04:34:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2012.07.18 10:22:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.09.11 00:29:29 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.03.22 20:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012.09.11 00:29:26 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.11 00:29:26 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.09.11 00:29:26 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.09.11 00:29:26 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.07 16:56:01 | 000,002,134 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\search.xml
[2012.09.11 00:29:26 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.09.11 00:29:26 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.de/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.de/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\****\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\****\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\****\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\****\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\****\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\****\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\****\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\****\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: AVG Safe Search = C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\
CHR - Extension: AVG Do Not Track = C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
 
O1 HOSTS File: ([2011.12.22 16:11:00 | 000,000,759 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (BHO_Startup Class) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Programme\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Programme\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-494918375-1025223979-4201845435-1000\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CognizanceTS] C:\Programme\Hewlett-Packard\IAM\Bin\ASTSVCC.dll (Bioscrypt Inc.)
O4 - HKLM..\Run: [File Sanitizer] C:\Programme\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] "C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 File not found
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-494918375-1025223979-4201845435-1000..\Run: [Facebook Update] C:\Users\****\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-494918375-1025223979-4201845435-1000..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-494918375-1025223979-4201845435-1000..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKU\S-1-5-21-494918375-1025223979-4201845435-1000..\Run: [SDP] C:\Program Files\FilesFrog Update Checker\update_checker.exe (Somoto)
O4 - HKU\S-1-5-21-494918375-1025223979-4201845435-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKLM..\RunOnceEx: [ContentMerger] C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe (Sonic Solutions)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F44386DA-10CC-45AD-B4F8-0100C52F8FE1}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - AppInit_DLLs: (APSHook.dll) - C:\Windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - C:\Windows\System32\DeviceNP.dll (Hewlett-Packard Limited)
O24 - Desktop WallPaper: C:\Users\****\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\****\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{33e7011a-27ab-11df-943d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{33e7011a-27ab-11df-943d-806e6f6e6963}\Shell\AutoRun\command - "" = E:\SWSETUP\APPINSTL\setup.exe
O33 - MountPoints2\{3d2cf736-3cdd-11df-a098-00247eea8a5f}\Shell - "" = AutoRun
O33 - MountPoints2\{3d2cf736-3cdd-11df-a098-00247eea8a5f}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{3d2cf737-3cdd-11df-a098-00247eea8a5f}\Shell - "" = AutoRun
O33 - MountPoints2\{3d2cf737-3cdd-11df-a098-00247eea8a5f}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{3d2cf738-3cdd-11df-a098-00247eea8a5f}\Shell - "" = AutoRun
O33 - MountPoints2\{3d2cf738-3cdd-11df-a098-00247eea8a5f}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{3d2cf73d-3cdd-11df-a098-00247eea8a5f}\Shell - "" = AutoRun
O33 - MountPoints2\{3d2cf73d-3cdd-11df-a098-00247eea8a5f}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{40ade719-2d3f-11df-b1fa-0280370c0300}\Shell\AutoRun\command - "" = F:\pccompanion\Startme.exe
O33 - MountPoints2\{40ade719-2d3f-11df-b1fa-0280370c0300}\Shell\menu1\command - "" = F:\pccompanion\Startme.exe
O33 - MountPoints2\{5a46031c-419c-11e0-b6b5-18a90588085b}\Shell - "" = AutoRun
O33 - MountPoints2\{5a46031c-419c-11e0-b6b5-18a90588085b}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{5a46031d-419c-11e0-b6b5-18a90588085b}\Shell - "" = AutoRun
O33 - MountPoints2\{5a46031d-419c-11e0-b6b5-18a90588085b}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{76ce815d-0cf0-11e0-b757-00247eea8a5f}\Shell - "" = AutoRun
O33 - MountPoints2\{76ce815d-0cf0-11e0-b757-00247eea8a5f}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{76ce815e-0cf0-11e0-b757-00247eea8a5f}\Shell - "" = AutoRun
O33 - MountPoints2\{76ce815e-0cf0-11e0-b757-00247eea8a5f}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{8d9ace92-ac86-11df-9b4d-18a90588085b}\Shell\AutoRun\command - "" = G:\Toshiba\more4you.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk - C:\PROGRA~2\MCAFEE~1\20DEB9~1.181\SSSCHE~1.EXE - (McAfee, Inc.)
MsConfig - StartUpReg: Adobe Photo Downloader - hkey= - key= - C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Badoo Desktop - hkey= - key= - C:\ProgramData\Badoo\Badoo Desktop\1.5.3.949\Badoo.Desktop.exe (Badoo)
MsConfig - StartUpReg: facemoods - hkey= - key= -  File not found
MsConfig - StartUpReg: ICQ - hkey= - key= - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: KiesHelper - hkey= - key= - C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
MsConfig - StartUpReg: KiesPDLR - hkey= - key= - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
MsConfig - StartUpReg: KiesTrayAgent - hkey= - key= - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig - StartUpReg: LightScribe Control Panel - hkey= - key= - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
MsConfig - StartUpReg: MobileConnect - hkey= - key= -  File not found
MsConfig - StartUpReg: PhonostarAgent - hkey= - key= - C:\Program Files\phonostar\ps_agent.exe (phonostar)
MsConfig - StartUpReg: PhonostarTimer - hkey= - key= - C:\Program Files\phonostar\ps_timer.exe (phonostar)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: Sony Ericsson PC Companion - hkey= - key= - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson)
MsConfig - StartUpReg: Sony PC Companion - hkey= - key= - C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)
MsConfig - StartUpReg: TomTomHOME.exe - hkey= - key= - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
MsConfig - StartUpReg: WindowsWelcomeCenter - hkey= - key= -  File not found
 
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.13 00:14:06 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Users\****\Desktop\OTL.exe
[2012.09.11 11:49:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012.09.06 18:36:41 | 000,000,000 | ---D | C] -- C:\Program Files\RegCleaner
[2012.09.06 18:23:51 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Systweak
[2012.09.05 20:27:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.09.05 20:25:32 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.09.05 20:25:19 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.09.05 16:45:25 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012.09.05 16:45:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.09.05 16:45:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.09.01 22:17:38 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.08.31 20:57:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.08.31 20:57:19 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.08.30 22:23:56 | 000,027,496 | ---- | C] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2012.08.27 22:40:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio
[2012.08.27 22:40:48 | 000,049,664 | ---- | C] (CamStudio Group) -- C:\Windows\System32\CamCodec.dll
[2012.08.27 22:40:48 | 000,000,000 | ---D | C] -- C:\Program Files\CamStudio 2.6b
[2012.08.24 15:43:18 | 000,301,920 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2007.08.13 18:46:00 | 000,102,912 | ---- | C] (Albert L Faber) -- C:\Users\****\AppData\Local\CDRip.dll
[2007.01.18 22:09:54 | 000,623,616 | ---- | C] (Ivan Bischof ©2003 - 2005) -- C:\Users\****\AppData\Local\No23 Recorder.exe
[2006.12.11 20:13:14 | 000,013,872 | ---- | C] (Un4seen Developments) -- C:\Users\****\AppData\Local\basscd.dll
[2006.12.11 20:13:12 | 000,097,336 | ---- | C] (Un4seen Developments) -- C:\Users\****\AppData\Local\bass.dll
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.13 00:14:10 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\****\Desktop\OTL.exe
[2012.09.13 00:12:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-494918375-1025223979-4201845435-1000UA.job
[2012.09.12 23:35:15 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.12 23:10:49 | 001,564,346 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.09.12 23:10:49 | 000,596,200 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.09.12 23:10:49 | 000,434,458 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.09.12 23:10:49 | 000,104,274 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.09.12 23:09:00 | 094,624,612 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012.09.12 23:06:34 | 000,000,433 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2012.09.12 23:05:19 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2012.09.12 23:05:17 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.12 23:05:17 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.12 23:05:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.12 23:05:08 | 2139,381,760 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.12 13:01:02 | 000,003,204 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.09.12 01:54:02 | 000,001,138 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-494918375-1025223979-4201845435-1000UA.job
[2012.09.12 01:16:19 | 000,512,399 | ---- | M] () -- C:\Users\****\Desktop\adwcleaner2.001.exe
[2012.09.11 11:49:48 | 000,000,858 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012.09.09 22:54:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-494918375-1025223979-4201845435-1000Core.job
[2012.09.09 22:12:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-494918375-1025223979-4201845435-1000Core.job
[2012.09.06 17:24:38 | 000,594,282 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012.09.05 20:27:26 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.09.05 16:45:25 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.09.04 21:49:20 | 000,001,853 | ---- | M] () -- C:\Users\****\Desktop\Entfernen des Avira DE-Cleaners.lnk
[2012.09.04 21:49:20 | 000,001,782 | ---- | M] () -- C:\Users\****\Desktop\Avira DE-Cleaner.lnk
[2012.09.02 13:40:02 | 000,001,026 | ---- | M] () -- C:\Users\****\Desktop\ESETS.zip
[2012.09.01 12:50:06 | 000,000,642 | ---- | M] () -- C:\Users\****\Desktop\gmer txt.7z
[2012.09.01 12:44:32 | 000,018,244 | ---- | M] () -- C:\Users\****\Desktop\otl txt.zip
[2012.09.01 09:49:54 | 000,302,592 | ---- | M] () -- C:\Users\****\Desktop\63ytbill.exe
[2012.09.01 09:01:15 | 000,000,000 | ---- | M] () -- C:\Users\****\defogger_reenable
[2012.08.31 20:57:22 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.08.30 22:23:56 | 000,027,496 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2012.08.29 16:24:42 | 000,017,832 | ---- | M] (Systweak Inc., (www.systweak.com)) -- C:\Windows\System32\roboot.exe
[2012.08.27 22:40:52 | 000,000,784 | ---- | M] () -- C:\Users\Public\Desktop\CamStudio-Recorder.lnk
[2012.08.24 15:43:18 | 000,301,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2012.08.21 16:46:25 | 000,306,192 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2012.09.12 01:16:53 | 000,512,399 | ---- | C] () -- C:\Users\****\Desktop\adwcleaner2.001.exe
[2012.09.05 20:27:26 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.09.05 16:45:25 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.09.03 20:36:45 | 000,001,853 | ---- | C] () -- C:\Users\****\Desktop\Entfernen des Avira DE-Cleaners.lnk
[2012.09.03 20:36:45 | 000,001,782 | ---- | C] () -- C:\Users\****\Desktop\Avira DE-Cleaner.lnk
[2012.09.02 13:40:02 | 000,001,026 | ---- | C] () -- C:\Users\****\Desktop\ESETS.zip
[2012.09.01 12:50:06 | 000,000,642 | ---- | C] () -- C:\Users\****\Desktop\gmer txt.7z
[2012.09.01 12:44:32 | 000,018,244 | ---- | C] () -- C:\Users\****\Desktop\otl txt.zip
[2012.09.01 09:49:53 | 000,302,592 | ---- | C] () -- C:\Users\****\Desktop\63ytbill.exe
[2012.09.01 09:01:15 | 000,000,000 | ---- | C] () -- C:\Users\****\defogger_reenable
[2012.08.31 20:57:22 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.08.27 22:40:52 | 000,000,784 | ---- | C] () -- C:\Users\Public\Desktop\CamStudio-Recorder.lnk
[2011.11.11 00:04:33 | 000,011,177 | ---- | C] () -- C:\Users\****\.TransferManager.db
[2011.09.16 12:54:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.09.16 12:54:44 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.09.16 12:54:44 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.09.16 12:54:44 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.09.16 12:54:44 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011.05.24 16:00:45 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.04.29 22:58:31 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.01.06 22:44:12 | 000,000,280 | ---- | C] () -- C:\Windows\game.ini
[2010.12.11 01:55:33 | 000,001,450 | ---- | C] () -- C:\Users\****\AppData\Local\RecConfig.xml
[2010.05.12 22:36:38 | 000,120,832 | ---- | C] () -- C:\Users\****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.11 19:58:34 | 000,000,000 | ---- | C] () -- C:\Users\****\AppData\Local\prvlcl.dat
[2010.03.11 00:09:30 | 000,002,984 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.03.11 00:09:30 | 000,000,008 | RHS- | C] () -- C:\ProgramData\28A5752D6E.sys
[2010.03.04 19:44:26 | 000,007,512 | ---- | C] () -- C:\Users\****\AppData\Local\d3d9caps.dat
[2008.06.23 13:02:02 | 000,097,410 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2008.05.23 17:48:50 | 000,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml
[2007.08.13 18:46:00 | 000,155,136 | ---- | C] () -- C:\Users\****\AppData\Local\lame_enc.dll
[2006.10.26 02:06:48 | 000,064,000 | ---- | C] () -- C:\Users\****l\AppData\Local\vorbisenc.dll
[2006.10.26 02:06:48 | 000,019,456 | ---- | C] () -- C:\Users\****\AppData\Local\vorbisfile.dll
[2006.10.26 02:06:46 | 000,143,872 | ---- | C] () -- C:\Users\****\AppData\Local\vorbis.dll
[2006.10.26 02:06:36 | 000,015,872 | ---- | C] () -- C:\Users\****\AppData\Local\ogg.dll
[2005.08.23 23:34:06 | 000,029,184 | ---- | C] () -- C:\Users\****\AppData\Local\no23xwrapper.dll
 
========== LOP Check ==========
 
[2011.10.29 12:51:00 | 000,000,000 | -HSD | M] -- C:\Users\****\AppData\Roaming\.#
[2011.05.11 20:12:26 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\AnvSoft
[2010.05.23 14:16:36 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Ashampoo
[2012.06.05 16:27:24 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\AVG2012
[2012.07.07 16:56:44 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Broad Intelligence
[2011.07.23 04:42:43 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\go
[2011.07.27 09:41:31 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\ICQ
[2010.10.31 04:19:04 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Leadertech
[2010.05.18 00:57:53 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Merscom
[2010.12.01 14:58:48 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\OpenOffice.org
[2011.02.26 14:32:05 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\phonostar GmbH
[2012.05.31 21:25:09 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\phonostar-Player
[2010.09.22 14:34:21 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\ProtectDISC
[2011.05.11 20:13:14 | 000,000,000 | ---D | M] -- C:\Users\****l\AppData\Roaming\Reviversoft
[2011.11.06 03:05:09 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Samsung
[2012.09.08 12:06:44 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Systweak
[2012.04.20 17:03:18 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Temp
[2010.04.28 21:03:32 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\TomTom
[2012.08.06 18:28:44 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\TuneUp Software
[2012.07.07 17:38:22 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Video DVD Maker FREE
[2010.03.31 18:51:00 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Vodafone
[2010.03.04 22:22:16 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\{8126D2ED-1984-4573-9D57-97637E10C716}
[2012.09.09 22:54:00 | 000,001,116 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-494918375-1025223979-4201845435-1000Core.job
[2012.09.12 01:54:02 | 000,001,138 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-494918375-1025223979-4201845435-1000UA.job
[2012.09.12 13:01:07 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2011.10.29 12:51:00 | 000,000,000 | -HSD | M] -- C:\Users\****\AppData\Roaming\.#
[2011.08.31 18:53:07 | 000,000,000 | ---D | M] -- C:\Users\****l\AppData\Roaming\Adobe
[2011.05.11 20:12:26 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\AnvSoft
[2012.05.11 16:15:13 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Apple Computer
[2010.04.17 04:41:31 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\ArcSoft
[2010.05.23 14:16:36 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Ashampoo
[2010.03.04 20:52:21 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\ATI
[2012.06.05 16:27:24 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\AVG2012
[2012.07.07 16:56:44 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Broad Intelligence
[2010.03.11 00:09:28 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Corel
[2011.01.30 19:30:31 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\dvdcss
[2011.07.23 04:42:43 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\go
[2011.10.31 14:25:37 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Hewlett-Packard
[2010.03.10 00:29:26 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\hpqLog
[2012.01.20 18:06:26 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\HpUpdate
[2011.07.27 09:41:31 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\ICQ
[2010.03.04 19:44:34 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Identities
[2010.03.04 20:07:57 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\InstallShield
[2010.03.04 21:05:11 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Intel
[2010.10.31 04:19:04 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Leadertech
[2010.03.09 22:40:23 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Macromedia
[2012.08.06 18:36:20 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Malwarebytes
[2010.05.18 00:57:53 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Merscom
[2011.08.31 18:53:07 | 000,000,000 | --SD | M] -- C:\Users\****\AppData\Roaming\Microsoft
[2012.09.11 23:13:12 | 000,000,000 | ---D | M] -- C:\Users\****l\AppData\Roaming\Mozilla
[2010.12.01 14:58:48 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\OpenOffice.org
[2011.02.26 14:32:05 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\phonostar GmbH
[2012.05.31 21:25:09 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\phonostar-Player
[2010.09.22 14:34:21 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\ProtectDISC
[2011.07.23 07:52:59 | 000,000,000 | ---D | M] -- C:\Users\****l\AppData\Roaming\Real
[2011.05.11 20:13:14 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Reviversoft
[2011.11.06 03:35:52 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Roxio
[2011.11.06 03:05:09 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Samsung
[2012.07.17 14:56:58 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Skype
[2011.05.29 03:08:43 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\skypePM
[2012.09.08 12:06:44 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Systweak
[2012.04.20 17:03:18 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Temp
[2010.04.28 21:03:32 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\TomTom
[2012.08.06 18:28:44 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\TuneUp Software
[2012.07.07 17:38:22 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Video DVD Maker FREE
[2012.07.07 13:31:50 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\vlc
[2010.03.31 18:51:00 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Vodafone
[2012.08.07 12:40:30 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Winamp
[2011.01.02 19:18:58 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\WinRAR
[2010.03.04 22:22:16 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\{8126D2ED-1984-4573-9D57-97637E10C716}
 
< %APPDATA%\*.exe /s >
[2010.12.11 01:36:29 | 000,003,262 | R--- | M] () -- C:\Users\****\AppData\Roaming\Microsoft\Installer\{22B0E143-2B0B-435B-9F56-136A3D16065F}\controlPanelIcon.exe
[2010.12.11 01:36:29 | 000,010,134 | R--- | M] () -- C:\Users\****\AppData\Roaming\Microsoft\Installer\{22B0E143-2B0B-435B-9F56-136A3D16065F}\SystemFolder_msiexec.exe
[2010.03.04 20:40:28 | 000,011,758 | R--- | M] () -- C:\Users\****\AppData\Roaming\Microsoft\Installer\{485D80AA-AFD9-4FF1-91D4-A44978B99F3D}\ARPPRODUCTICON.exe
[2010.03.04 19:48:57 | 000,010,134 | R--- | M] () -- C:\Users\****\AppData\Roaming\Microsoft\Installer\{4A961841-85E4-F441-8C99-17657E860243}\ARPPRODUCTICON.exe
[2010.03.04 22:25:31 | 000,010,134 | R--- | M] () -- C:\Users\****\AppData\Roaming\Microsoft\Installer\{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}\ARPPRODUCTICON.exe
[2011.08.19 22:05:47 | 000,583,168 | ---- | M] () -- C:\Users\****\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\uno_packages\C919.tmp_\sun-pdfimport_1.0.1.oxt\xpdfimport.exe
[2012.04.01 20:41:44 | 000,106,408 | ---- | M] () -- C:\Users\****\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\AGENT\AgentInstaller.exe
[2012.04.01 20:41:44 | 000,101,288 | ---- | M] () -- C:\Users\****\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\AGENT\AgentUpdate.exe
[2012.04.01 20:41:44 | 000,021,416 | ---- | M] () -- C:\Users\****\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\AGENT\KiesPDLR.exe
[2012.04.04 07:05:14 | 000,954,256 | ---- | M] (Samsung) -- C:\Users\****\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\Kies.exe
[2012.04.04 07:05:18 | 000,278,928 | ---- | M] () -- C:\Users\****\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesDriverInstaller.exe
[2012.03.29 07:13:22 | 000,309,760 | ---- | M] (Samsung) -- C:\Users\****\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesLogger.exe
[2012.04.04 07:05:16 | 003,521,424 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\****\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesTrayAgent.exe
[2012.03.29 07:12:02 | 000,694,784 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\****\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\DeviceManager.exe
[2012.04.04 07:05:20 | 000,067,472 | ---- | M] (Samsung) -- C:\Users\****\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\Kies_Tutorial.exe
[2012.03.29 07:11:38 | 000,106,920 | ---- | M] () -- C:\Users\****\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\AgentInstaller.exe
[2012.03.29 07:11:38 | 000,101,288 | ---- | M] () -- C:\Users\****\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\AgentUpdate.exe
[2012.04.04 07:05:26 | 000,183,696 | ---- | M] () -- C:\Users\****\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.04.04 07:05:28 | 000,021,392 | ---- | M] () -- C:\Users\****\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\KiesPDLR.exe
[2012.04.04 07:05:30 | 003,570,312 | ---- | M] (Freeware) -- C:\Users\****l\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\MediaModules\MyFreeCodecPack.exe
[2012.04.04 07:05:32 | 000,371,088 | ---- | M] (ml) -- C:\Users\****\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2012.05.04 07:37:12 | 000,371,088 | ---- | M] (ml) -- C:\Users\****\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2004.08.04 15:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2004.08.04 10:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\Windows.old\Windows\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\Windows.old\Windows\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\Windows.old\Windows\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Windows.old\Windows\ServicePackFiles\i386\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Windows.old\Windows\system32\drivers\agp440.sys
[2008.01.21 04:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2004.08.04 15:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2004.08.04 10:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\Windows.old\Windows\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\Windows.old\Windows\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\Windows.old\Windows\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.03.12 08:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2008.03.12 08:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2009.02.12 07:43:59 | 000,019,936 | ---- | M] (Microsoft Corporation) MD5=0FD275041F8B2197EE964361B4192A18 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_90788e4d\atapi.sys
[2009.02.12 07:43:59 | 000,019,936 | ---- | M] (Microsoft Corporation) MD5=0FD275041F8B2197EE964361B4192A18 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22375_none_dd7b1aaf3adbaafe\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:26 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:26 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.08.16 14:03:39 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=66A1A71D66C5235A31C16F30147E7AF6 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_181d523c\atapi.sys
[2008.08.16 14:03:39 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=66A1A71D66C5235A31C16F30147E7AF6 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22245_none_dd9b888d3ac35a04\atapi.sys
[2008.03.12 08:24:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\Windows.old\Windows\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\Windows.old\Windows\system32\drivers\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\Windows.old\Windows\ServicePackFiles\i386\eventlog.dll
[2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\Windows.old\Windows\system32\eventlog.dll
 
< MD5 for: IASTOR.SYS  >
[2009.06.05 04:54:36 | 000,408,600 | R--- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IASTOR.SYS
[2009.06.04 20:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Programme\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2009.06.04 20:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\SwSetup\INTELMSM\Winall\Driver64\IaStor.sys
[2009.06.05 04:43:16 | 000,330,264 | R--- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IASTOR.SYS
[2009.06.04 20:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Programme\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2009.06.04 20:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\SwSetup\HDD\IaStor.sys
[2009.06.04 20:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\SwSetup\INTELMSM\Winall\Driver\IaStor.sys
[2009.06.04 20:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows.old\Windows\system32\drivers\iaStor.sys
[2009.06.04 20:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows.old\Windows\system32\DRVSTORE\iaAHCI_FA6613FD999924550224249B1E2A0EE6D03CC2D4\iaStor.sys
[2009.06.04 20:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows.old\Windows\system32\ReinstallBackups\0000\DriverFiles\iaStor.sys
[2009.06.05 04:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows\System32\drivers\iaStor.sys
[2009.06.05 04:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_0813ee45\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:23:47 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:47 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:47 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\Windows.old\Windows\ServicePackFiles\i386\netlogon.dll
[2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\Windows.old\Windows\system32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:31 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:45 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:45 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:45 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:25:18 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\Windows.old\Windows\ServicePackFiles\i386\scecli.dll
[2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\Windows.old\Windows\system32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.04.14 07:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\Windows.old\Windows\ServicePackFiles\i386\user32.dll
[2008.04.14 07:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\Windows.old\Windows\system32\user32.dll
[2008.01.21 04:24:47 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:25:16 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:25:16 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008.04.14 07:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\Windows.old\Windows\ServicePackFiles\i386\userinit.exe
[2008.04.14 07:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\Windows.old\Windows\system32\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.21 04:24:09 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 04:24:09 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.01.21 04:25:17 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[2008.04.14 07:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\Windows.old\Windows\ServicePackFiles\i386\winlogon.exe
[2008.04.14 07:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\Windows.old\Windows\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2004.08.04 10:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\Windows.old\Windows\system32\drivers\ws2ifsl.sys
[2008.01.21 04:25:11 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:25:11 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.02.20 11:20:34 | 000,109,216 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\SafeBoot.sys
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:20:25 | 017,223,680 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:20:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:20:25 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2009.02.03 21:02:00 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 628 bytes -> C:\Users\****\Desktop\Nachricht 1.eml:OECustomProperty
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:91CF76E3
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:0D31DA45

< End of report >

cosinus · 13.09.2012, 15:53

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!!

Code:

ATTFilter

:OTL
FF - user.js - File not found
IE - HKU\S-1-5-21-494918375-1025223979-4201845435-1000\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-494918375-1025223979-4201845435-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-494918375-1025223979-4201845435-1000\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-21-494918375-1025223979-4201845435-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[2012.07.31 16:32:42 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\tl2r70oi.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.09.02 01:56:01 | 000,002,443 | ---- | M] () (No name found) -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\extensions\aboutconfigbutton@firefox.xpi
[2011.08.18 10:54:44 | 000,025,939 | ---- | M] () (No name found) -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\extensions\ffxtlbr@Facemoods.com.xpi
[2011.07.19 16:15:08 | 000,002,023 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\badoo.xml
[2012.09.06 22:33:09 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-1.xml
[2011.08.18 11:06:57 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-10.xml
[2011.09.18 10:20:28 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-11.xml
[2011.11.06 01:29:22 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-12.xml
[2011.12.13 18:33:30 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-13.xml
[2012.02.11 16:46:33 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-14.xml
[2012.06.10 11:56:51 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-15.xml
[2012.08.06 14:49:09 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-16.xml
[2011.03.06 16:29:13 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-2.xml
[2011.03.26 13:38:44 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-3.xml
[2011.04.06 03:04:40 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-4.xml
[2011.04.07 23:05:48 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-5.xml
[2011.05.16 00:12:03 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-6.xml
[2011.06.23 12:43:07 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-7.xml
[2011.07.19 16:15:14 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-8.xml
[2011.07.21 16:50:19 | 000,000,656 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-9.xml
[2011.02.22 00:28:05 | 000,001,056 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin.xml
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-494918375-1025223979-4201845435-1000\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{33e7011a-27ab-11df-943d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{33e7011a-27ab-11df-943d-806e6f6e6963}\Shell\AutoRun\command - "" = E:\SWSETUP\APPINSTL\setup.exe
O33 - MountPoints2\{3d2cf736-3cdd-11df-a098-00247eea8a5f}\Shell - "" = AutoRun
O33 - MountPoints2\{3d2cf736-3cdd-11df-a098-00247eea8a5f}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{3d2cf737-3cdd-11df-a098-00247eea8a5f}\Shell - "" = AutoRun
O33 - MountPoints2\{3d2cf737-3cdd-11df-a098-00247eea8a5f}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{3d2cf738-3cdd-11df-a098-00247eea8a5f}\Shell - "" = AutoRun
O33 - MountPoints2\{3d2cf738-3cdd-11df-a098-00247eea8a5f}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{3d2cf73d-3cdd-11df-a098-00247eea8a5f}\Shell - "" = AutoRun
O33 - MountPoints2\{3d2cf73d-3cdd-11df-a098-00247eea8a5f}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{40ade719-2d3f-11df-b1fa-0280370c0300}\Shell\AutoRun\command - "" = F:\pccompanion\Startme.exe
O33 - MountPoints2\{40ade719-2d3f-11df-b1fa-0280370c0300}\Shell\menu1\command - "" = F:\pccompanion\Startme.exe
O33 - MountPoints2\{5a46031c-419c-11e0-b6b5-18a90588085b}\Shell - "" = AutoRun
O33 - MountPoints2\{5a46031c-419c-11e0-b6b5-18a90588085b}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{5a46031d-419c-11e0-b6b5-18a90588085b}\Shell - "" = AutoRun
O33 - MountPoints2\{5a46031d-419c-11e0-b6b5-18a90588085b}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{76ce815d-0cf0-11e0-b757-00247eea8a5f}\Shell - "" = AutoRun
O33 - MountPoints2\{76ce815d-0cf0-11e0-b757-00247eea8a5f}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{76ce815e-0cf0-11e0-b757-00247eea8a5f}\Shell - "" = AutoRun
O33 - MountPoints2\{76ce815e-0cf0-11e0-b757-00247eea8a5f}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{8d9ace92-ac86-11df-9b4d-18a90588085b}\Shell\AutoRun\command - "" = G:\Toshiba\more4you.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:91CF76E3
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:0D31DA45
:Files
C:\Program Files\Windows iLivid Toolbar
C:\Users\Jandl\AppData\Roaming\OpenCandy
C:\Users\Jandl\Desktop\Nero Burning ROM v8.0.3.0\Toolbar.exe
C:\Users\Jandl\Desktop\Neuer Ordner\FloriSetup.exe
C:\Users\Jandl\Downloads\Facemoods.exe
C:\Users\Jandl\Downloads\SoftonicDownloader*
C:\Program Files\BabylonToolbar
C:\Users\****\AppData\Roaming\.#
C:\Users\****\AppData\Roaming\{*
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

sentinel · 13.09.2012, 22:24

Code:

ATTFilter

All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-494918375-1025223979-4201845435-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-494918375-1025223979-4201845435-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Program Files\ICQ6Toolbar\ICQToolBar.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-494918375-1025223979-4201845435-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
Registry key HKEY_USERS\S-1-5-21-494918375-1025223979-4201845435-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\tl2r70oi.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\tl2r70oi.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\tl2r70oi.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\tl2r70oi.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\tl2r70oi.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\tl2r70oi.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\tl2r70oi.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\tl2r70oi.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\tl2r70oi.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\tl2r70oi.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\tl2r70oi.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\tl2r70oi.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\tl2r70oi.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\tl2r70oi.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\tl2r70oi.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\tl2r70oi.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\tl2r70oi.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\tl2r70oi.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\tl2r70oi.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\tl2r70oi.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\tl2r70oi.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\tl2r70oi.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\extensions\aboutconfigbutton@firefox.xpi moved successfully.
C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\extensions\ffxtlbr@Facemoods.com.xpi moved successfully.
C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\badoo.xml moved successfully.
C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-13.xml moved successfully.
C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-14.xml moved successfully.
C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-15.xml moved successfully.
C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-16.xml moved successfully.
C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\tl2r70oi.default\searchplugins\icqplugin.xml moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_USERS\S-1-5-21-494918375-1025223979-4201845435-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{33e7011a-27ab-11df-943d-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33e7011a-27ab-11df-943d-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{33e7011a-27ab-11df-943d-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33e7011a-27ab-11df-943d-806e6f6e6963}\ not found.
File E:\SWSETUP\APPINSTL\setup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3d2cf736-3cdd-11df-a098-00247eea8a5f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d2cf736-3cdd-11df-a098-00247eea8a5f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3d2cf736-3cdd-11df-a098-00247eea8a5f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d2cf736-3cdd-11df-a098-00247eea8a5f}\ not found.
File F:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3d2cf737-3cdd-11df-a098-00247eea8a5f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d2cf737-3cdd-11df-a098-00247eea8a5f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3d2cf737-3cdd-11df-a098-00247eea8a5f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d2cf737-3cdd-11df-a098-00247eea8a5f}\ not found.
File F:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3d2cf738-3cdd-11df-a098-00247eea8a5f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d2cf738-3cdd-11df-a098-00247eea8a5f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3d2cf738-3cdd-11df-a098-00247eea8a5f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d2cf738-3cdd-11df-a098-00247eea8a5f}\ not found.
File F:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3d2cf73d-3cdd-11df-a098-00247eea8a5f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d2cf73d-3cdd-11df-a098-00247eea8a5f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3d2cf73d-3cdd-11df-a098-00247eea8a5f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d2cf73d-3cdd-11df-a098-00247eea8a5f}\ not found.
File G:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{40ade719-2d3f-11df-b1fa-0280370c0300}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40ade719-2d3f-11df-b1fa-0280370c0300}\ not found.
File F:\pccompanion\Startme.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{40ade719-2d3f-11df-b1fa-0280370c0300}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40ade719-2d3f-11df-b1fa-0280370c0300}\ not found.
File F:\pccompanion\Startme.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a46031c-419c-11e0-b6b5-18a90588085b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5a46031c-419c-11e0-b6b5-18a90588085b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a46031c-419c-11e0-b6b5-18a90588085b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5a46031c-419c-11e0-b6b5-18a90588085b}\ not found.
File F:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a46031d-419c-11e0-b6b5-18a90588085b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5a46031d-419c-11e0-b6b5-18a90588085b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a46031d-419c-11e0-b6b5-18a90588085b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5a46031d-419c-11e0-b6b5-18a90588085b}\ not found.
File F:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{76ce815d-0cf0-11e0-b757-00247eea8a5f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{76ce815d-0cf0-11e0-b757-00247eea8a5f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{76ce815d-0cf0-11e0-b757-00247eea8a5f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{76ce815d-0cf0-11e0-b757-00247eea8a5f}\ not found.
File G:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{76ce815e-0cf0-11e0-b757-00247eea8a5f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{76ce815e-0cf0-11e0-b757-00247eea8a5f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{76ce815e-0cf0-11e0-b757-00247eea8a5f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{76ce815e-0cf0-11e0-b757-00247eea8a5f}\ not found.
File F:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8d9ace92-ac86-11df-9b4d-18a90588085b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8d9ace92-ac86-11df-9b4d-18a90588085b}\ not found.
File G:\Toshiba\more4you.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found.
File F:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ not found.
File G:\setup_vmc_lite.exe /checkApplicationPresence not found.
ADS C:\ProgramData\TEMP:91CF76E3 deleted successfully.
ADS C:\ProgramData\TEMP:0D31DA45 deleted successfully.
========== FILES ==========
File\Folder C:\Program Files\Windows iLivid Toolbar not found.
File\Folder C:\Users\****\AppData\Roaming\OpenCandy not found.
C:\Users\****\Desktop\Nero Burning ROM v8.0.3.0\Toolbar.exe moved successfully.
C:\Users\****\Desktop\Neuer Ordner\FloriSetup.exe moved successfully.
C:\Users\****\Downloads\Facemoods.exe moved successfully.
C:\Users\****\Downloads\SoftonicDownloader_fuer_adobe-photoshop.exe moved successfully.
File\Folder C:\Program Files\BabylonToolbar not found.
C:\Users\****\AppData\Roaming\.# folder moved successfully.
C:\Users\****\AppData\Roaming\{8126D2ED-1984-4573-9D57-97637E10C716} folder moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\****\Desktop\cmd.bat deleted successfully.
C:\Users\****\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
 
User: ****
->Temp folder emptied: 122328581 bytes
->Java cache emptied: 1207098 bytes
->FireFox cache emptied: 89481133 bytes
->Google Chrome cache emptied: 423392332 bytes
->Flash cache emptied: 1000 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 530870666 bytes
RecycleBin emptied: 236557 bytes
 
Total Files Cleaned = 1.113,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.61.3 log created on 09132012_231403

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

cosinus · 14.09.2012, 14:22

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

sentinel · 15.09.2012, 14:30

Code:

ATTFilter

15:22:45.0378 3940  TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
15:22:45.0808 3940  ============================================================
15:22:45.0808 3940  Current date / time: 2012/09/15 15:22:45.0808
15:22:45.0808 3940  SystemInfo:
15:22:45.0808 3940  
15:22:45.0808 3940  OS Version: 6.0.6002 ServicePack: 2.0
15:22:45.0808 3940  Product type: Workstation
15:22:45.0808 3940  ComputerName: ****-PC
15:22:45.0809 3940  UserName: ****
15:22:45.0809 3940  Windows directory: C:\Windows
15:22:45.0809 3940  System windows directory: C:\Windows
15:22:45.0809 3940  Processor architecture: Intel x86
15:22:45.0809 3940  Number of processors: 2
15:22:45.0809 3940  Page size: 0x1000
15:22:45.0809 3940  Boot type: Normal boot
15:22:45.0809 3940  ============================================================
15:22:46.0388 3940  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:22:46.0390 3940  ============================================================
15:22:46.0390 3940  \Device\Harddisk0\DR0:
15:22:46.0390 3940  MBR partitions:
15:22:46.0390 3940  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x25025E3B
15:22:46.0390 3940  \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x25029D3B, BlocksNum 0x403986
15:22:46.0390 3940  ============================================================
15:22:46.0407 3940  C: <-> \Device\Harddisk0\DR0\Partition1
15:22:46.0435 3940  D: <-> \Device\Harddisk0\DR0\Partition2
15:22:46.0436 3940  ============================================================
15:22:46.0436 3940  Initialize success
15:22:46.0436 3940  ============================================================
15:23:40.0188 0552  ============================================================
15:23:40.0188 0552  Scan started
15:23:40.0188 0552  Mode: Manual; SigCheck; TDLFS; 
15:23:40.0188 0552  ============================================================
15:23:40.0703 0552  ================ Scan system memory ========================
15:23:40.0703 0552  System memory - ok
15:23:40.0703 0552  ================ Scan services =============================
15:23:41.0312 0552  [ 4DF5E6215A102A192B2B6DBB61F2FBA5 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
15:23:41.0421 0552  Accelerometer - ok
15:23:41.0530 0552  [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon        C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
15:23:41.0561 0552  ACDaemon - ok
15:23:41.0639 0552  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
15:23:41.0670 0552  ACPI - ok
15:23:41.0733 0552  [ 6C61BCEB60C2C187E6F96001FD69493E ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys
15:23:41.0842 0552  ADIHdAudAddService - ok
15:23:41.0951 0552  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:23:41.0967 0552  AdobeARMservice - ok
15:23:42.0029 0552  [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:23:42.0045 0552  AdobeFlashPlayerUpdateSvc - ok
15:23:42.0092 0552  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:23:42.0123 0552  adp94xx - ok
15:23:42.0154 0552  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:23:42.0170 0552  adpahci - ok
15:23:42.0185 0552  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
15:23:42.0201 0552  adpu160m - ok
15:23:42.0232 0552  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:23:42.0248 0552  adpu320 - ok
15:23:42.0279 0552  [ 4DC6B0772D1698F04FC79053A21C8260 ] AEADIFilters    C:\Windows\system32\AEADISRV.EXE
15:23:42.0294 0552  AEADIFilters - ok
15:23:42.0310 0552  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:23:42.0357 0552  AeLookupSvc - ok
15:23:42.0466 0552  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
15:23:42.0544 0552  AFD - ok
15:23:42.0575 0552  [ 9C9D3B7A05445B1AB2DF4D0C4D6B77E8 ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe
15:23:42.0591 0552  AgereModemAudio - ok
15:23:42.0669 0552  [ 3712986CC3ABF0DC656B43525B9D1279 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
15:23:42.0778 0552  AgereSoftModem - ok
15:23:42.0809 0552  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:23:42.0825 0552  agp440 - ok
15:23:42.0856 0552  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
15:23:42.0872 0552  aic78xx - ok
15:23:42.0918 0552  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
15:23:42.0996 0552  ALG - ok
15:23:43.0059 0552  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:23:43.0074 0552  aliide - ok
15:23:43.0121 0552  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
15:23:43.0137 0552  amdagp - ok
15:23:43.0168 0552  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
15:23:43.0184 0552  amdide - ok
15:23:43.0215 0552  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
15:23:43.0262 0552  AmdK7 - ok
15:23:43.0371 0552  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:23:43.0433 0552  AmdK8 - ok
15:23:43.0496 0552  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
15:23:43.0558 0552  Appinfo - ok
15:23:43.0636 0552  [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:23:43.0652 0552  Apple Mobile Device - ok
15:23:43.0776 0552  [ 0FE769CAE5855B53C90E23F85E7E89FF ] AppMgmt         C:\Windows\System32\appmgmts.dll
15:23:43.0839 0552  AppMgmt - ok
15:23:43.0901 0552  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
15:23:43.0917 0552  arc - ok
15:23:43.0948 0552  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:23:43.0964 0552  arcsas - ok
15:23:44.0073 0552  [ 05316884240CD883DA27618D75EA4104 ] ASBroker        C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
15:23:44.0088 0552  ASBroker - ok
15:23:44.0104 0552  [ 3F8F63499283E33BB090FDC2F4F81C57 ] ASChannel       C:\Program Files\Hewlett-Packard\IAM\Bin\AsChnl.dll
15:23:44.0120 0552  ASChannel - ok
15:23:44.0151 0552  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:23:44.0166 0552  AsyncMac - ok
15:23:44.0229 0552  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:23:44.0244 0552  atapi - ok
15:23:44.0291 0552  [ 202F86BA4B7BDF9D0A6E81D148FEF560 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
15:23:44.0338 0552  Ati External Event Utility - ok
15:23:44.0369 0552  [ D7672D90EF03D0E2EFDB02DF5045A359 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
15:23:44.0369 0552  AtiHdmiService - ok
15:23:44.0541 0552  [ 64895A6443D147C1ABA523589B485E02 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
15:23:44.0806 0552  atikmdag - ok
15:23:44.0868 0552  [ 96B2E3CB4F0E2D54E4D00FE43725F66F ] ATService       C:\Program Files\Fingerprint Sensor\AtService.exe
15:23:44.0931 0552  ATService - ok
15:23:45.0009 0552  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:23:45.0071 0552  AudioEndpointBuilder - ok
15:23:45.0134 0552  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
15:23:45.0149 0552  Audiosrv - ok
15:23:45.0258 0552  [ D45B7995761253A92AB071D576114F28 ] AVG Security Toolbar Service C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
15:23:45.0258 0552  AVG Security Toolbar Service - ok
15:23:46.0007 0552  [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent     C:\Program Files\AVG\AVG2012\avgidsagent.exe
15:23:46.0350 0552  AVGIDSAgent - ok
15:23:46.0413 0552  [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdriverx.sys
15:23:46.0428 0552  AVGIDSDriver - ok
15:23:46.0460 0552  [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter    C:\Windows\system32\DRIVERS\avgidsfilterx.sys
15:23:46.0460 0552  AVGIDSFilter - ok
15:23:46.0491 0552  [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX        C:\Windows\system32\DRIVERS\avgidshx.sys
15:23:46.0506 0552  AVGIDSHX - ok
15:23:46.0538 0552  [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim      C:\Windows\system32\DRIVERS\avgidsshimx.sys
15:23:46.0553 0552  AVGIDSShim - ok
15:23:46.0631 0552  [ DCB09125C8B4766A88C86914B65487C1 ] Avgldx86        C:\Windows\system32\DRIVERS\avgldx86.sys
15:23:46.0662 0552  Avgldx86 - ok
15:23:46.0725 0552  [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86        C:\Windows\system32\DRIVERS\avgmfx86.sys
15:23:46.0740 0552  Avgmfx86 - ok
15:23:46.0756 0552  [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86        C:\Windows\system32\DRIVERS\avgrkx86.sys
15:23:46.0772 0552  Avgrkx86 - ok
15:23:46.0803 0552  [ C0BC3B2E3FD625E7F55E1FF863E94592 ] Avgtdix         C:\Windows\system32\DRIVERS\avgtdix.sys
15:23:46.0818 0552  Avgtdix - ok
15:23:46.0865 0552  [ 6F76908F065C3C151C4BFCA7DFD86979 ] avgtp           C:\Windows\system32\drivers\avgtpx86.sys
15:23:46.0881 0552  avgtp - ok
15:23:46.0928 0552  [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd           C:\Program Files\AVG\AVG2012\avgwdsvc.exe
15:23:46.0943 0552  avgwd - ok
15:23:46.0990 0552  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:23:47.0037 0552  Beep - ok
15:23:47.0115 0552  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
15:23:47.0177 0552  BFE - ok
15:23:47.0271 0552  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
15:23:47.0349 0552  BITS - ok
15:23:47.0411 0552  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
15:23:47.0474 0552  blbdrive - ok
15:23:47.0598 0552  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:23:47.0661 0552  Bonjour Service - ok
15:23:47.0708 0552  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:23:47.0770 0552  bowser - ok
15:23:47.0817 0552  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
15:23:47.0832 0552  BrFiltLo - ok
15:23:47.0848 0552  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
15:23:47.0895 0552  BrFiltUp - ok
15:23:47.0988 0552  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
15:23:48.0051 0552  Browser - ok
15:23:48.0113 0552  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
15:23:48.0285 0552  Brserid - ok
15:23:48.0332 0552  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
15:23:48.0394 0552  BrSerWdm - ok
15:23:48.0456 0552  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
15:23:48.0566 0552  BrUsbMdm - ok
15:23:48.0597 0552  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
15:23:48.0675 0552  BrUsbSer - ok
15:23:48.0753 0552  [ 6D39C954799B63BA866910234CF7D726 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
15:23:48.0800 0552  BthEnum - ok
15:23:48.0831 0552  [ 9A966A8E86D1771911AE34A20D11BFF3 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:23:48.0862 0552  BTHMODEM - ok
15:23:48.0924 0552  [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
15:23:48.0971 0552  BthPan - ok
15:23:49.0018 0552  [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
15:23:49.0065 0552  BTHPORT - ok
15:23:49.0127 0552  [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ         C:\Windows\System32\bthserv.dll
15:23:49.0190 0552  BthServ - ok
15:23:49.0221 0552  [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
15:23:49.0268 0552  BTHUSB - ok
15:23:49.0330 0552  [ CD956DD816D9959748EB787A5121D1E4 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
15:23:49.0330 0552  btwaudio - ok
15:23:49.0361 0552  [ 4CA1CC3D13466A3E2E9E9119D00AEC78 ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
15:23:49.0377 0552  btwavdt - ok
15:23:49.0439 0552  [ FE7FCACE3678200AE202EB29C9B6A8E8 ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
15:23:49.0486 0552  btwdins - ok
15:23:49.0533 0552  [ 54C2EE0A3CEC586629035D771AACAE67 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
15:23:49.0548 0552  btwl2cap - ok
15:23:49.0564 0552  [ F857EF2D941530772AE828ECD6D71B22 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
15:23:49.0580 0552  btwrchid - ok
15:23:49.0611 0552  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:23:49.0658 0552  cdfs - ok
15:23:49.0689 0552  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:23:49.0736 0552  cdrom - ok
15:23:49.0798 0552  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:23:49.0860 0552  CertPropSvc - ok
15:23:49.0923 0552  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\drivers\circlass.sys
15:23:49.0985 0552  circlass - ok
15:23:50.0048 0552  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
15:23:50.0063 0552  CLFS - ok
15:23:50.0126 0552  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:23:50.0141 0552  clr_optimization_v2.0.50727_32 - ok
15:23:50.0250 0552  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:23:50.0250 0552  clr_optimization_v4.0.30319_32 - ok
15:23:50.0297 0552  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:23:50.0344 0552  CmBatt - ok
15:23:50.0375 0552  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:23:50.0391 0552  cmdide - ok
15:23:50.0422 0552  [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx       C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
15:23:50.0438 0552  Com4QLBEx - ok
15:23:50.0453 0552  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:23:50.0453 0552  Compbatt - ok
15:23:50.0469 0552  COMSysApp - ok
15:23:50.0484 0552  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:23:50.0500 0552  crcdisk - ok
15:23:50.0516 0552  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
15:23:50.0562 0552  Crusoe - ok
15:23:50.0640 0552  [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:23:50.0703 0552  CryptSvc - ok
15:23:50.0750 0552  [ 9BDB2E89BE8D0EF37B1F25C3D3FC192C ] CSC             C:\Windows\system32\drivers\csc.sys
15:23:50.0843 0552  CSC - ok
15:23:50.0921 0552  [ 0A2095F92F6AE4FE6484D911B0C21E95 ] CscService      C:\Windows\System32\cscsvc.dll
15:23:50.0984 0552  CscService - ok
15:23:51.0062 0552  [ DD5682BA88543608612245FB7C06D5E0 ] DAMDrv          C:\Windows\system32\DRIVERS\DAMDrv.sys
15:23:51.0077 0552  DAMDrv - ok
15:23:51.0186 0552  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:23:51.0249 0552  DcomLaunch - ok
15:23:51.0296 0552  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:23:51.0358 0552  DfsC - ok
15:23:51.0592 0552  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
15:23:51.0717 0552  DFSR - ok
15:23:51.0748 0552  [ 6216FD7FD227DE454238A702B218CEC7 ] dgderdrv        C:\Windows\system32\drivers\dgderdrv.sys
15:23:51.0764 0552  dgderdrv - ok
15:23:51.0826 0552  [ 73FC5BC52572084EC1241514CF6230A0 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
15:23:51.0826 0552  dg_ssudbus - ok
15:23:51.0951 0552  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
15:23:52.0013 0552  Dhcp - ok
15:23:52.0076 0552  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
15:23:52.0091 0552  disk - ok
15:23:52.0154 0552  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:23:52.0216 0552  Dnscache - ok
15:23:52.0263 0552  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:23:52.0325 0552  dot3svc - ok
15:23:52.0388 0552  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
15:23:52.0434 0552  DPS - ok
15:23:52.0512 0552  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:23:52.0544 0552  drmkaud - ok
15:23:52.0637 0552  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:23:52.0684 0552  DXGKrnl - ok
15:23:52.0731 0552  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
15:23:52.0778 0552  E1G60 - ok
15:23:52.0824 0552  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
15:23:52.0871 0552  EapHost - ok
15:23:52.0949 0552  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
15:23:52.0965 0552  Ecache - ok
15:23:53.0027 0552  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:23:53.0043 0552  elxstor - ok
15:23:53.0183 0552  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
15:23:53.0277 0552  EMDMgmt - ok
15:23:53.0308 0552  [ 3DB974F3935483555D7148663F726C61 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:23:53.0355 0552  ErrDev - ok
15:23:53.0464 0552  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
15:23:53.0526 0552  EventSystem - ok
15:23:53.0636 0552  [ 53CCA6B4DF0977074E85C9A18F42B5CC ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:23:53.0698 0552  EvtEng - ok
15:23:53.0760 0552  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
15:23:53.0823 0552  exfat - ok
15:23:53.0885 0552  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:23:53.0948 0552  fastfat - ok
15:23:54.0026 0552  [ DFBA0F60FA301E5B1BFB1403A93EE23E ] Fax             C:\Windows\system32\fxssvc.exe
15:23:54.0135 0552  Fax - ok
15:23:54.0166 0552  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:23:54.0213 0552  fdc - ok
15:23:54.0260 0552  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
15:23:54.0291 0552  fdPHost - ok
15:23:54.0322 0552  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:23:54.0384 0552  FDResPub - ok
15:23:54.0400 0552  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:23:54.0416 0552  FileInfo - ok
15:23:54.0431 0552  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:23:54.0478 0552  Filetrace - ok
15:23:54.0540 0552  [ 83D2490297DE7F8F22BE271522F5AC04 ] FLCDLOCK        C:\Windows\system32\flcdlock.exe
15:23:54.0587 0552  FLCDLOCK - ok
15:23:54.0634 0552  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:23:54.0665 0552  flpydisk - ok
15:23:54.0728 0552  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:23:54.0743 0552  FltMgr - ok
15:23:54.0899 0552  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
15:23:54.0993 0552  FontCache - ok
15:23:55.0040 0552  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:23:55.0055 0552  FontCache3.0.0.0 - ok
15:23:55.0102 0552  [ B74B0578FD1D3F897E95F2A2B69EA051 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
15:23:55.0118 0552  fssfltr - ok
15:23:55.0258 0552  [ 206AD9A89BF05DFA1621F1FC7B82592D ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
15:23:55.0320 0552  fsssvc - ok
15:23:55.0352 0552  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:23:55.0430 0552  Fs_Rec - ok
15:23:55.0492 0552  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:23:55.0508 0552  gagp30kx - ok
15:23:55.0539 0552  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:23:55.0554 0552  GEARAspiWDM - ok
15:23:55.0617 0552  [ 007AEA2E06E7CEF7372E40C277163959 ] ggflt           C:\Windows\system32\DRIVERS\ggflt.sys
15:23:55.0617 0552  ggflt - ok
15:23:55.0632 0552  [ C73DE35960CA75C5AB4AE636B127C64E ] ggsemc          C:\Windows\system32\DRIVERS\ggsemc.sys
15:23:55.0648 0552  ggsemc - ok
15:23:55.0742 0552  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:23:55.0835 0552  gpsvc - ok
15:23:55.0898 0552  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:23:55.0960 0552  HdAudAddService - ok
15:23:56.0069 0552  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:23:56.0178 0552  HDAudBus - ok
15:23:56.0225 0552  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:23:56.0303 0552  HidBth - ok
15:23:56.0334 0552  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:23:56.0412 0552  HidIr - ok
15:23:56.0459 0552  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
15:23:56.0490 0552  hidserv - ok
15:23:56.0537 0552  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:23:56.0568 0552  HidUsb - ok
15:23:56.0615 0552  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:23:56.0646 0552  hkmsvc - ok
15:23:56.0740 0552  [ 45A12CACB97B4F15858FCFD59355A1E9 ] HP Health Check Service C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
15:23:56.0740 0552  HP Health Check Service - ok
15:23:56.0771 0552  [ 6B99EAFD05CEA0CD9031CAC52E2A2C34 ] HP ProtectTools Service C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
15:23:56.0802 0552  HP ProtectTools Service ( UnsignedFile.Multi.Generic ) - warning
15:23:56.0802 0552  HP ProtectTools Service - detected UnsignedFile.Multi.Generic (1)
15:23:56.0834 0552  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
15:23:56.0849 0552  HpCISSs - ok
15:23:56.0927 0552  [ F55442690A70A0278A7EED4FAAEBF576 ] HPDrvMntSvc.exe C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
15:23:56.0958 0552  HPDrvMntSvc.exe - ok
15:23:56.0974 0552  [ E1D82F0C8456ABB03B7DF5D623CA47D1 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
15:23:56.0974 0552  hpdskflt - ok
15:23:57.0005 0552  [ A965C6A36AD6491A7AEB9768D0BA9963 ] HpFkCryptService C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
15:23:57.0021 0552  HpFkCryptService - ok
15:23:57.0052 0552  [ 95784B20953D476B852855906A1EDFD1 ] HPFSService     C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
15:23:57.0052 0552  HPFSService ( UnsignedFile.Multi.Generic ) - warning
15:23:57.0052 0552  HPFSService - detected UnsignedFile.Multi.Generic (1)
15:23:57.0099 0552  [ 1210960FF8928950D2A786895B0C424A ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
15:23:57.0114 0552  HpqKbFiltr - ok
15:23:57.0192 0552  [ 640E51DB253265C3EAC075866B3D2B33 ] hpqwmiex        C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
15:23:57.0239 0552  hpqwmiex - ok
15:23:57.0286 0552  [ D1F817E61D52816996B8F1EBA9A38276 ] hpsrv           C:\Windows\system32\Hpservice.exe
15:23:57.0302 0552  hpsrv - ok
15:23:57.0395 0552  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:23:57.0489 0552  HTTP - ok
15:23:57.0551 0552  [ 19E6885A061011D8DABE8F64498423FA ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
15:23:57.0629 0552  hwdatacard - ok
15:23:57.0676 0552  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
15:23:57.0692 0552  i2omp - ok
15:23:57.0738 0552  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:23:57.0770 0552  i8042prt - ok
15:23:57.0848 0552  [ 0D2D28A3F60FB0B69812D6861BCBFEBD ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
15:23:57.0894 0552  IAANTMON - ok
15:23:58.0082 0552  [ 8318E04A6455CED1020BCC5039B62CFA ] ialm            C:\Windows\system32\DRIVERS\ialmnt5.sys
15:23:58.0175 0552  ialm - ok
15:23:58.0253 0552  [ D483687EACE0C065EE772481A96E05F5 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
15:23:58.0269 0552  iaStor - ok
15:23:58.0300 0552  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
15:23:58.0316 0552  iaStorV - ok
15:23:58.0440 0552  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:23:58.0503 0552  idsvc - ok
15:23:58.0518 0552  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:23:58.0550 0552  iirsp - ok
15:23:58.0628 0552  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
15:23:58.0706 0552  IKEEXT - ok
15:23:58.0752 0552  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:23:58.0768 0552  intelide - ok
15:23:58.0799 0552  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:23:58.0862 0552  intelppm - ok
15:23:58.0908 0552  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:23:58.0971 0552  IPBusEnum - ok
15:23:59.0002 0552  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:23:59.0018 0552  IpFilterDriver - ok
15:23:59.0080 0552  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:23:59.0174 0552  iphlpsvc - ok
15:23:59.0174 0552  IpInIp - ok
15:23:59.0205 0552  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
15:23:59.0236 0552  IPMIDRV - ok
15:23:59.0267 0552  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
15:23:59.0298 0552  IPNAT - ok
15:23:59.0345 0552  [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:23:59.0408 0552  iPod Service - ok
15:23:59.0439 0552  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:23:59.0486 0552  IRENUM - ok
15:23:59.0517 0552  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:23:59.0517 0552  isapnp - ok
15:23:59.0595 0552  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
15:23:59.0626 0552  iScsiPrt - ok
15:23:59.0657 0552  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
15:23:59.0673 0552  iteatapi - ok
15:23:59.0673 0552  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
15:23:59.0688 0552  iteraid - ok
15:23:59.0720 0552  [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr       C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
15:23:59.0735 0552  IviRegMgr - ok
15:23:59.0751 0552  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:23:59.0766 0552  kbdclass - ok
15:23:59.0782 0552  [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
15:23:59.0829 0552  kbdhid - ok
15:23:59.0876 0552  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
15:23:59.0907 0552  KeyIso - ok
15:23:59.0969 0552  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:24:00.0000 0552  KSecDD - ok
15:24:00.0047 0552  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:24:00.0094 0552  KtmRm - ok
15:24:00.0156 0552  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:24:00.0219 0552  LanmanServer - ok
15:24:00.0234 0552  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:24:00.0281 0552  LanmanWorkstation - ok
15:24:00.0328 0552  [ 1615458FB71003B4ED7AD1F26C3A4047 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
15:24:00.0359 0552  LightScribeService - ok
15:24:00.0390 0552  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:24:00.0437 0552  lltdio - ok
15:24:00.0484 0552  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:24:00.0515 0552  lltdsvc - ok
15:24:00.0546 0552  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:24:00.0609 0552  lmhosts - ok
15:24:00.0671 0552  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:24:00.0702 0552  LSI_FC - ok
15:24:00.0718 0552  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:24:00.0734 0552  LSI_SAS - ok
15:24:00.0765 0552  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:24:00.0780 0552  LSI_SCSI - ok
15:24:00.0827 0552  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
15:24:00.0874 0552  luafv - ok
15:24:00.0936 0552  [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
15:24:00.0952 0552  MBAMProtector - ok
15:24:00.0999 0552  [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
15:24:01.0014 0552  McComponentHostService - ok
15:24:01.0030 0552  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:24:01.0046 0552  megasas - ok
15:24:01.0061 0552  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
15:24:01.0108 0552  MegaSR - ok
15:24:01.0139 0552  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
15:24:01.0202 0552  MMCSS - ok
15:24:01.0233 0552  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
15:24:01.0264 0552  Modem - ok
15:24:01.0311 0552  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:24:01.0358 0552  monitor - ok
15:24:01.0389 0552  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:24:01.0404 0552  mouclass - ok
15:24:01.0404 0552  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:24:01.0436 0552  mouhid - ok
15:24:01.0451 0552  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
15:24:01.0467 0552  MountMgr - ok
15:24:01.0498 0552  [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:24:01.0514 0552  MozillaMaintenance - ok
15:24:01.0529 0552  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:24:01.0545 0552  mpio - ok
15:24:01.0560 0552  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:24:01.0592 0552  mpsdrv - ok
15:24:01.0685 0552  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:24:01.0716 0552  MpsSvc - ok
15:24:01.0748 0552  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
15:24:01.0763 0552  Mraid35x - ok
15:24:01.0810 0552  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:24:01.0872 0552  MRxDAV - ok
15:24:01.0904 0552  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:24:01.0966 0552  mrxsmb - ok
15:24:01.0997 0552  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:24:02.0013 0552  mrxsmb10 - ok
15:24:02.0028 0552  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:24:02.0060 0552  mrxsmb20 - ok
15:24:02.0106 0552  [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci          C:\Windows\system32\drivers\msahci.sys
15:24:02.0106 0552  msahci - ok
15:24:02.0122 0552  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:24:02.0138 0552  msdsm - ok
15:24:02.0153 0552  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
15:24:02.0184 0552  MSDTC - ok
15:24:02.0216 0552  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:24:02.0262 0552  Msfs - ok
15:24:02.0309 0552  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:24:02.0325 0552  msisadrv - ok
15:24:02.0340 0552  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:24:02.0387 0552  MSiSCSI - ok
15:24:02.0403 0552  msiserver - ok
15:24:02.0434 0552  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:24:02.0481 0552  MSKSSRV - ok
15:24:02.0512 0552  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:24:02.0559 0552  MSPCLOCK - ok
15:24:02.0590 0552  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:24:02.0637 0552  MSPQM - ok
15:24:02.0699 0552  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:24:02.0715 0552  MsRPC - ok
15:24:02.0762 0552  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:24:02.0762 0552  mssmbios - ok
15:24:02.0808 0552  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:24:02.0855 0552  MSTEE - ok
15:24:02.0886 0552  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
15:24:02.0902 0552  Mup - ok
15:24:02.0964 0552  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
15:24:03.0011 0552  napagent - ok
15:24:03.0042 0552  [ 93F9C6B5AA7E7CC23DC034A92780C270 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:24:03.0105 0552  NativeWifiP - ok
15:24:03.0183 0552  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:24:03.0245 0552  NDIS - ok
15:24:03.0292 0552  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:24:03.0339 0552  NdisTapi - ok
15:24:03.0386 0552  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:24:03.0432 0552  Ndisuio - ok
15:24:03.0479 0552  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:24:03.0542 0552  NdisWan - ok
15:24:03.0588 0552  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:24:03.0635 0552  NDProxy - ok
15:24:03.0651 0552  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:24:03.0682 0552  NetBIOS - ok
15:24:03.0729 0552  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
15:24:03.0776 0552  netbt - ok
15:24:03.0807 0552  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
15:24:03.0822 0552  Netlogon - ok
15:24:03.0869 0552  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
15:24:03.0932 0552  Netman - ok
15:24:03.0978 0552  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
15:24:04.0056 0552  netprofm - ok
15:24:04.0103 0552  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:24:04.0119 0552  NetTcpPortSharing - ok
15:24:04.0244 0552  [ 83F310BF50985F2A52121F2614787C38 ] NETw5v32        C:\Windows\system32\DRIVERS\NETw5v32.sys
15:24:04.0478 0552  NETw5v32 - ok
15:24:04.0493 0552  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:24:04.0509 0552  nfrd960 - ok
15:24:04.0540 0552  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:24:04.0587 0552  NlaSvc - ok
15:24:04.0649 0552  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:24:04.0712 0552  Npfs - ok
15:24:04.0758 0552  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
15:24:04.0821 0552  nsi - ok
15:24:04.0852 0552  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:24:04.0899 0552  nsiproxy - ok
15:24:05.0055 0552  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:24:05.0117 0552  Ntfs - ok
15:24:05.0180 0552  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
15:24:05.0242 0552  ntrigdigi - ok
15:24:05.0273 0552  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
15:24:05.0304 0552  Null - ok
15:24:05.0336 0552  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:24:05.0351 0552  nvraid - ok
15:24:05.0367 0552  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:24:05.0382 0552  nvstor - ok
15:24:05.0398 0552  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:24:05.0414 0552  nv_agp - ok
15:24:05.0414 0552  NwlnkFlt - ok
15:24:05.0429 0552  NwlnkFwd - ok
15:24:05.0445 0552  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:24:05.0507 0552  ohci1394 - ok
15:24:05.0601 0552  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
15:24:05.0726 0552  p2pimsvc - ok
15:24:05.0772 0552  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:24:05.0788 0552  p2psvc - ok
15:24:05.0866 0552  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
15:24:05.0944 0552  Parport - ok
15:24:05.0991 0552  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:24:06.0022 0552  partmgr - ok
15:24:06.0038 0552  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
15:24:06.0100 0552  Parvdm - ok
15:24:06.0147 0552  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:24:06.0194 0552  PcaSvc - ok
15:24:06.0240 0552  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
15:24:06.0256 0552  pci - ok
15:24:06.0287 0552  [ FC175F5DDAB666D7F4D17449A547626F ] pciide          C:\Windows\system32\drivers\pciide.sys
15:24:06.0303 0552  pciide - ok
15:24:06.0350 0552  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:24:06.0365 0552  pcmcia - ok
15:24:06.0412 0552  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:24:06.0537 0552  PEAUTH - ok
15:24:06.0708 0552  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
15:24:06.0833 0552  pla - ok
15:24:06.0880 0552  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:24:06.0942 0552  PlugPlay - ok
15:24:06.0989 0552  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
15:24:07.0036 0552  PNRPAutoReg - ok
15:24:07.0052 0552  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
15:24:07.0083 0552  PNRPsvc - ok
15:24:07.0145 0552  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:24:07.0239 0552  PolicyAgent - ok
15:24:07.0301 0552  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:24:07.0348 0552  PptpMiniport - ok
15:24:07.0379 0552  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys
15:24:07.0442 0552  Processor - ok
15:24:07.0488 0552  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:24:07.0551 0552  ProfSvc - ok
15:24:07.0566 0552  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
15:24:07.0582 0552  ProtectedStorage - ok
15:24:07.0629 0552  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
15:24:07.0676 0552  PSched - ok
15:24:07.0722 0552  [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2       C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
15:24:07.0738 0552  PSI_SVC_2 - ok
15:24:07.0816 0552  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
15:24:07.0832 0552  PxHelp20 - ok
15:24:07.0894 0552  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:24:07.0988 0552  ql2300 - ok
15:24:08.0003 0552  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:24:08.0019 0552  ql40xx - ok
15:24:08.0066 0552  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
15:24:08.0222 0552  QWAVE - ok
15:24:08.0300 0552  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:24:08.0346 0552  QWAVEdrv - ok
15:24:08.0378 0552  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:24:08.0440 0552  RasAcd - ok
15:24:08.0487 0552  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
15:24:08.0549 0552  RasAuto - ok
15:24:08.0565 0552  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:24:08.0596 0552  Rasl2tp - ok
15:24:08.0658 0552  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
15:24:08.0705 0552  RasMan - ok
15:24:08.0752 0552  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:24:08.0799 0552  RasPppoe - ok
15:24:08.0846 0552  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:24:08.0877 0552  RasSstp - ok
15:24:08.0924 0552  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:24:08.0970 0552  rdbss - ok
15:24:09.0033 0552  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:24:09.0080 0552  RDPCDD - ok
15:24:09.0111 0552  [ 943B18305EAE3935598A9B4A3D560B4C ] rdpdr           C:\Windows\system32\DRIVERS\rdpdr.sys
15:24:09.0173 0552  rdpdr - ok
15:24:09.0204 0552  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:24:09.0251 0552  RDPENCDD - ok
15:24:09.0329 0552  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:24:09.0423 0552  RDPWD - ok
15:24:09.0470 0552  [ 001B4278407F4303EFC902A2B16F2453 ] regi            C:\Windows\system32\drivers\regi.sys
15:24:09.0485 0552  regi - ok
15:24:09.0516 0552  [ 7C4391419852DFC331F6AF620C33AF3C ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:24:09.0532 0552  RegSrvc - ok
15:24:09.0563 0552  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:24:09.0594 0552  RemoteAccess - ok
15:24:09.0641 0552  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:24:09.0704 0552  RemoteRegistry - ok
15:24:09.0750 0552  [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
15:24:09.0797 0552  RFCOMM - ok
15:24:10.0000 0552  [ 85F9924FB26D924C4A10DC620AE2C350 ] RoxMediaDB10    C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
15:24:10.0125 0552  RoxMediaDB10 - ok
15:24:10.0156 0552  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
15:24:10.0172 0552  RpcLocator - ok
15:24:10.0187 0552  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
15:24:10.0234 0552  RpcSs - ok
15:24:10.0281 0552  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:24:10.0312 0552  rspndr - ok
15:24:10.0343 0552  [ 3EC108ED3E579BE2FC4EE1F2C6A48EBB ] RsvLock         C:\Windows\system32\drivers\RsvLock.sys
15:24:10.0359 0552  RsvLock - ok
15:24:10.0406 0552  [ 594FF5620661D1386475406E78CB6F2F ] s0017bus        C:\Windows\system32\DRIVERS\s0017bus.sys
15:24:10.0421 0552  s0017bus - ok
15:24:10.0437 0552  [ 7258F550419D543BC5C8E80C578A5D54 ] s0017mdfl       C:\Windows\system32\DRIVERS\s0017mdfl.sys
15:24:10.0452 0552  s0017mdfl - ok
15:24:10.0468 0552  [ 1DE4F6607FEB17A15DBD4F1B139E6D2F ] s0017mdm        C:\Windows\system32\DRIVERS\s0017mdm.sys
15:24:10.0468 0552  s0017mdm - ok
15:24:10.0530 0552  [ 9814E6BACC06D2526CD52981C7EEEDF0 ] s0017mgmt       C:\Windows\system32\DRIVERS\s0017mgmt.sys
15:24:10.0546 0552  s0017mgmt - ok
15:24:10.0577 0552  [ 2C62CD58225973F26682CD4F783DDEDE ] s0017nd5        C:\Windows\system32\DRIVERS\s0017nd5.sys
15:24:10.0593 0552  s0017nd5 - ok
15:24:10.0593 0552  [ F87C3422E84B2FB1B43E0A26247AD5A5 ] s0017obex       C:\Windows\system32\DRIVERS\s0017obex.sys
15:24:10.0608 0552  s0017obex - ok
15:24:10.0624 0552  [ DF5E7360A0AFA5956BF75DA683D0679F ] s0017unic       C:\Windows\system32\DRIVERS\s0017unic.sys
15:24:10.0624 0552  s0017unic - ok
15:24:10.0640 0552  [ BBDF0D8752F9CA2254886BB34F8C39AB ] SafeBoot        C:\Windows\system32\drivers\SafeBoot.sys
15:24:10.0640 0552  Suspicious file (NoAccess): C:\Windows\system32\drivers\SafeBoot.sys. md5: BBDF0D8752F9CA2254886BB34F8C39AB
15:24:10.0655 0552  SafeBoot ( LockedFile.Multi.Generic ) - warning
15:24:10.0655 0552  SafeBoot - detected LockedFile.Multi.Generic (1)
15:24:10.0655 0552  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
15:24:10.0671 0552  SamSs - ok
15:24:10.0686 0552  [ D5517F58CA38A0D680EEEE21DF08F469 ] SbAlg           C:\Windows\system32\drivers\SbAlg.sys
15:24:10.0702 0552  SbAlg - ok
15:24:10.0718 0552  [ 455E1A03A15AA894E61C46DFCEF77061 ] SbFsLock        C:\Windows\system32\drivers\SbFsLock.sys
15:24:10.0733 0552  SbFsLock - ok
15:24:10.0749 0552  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:24:10.0764 0552  sbp2port - ok
15:24:10.0811 0552  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:24:10.0858 0552  SCardSvr - ok
15:24:10.0920 0552  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
15:24:10.0998 0552  Schedule - ok
15:24:11.0030 0552  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:24:11.0045 0552  SCPolicySvc - ok
15:24:11.0092 0552  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:24:11.0154 0552  SDRSVC - ok
15:24:11.0186 0552  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:24:11.0248 0552  secdrv - ok
15:24:11.0310 0552  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
15:24:11.0357 0552  seclogon - ok
15:24:11.0388 0552  [ E5B56569A9F79B70314FEDE6C953641E ] seehcri         C:\Windows\system32\DRIVERS\seehcri.sys
15:24:11.0466 0552  seehcri - ok
15:24:11.0513 0552  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
15:24:11.0560 0552  SENS - ok
15:24:11.0591 0552  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
15:24:11.0654 0552  Serenum - ok
15:24:11.0700 0552  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
15:24:11.0778 0552  Serial - ok
15:24:11.0794 0552  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:24:11.0841 0552  sermouse - ok
15:24:11.0872 0552  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:24:11.0919 0552  SessionEnv - ok
15:24:11.0966 0552  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:24:12.0012 0552  sffdisk - ok
15:24:12.0044 0552  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:24:12.0090 0552  sffp_mmc - ok
15:24:12.0122 0552  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:24:12.0137 0552  sffp_sd - ok
15:24:12.0153 0552  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:24:12.0200 0552  sfloppy - ok
15:24:12.0246 0552  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:24:12.0309 0552  SharedAccess - ok
15:24:12.0356 0552  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:24:12.0387 0552  ShellHWDetection - ok
15:24:12.0402 0552  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
15:24:12.0418 0552  sisagp - ok
15:24:12.0434 0552  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
15:24:12.0449 0552  SiSRaid2 - ok
15:24:12.0465 0552  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:24:12.0480 0552  SiSRaid4 - ok
15:24:12.0527 0552  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
15:24:12.0543 0552  SkypeUpdate - ok
15:24:12.0824 0552  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
15:24:12.0948 0552  slsvc - ok
15:24:13.0042 0552  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
15:24:13.0089 0552  SLUINotify - ok
15:24:13.0136 0552  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:24:13.0151 0552  Smb - ok
15:24:13.0182 0552  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:24:13.0198 0552  SNMPTRAP - ok
15:24:13.0276 0552  [ D8ABA1293B82E7AF2F78B67CA46FCB3D ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys
15:24:13.0354 0552  SNP2UVC - ok
15:24:13.0494 0552  [ 86216565B0E5CC28FC7D305EC80457D4 ] Sony Ericsson PCCompanion C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
15:24:13.0541 0552  Sony Ericsson PCCompanion ( UnsignedFile.Multi.Generic ) - warning
15:24:13.0541 0552  Sony Ericsson PCCompanion - detected UnsignedFile.Multi.Generic (1)
15:24:13.0650 0552  [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe
15:24:13.0682 0552  Sony PC Companion - ok
15:24:13.0697 0552  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
15:24:13.0713 0552  spldr - ok
15:24:13.0760 0552  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
15:24:13.0791 0552  Spooler - ok
15:24:13.0853 0552  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:24:13.0931 0552  srv - ok
15:24:13.0994 0552  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:24:14.0025 0552  srv2 - ok
15:24:14.0087 0552  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:24:14.0134 0552  srvnet - ok
15:24:14.0196 0552  [ 069351A1D7D291013177A90AE6EDCCBC ] sscdbus         C:\Windows\system32\DRIVERS\sscdbus.sys
15:24:14.0212 0552  sscdbus - ok
15:24:14.0259 0552  [ 1C925BE223A5C0F9F469252292A48DF6 ] sscdmdfl        C:\Windows\system32\DRIVERS\sscdmdfl.sys
15:24:14.0274 0552  sscdmdfl - ok
15:24:14.0290 0552  [ AE3E77AE0FBDB07EB1AC3FED74A0695E ] sscdmdm         C:\Windows\system32\DRIVERS\sscdmdm.sys
15:24:14.0306 0552  sscdmdm - ok
15:24:14.0321 0552  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:24:14.0384 0552  SSDPSRV - ok
15:24:14.0430 0552  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:24:14.0477 0552  SstpSvc - ok
15:24:14.0524 0552  [ E3D493BFB7CD108EC50B2F560C96367C ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
15:24:14.0540 0552  ssudmdm - ok
15:24:14.0571 0552  [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
15:24:14.0586 0552  StillCam - ok
15:24:14.0696 0552  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
15:24:14.0774 0552  stisvc - ok
15:24:14.0836 0552  [ FF5EB78AF7DFB68C2FB363537AAF753E ] stllssvr        C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
15:24:14.0852 0552  stllssvr - ok
15:24:14.0867 0552  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:24:14.0883 0552  swenum - ok
15:24:14.0961 0552  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
15:24:15.0023 0552  swprv - ok
15:24:15.0054 0552  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
15:24:15.0054 0552  Symc8xx - ok
15:24:15.0086 0552  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
15:24:15.0101 0552  Sym_hi - ok
15:24:15.0117 0552  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
15:24:15.0132 0552  Sym_u3 - ok
15:24:15.0210 0552  [ 067CB9D745407A8C1B26E89A6A2CE152 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
15:24:15.0226 0552  SynTP - ok
15:24:15.0273 0552  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
15:24:15.0351 0552  SysMain - ok
15:24:15.0398 0552  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:24:15.0429 0552  TabletInputService - ok
15:24:15.0491 0552  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:24:15.0538 0552  TapiSrv - ok
15:24:15.0600 0552  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
15:24:15.0647 0552  TBS - ok
15:24:15.0772 0552  [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:24:15.0850 0552  Tcpip - ok
15:24:15.0928 0552  [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
15:24:15.0975 0552  Tcpip6 - ok
15:24:16.0022 0552  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:24:16.0084 0552  tcpipreg - ok
15:24:16.0146 0552  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:24:16.0178 0552  TDPIPE - ok
15:24:16.0193 0552  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:24:16.0240 0552  TDTCP - ok
15:24:16.0287 0552  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:24:16.0334 0552  tdx - ok
15:24:16.0380 0552  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:24:16.0380 0552  TermDD - ok
15:24:16.0443 0552  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
15:24:16.0521 0552  TermService - ok
15:24:16.0552 0552  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
15:24:16.0568 0552  Themes - ok
15:24:16.0583 0552  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
15:24:16.0614 0552  THREADORDER - ok
15:24:16.0708 0552  [ E319535A8124F25C1C9C5288CACF3101 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
15:24:16.0708 0552  TomTomHOMEService - ok
15:24:16.0755 0552  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
15:24:16.0786 0552  TrkWks - ok
15:24:16.0848 0552  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:24:16.0895 0552  TrustedInstaller - ok
15:24:16.0911 0552  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:24:16.0973 0552  tssecsrv - ok
15:24:16.0989 0552  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
15:24:17.0051 0552  tunmp - ok
15:24:17.0082 0552  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:24:17.0114 0552  tunnel - ok
15:24:17.0129 0552  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:24:17.0145 0552  uagp35 - ok
15:24:17.0192 0552  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:24:17.0238 0552  udfs - ok
15:24:17.0270 0552  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:24:17.0316 0552  UI0Detect - ok
15:24:17.0348 0552  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:24:17.0363 0552  uliagpkx - ok
15:24:17.0379 0552  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
15:24:17.0394 0552  uliahci - ok
15:24:17.0410 0552  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
15:24:17.0426 0552  UlSata - ok
15:24:17.0441 0552  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
15:24:17.0457 0552  ulsata2 - ok
15:24:17.0488 0552  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:24:17.0504 0552  umbus - ok
15:24:17.0550 0552  [ 8A66360F38F81E960E2367B428CBD5D9 ] UmRdpService    C:\Windows\System32\umrdp.dll
15:24:17.0628 0552  UmRdpService - ok
15:24:17.0675 0552  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
15:24:17.0738 0552  upnphost - ok
15:24:17.0769 0552  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:24:17.0800 0552  usbccgp - ok
15:24:17.0831 0552  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:24:17.0862 0552  usbcir - ok
15:24:17.0909 0552  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:24:17.0940 0552  usbehci - ok
15:24:18.0034 0552  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:24:18.0081 0552  usbhub - ok
15:24:18.0096 0552  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:24:18.0159 0552  usbohci - ok
15:24:18.0190 0552  [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
15:24:18.0252 0552  usbprint - ok
15:24:18.0299 0552  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:24:18.0346 0552  USBSTOR - ok
15:24:18.0393 0552  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
15:24:18.0440 0552  usbuhci - ok
15:24:18.0502 0552  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
15:24:18.0518 0552  usbvideo - ok
15:24:18.0564 0552  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
15:24:18.0627 0552  UxSms - ok
15:24:18.0674 0552  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
15:24:18.0752 0552  vds - ok
15:24:18.0798 0552  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:24:18.0861 0552  vga - ok
15:24:18.0892 0552  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:24:18.0908 0552  VgaSave - ok
15:24:18.0923 0552  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
15:24:18.0939 0552  viaagp - ok
15:24:18.0954 0552  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
15:24:18.0970 0552  ViaC7 - ok
15:24:18.0986 0552  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
15:24:19.0001 0552  viaide - ok
15:24:19.0079 0552  [ 6E021D6DA429AD7288FE8322E2BBA96B ] VMCService      C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
15:24:19.0095 0552  VMCService ( UnsignedFile.Multi.Generic ) - warning
15:24:19.0095 0552  VMCService - detected UnsignedFile.Multi.Generic (1)
15:24:19.0095 0552  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:24:19.0110 0552  volmgr - ok
15:24:19.0173 0552  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:24:19.0188 0552  volmgrx - ok
15:24:19.0220 0552  [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:24:19.0235 0552  volsnap - ok
15:24:19.0266 0552  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:24:19.0282 0552  vsmraid - ok
15:24:19.0391 0552  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
15:24:19.0469 0552  VSS - ok
15:24:19.0610 0552  [ CBA3F6EF1E70167DB376B4013F71A62B ] vToolbarUpdater12.2.6 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
15:24:19.0641 0552  vToolbarUpdater12.2.6 - ok
15:24:19.0703 0552  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
15:24:19.0734 0552  W32Time - ok
15:24:19.0750 0552  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:24:19.0797 0552  WacomPen - ok
15:24:19.0812 0552  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
15:24:19.0828 0552  Wanarp - ok
15:24:19.0844 0552  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:24:19.0859 0552  Wanarpv6 - ok
15:24:19.0968 0552  [ 20B23332885DFB93FE0185362EE811E9 ] wbengine        C:\Windows\system32\wbengine.exe
15:24:20.0109 0552  wbengine - ok
15:24:20.0218 0552  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:24:20.0280 0552  wcncsvc - ok
15:24:20.0327 0552  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:24:20.0374 0552  WcsPlugInService - ok
15:24:20.0421 0552  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
15:24:20.0452 0552  Wd - ok
15:24:20.0546 0552  [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:24:20.0608 0552  Wdf01000 - ok
15:24:20.0655 0552  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:24:20.0702 0552  WdiServiceHost - ok
15:24:20.0702 0552  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:24:20.0733 0552  WdiSystemHost - ok
15:24:20.0811 0552  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
15:24:20.0858 0552  WebClient - ok
15:24:20.0904 0552  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:24:20.0951 0552  Wecsvc - ok
15:24:20.0998 0552  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:24:21.0045 0552  wercplsupport - ok
15:24:21.0092 0552  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:24:21.0123 0552  WerSvc - ok
15:24:21.0170 0552  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
15:24:21.0185 0552  WinDefend - ok
15:24:21.0185 0552  WinHttpAutoProxySvc - ok
15:24:21.0279 0552  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:24:21.0294 0552  Winmgmt - ok
15:24:21.0466 0552  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:24:21.0575 0552  WinRM - ok
15:24:21.0653 0552  [ 676F4B665BDD8053EAA53AC1695B8074 ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
15:24:21.0684 0552  WinUSB - ok
15:24:21.0747 0552  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:24:21.0825 0552  Wlansvc - ok
15:24:21.0856 0552  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
15:24:21.0887 0552  WmiAcpi - ok
15:24:21.0950 0552  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:24:21.0996 0552  wmiApSrv - ok
15:24:22.0168 0552  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
15:24:22.0293 0552  WMPNetworkSvc - ok
15:24:22.0371 0552  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:24:22.0449 0552  WPDBusEnum - ok
15:24:22.0511 0552  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
15:24:22.0558 0552  WpdUsb - ok
15:24:22.0886 0552  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:24:22.0932 0552  WPFFontCache_v0400 - ok
15:24:22.0979 0552  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:24:23.0026 0552  ws2ifsl - ok
15:24:23.0073 0552  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
15:24:23.0104 0552  wscsvc - ok
15:24:23.0151 0552  [ 4422AC5ED8D4C2F0DB63E71D4C069DD7 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
15:24:23.0182 0552  WSDPrintDevice - ok
15:24:23.0182 0552  WSearch - ok
15:24:23.0338 0552  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
15:24:23.0447 0552  wuauserv - ok
15:24:23.0510 0552  [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:24:23.0572 0552  WUDFRd - ok
15:24:23.0619 0552  [ 575A4190D989F64732119E4114045A4F ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:24:23.0650 0552  wudfsvc - ok
15:24:23.0681 0552  [ 7D4CCA3659FA0780603206E3D12A993F ] yukonwlh        C:\Windows\system32\DRIVERS\yk60x86.sys
15:24:23.0744 0552  yukonwlh - ok
15:24:23.0775 0552  ================ Scan global ===============================
15:24:23.0790 0552  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
15:24:23.0822 0552  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
15:24:23.0853 0552  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
15:24:23.0931 0552  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
15:24:23.0946 0552  [Global] - ok
15:24:23.0946 0552  ================ Scan MBR ==================================
15:24:23.0962 0552  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
15:24:25.0740 0552  \Device\Harddisk0\DR0 - ok
15:24:25.0740 0552  ================ Scan VBR ==================================
15:24:25.0740 0552  [ 2259196B4E797E5274830F96699EAFBA ] \Device\Harddisk0\DR0\Partition1
15:24:25.0740 0552  \Device\Harddisk0\DR0\Partition1 - ok
15:24:25.0756 0552  [ BABC707B014C5DB6541530A5A1CBDCB9 ] \Device\Harddisk0\DR0\Partition2
15:24:25.0787 0552  \Device\Harddisk0\DR0\Partition2 - ok
15:24:25.0787 0552  ============================================================
15:24:25.0787 0552  Scan finished
15:24:25.0787 0552  ============================================================
15:24:25.0803 0536  Detected object count: 5
15:24:25.0803 0536  Actual detected object count: 5

cosinus · 16.09.2012, 15:33

Log ist unvollständig, die untere Zusammenfassung fehlt

10.09.2012, 14:58	#18
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	MyStart By IncrediBar lässt sich nicht Löschen Es gibt schon wieder eine neue Version vom adwCleaner Bitte neu runterladen, die alte Version überschreiben und einen neuen Suchlauf bitte machen __________________ __________________

12.09.2012, 00:35	#20
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	MyStart By IncrediBar lässt sich nicht Löschen Hätte da mal zwei Fragen bevor es weiter geht 1.) Geht der normale Modus von Windows (wieder) uneingeschränkt? 2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden? __________________ Logfiles bitte immer in CODE-Tags posten

16.09.2012, 15:33	#28
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	MyStart By IncrediBar lässt sich nicht Löschen Log ist unvollständig, die untere Zusammenfassung fehlt __________________ Logfiles bitte immer in CODE-Tags posten

MyStart By IncrediBar lässt sich nicht Löschen

Log-Analyse und Auswertung: MyStart By IncrediBar lässt sich nicht Löschen