Keine Rückmeldung und Freeze

cosinus · 16.10.2012, 14:22

Ok, bevor wir den mediyes gezielt bekämpfen bitte mit ERUNT die Registry sichern:

Downloade und installiere bitte Erunt.
Bitte belasse die Einstellungen wie sie sind.

Starte Erunt und bestätige die "Willkommen" Box mit OK
Wähle bitte folgende Sicherungsoptionen
- Systemregistrierung
- Registrierung des aktuellen Benutzers
- Andere geöffnete Benutzerregistrierungen
Klicke OK und warte bis die Sicherung abgeschlossen ist.

Gibt mir Bescheid wenn das erledigt ist

Valentice94 · 16.10.2012, 16:11

Erledigt.

cosinus · 17.10.2012, 08:28

Beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

ATTFilter

:OTL
SRV - [2011.11.11 10:04:22 | 000,114,000 | ---- | M] (Joosoft.com GmbH) [Auto | Running] -- C:\Windows\SysWOW64\UpdSvc.dll -- (Update-Service)
[2011.11.11 10:04:05 | 000,208,208 | ---- | M] (Joosoft.com GmbH) -- C:\Windows\system32\install1.dll
[2011.11.11 10:04:22 | 000,114,000 | ---- | M] (Joosoft.com GmbH) -- C:\Windows\system32\UpdSvc.dll
[2011.11.11 10:04:05 | 000,208,208 | ---- | M] (Joosoft.com GmbH) -- C:\Windows\SysWOW64\install1.dll
[2011.11.11 10:04:22 | 000,114,000 | ---- | M] (Joosoft.com GmbH) -- C:\Windows\SysWOW64\UpdSvc.dll

:Reg
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
"Update-Service-Installer-Service"=-
"Update-Service"=-

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
"Update-Service-Installer-Service"=-
"Update-Service"=-

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
  00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
  64,00,6e,00,73,00,72,00,73,00,6c,00,76,00,72,00,2e,00,64,00,6c,00,6c,00,00,\
  00
"ServiceDllUnloadOnStop"=dword:00000001
"extension"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
  74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,\
  00,6e,00,73,00,65,00,78,00,74,00,2e,00,64,00,6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Parameters\DnsCache]
"ShutdownOnIdle"=dword:00000000

:Commands
[emptytemp]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Anschließend brauch ich den Quarantäneordner von OTL. Bitte folgendes nach dem OTL-Fix und anschließendem Windows-Neustart machen

1.) GANZ WICHTIG!! Virenscanner deaktivieren, der darf das Packen nicht beeinflussen!
2.) Ordner MovedFiles in C:\_OTL in eine Datei zippen
3.) Die erstellte ZIP-Datei hier hochladen => http://www.trojaner-board.de/54791-a...ner-board.html

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten!

4.) Wenns erfolgreich war Bescheid sagen
5.) Erst dann wieder den Virenscanner einschalten

Valentice94 · 19.10.2012, 13:26

Vorgang erfolgreich abgeschlossen.

cosinus · 19.10.2012, 14:33

Wieso lädst du die Logs hoch? Die Logs solltest du hier posten - hochgeladen werden sollte die ZIP-Datei mit der OTL-Q!

Valentice94 · 19.10.2012, 16:08

ich weiß nicht wie man dateien zu einer zip datei macht ._.

cosinus · 19.10.2012, 16:44

Und es wäre ja auch zu abwegig da mal nach zu googlen

Rechtsklick auf den Ordner MovedFiles, senden an => ZIP komprimierter Ordner

Valentice94 · 19.10.2012, 18:02

So jetz aber

is hochgeladen

cosinus · 21.10.2012, 11:00

LSP-Fix

Bitte downloade dir LSPFix

Speichere die Datei auf dem Desktop.
Starte die LSPFix.exe.
Markiere die Box "I know what I'm doing"
In der Keep Box solltest eine oder mehrere dieser d3dywzbtg.dll Dateien finden.
Wähle jede einzelne vorhandene d3dywzbtg.dll und verschiebe diese in die Remove Box indem du den >> Button drückst.
Wenn alle Dateien verschoben wurden klicke Finish>>.

Valentice94 · 23.10.2012, 15:02

Okay hab ich. Achja da war nur eine d3dywzbtg.dll datei.

cosinus · 23.10.2012, 15:46

Mach bitte einen (neuen) CustomScan mit OTL - das Log davon nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code:

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf .
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Valentice94 · 02.11.2012, 14:23

Hier ist das Ergebnis.

Code:

ATTFilter

OTL logfile created on: 02.11.2012 14:06:32 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\DragoTheOwner\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,75 Gb Total Physical Memory | 2,70 Gb Available Physical Memory | 71,98% Memory free
7,50 Gb Paging File | 6,21 Gb Available in Paging File | 82,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 319,09 Gb Free Space | 68,52% Space Free | Partition Type: NTFS
Drive E: | 7,41 Gb Total Space | 6,82 Gb Free Space | 92,11% Space Free | Partition Type: FAT32
 
Computer Name: NOEL | User Name: DragoTheOwner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.30 13:16:27 | 009,128,944 | ---- | M] (TeamSpeak Systems GmbH) -- C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
PRC - [2012.10.13 17:03:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DragoTheOwner\Desktop\OTL.exe
PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.18 17:04:33 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.07.18 17:04:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.07.18 17:04:22 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.06.28 16:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.06.24 14:30:58 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.05.26 11:04:52 | 000,913,792 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
PRC - [2005.07.22 08:22:22 | 000,126,976 | ---- | M] (T-Com Bereich Endgeräte) -- C:\Program Files (x86)\OnlineControl\ocontrol.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.10.23 13:26:48 | 000,426,480 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
MOD - [2012.10.23 13:26:48 | 000,414,720 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\sqldrivers\qsqlite4.dll
MOD - [2012.10.23 13:26:48 | 000,236,016 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
MOD - [2012.10.23 13:26:48 | 000,230,384 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
MOD - [2012.10.23 13:26:48 | 000,184,320 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\QtSql4.dll
MOD - [2012.10.23 13:26:48 | 000,159,216 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\plugins\appscanner_plugin.dll
MOD - [2012.07.16 08:20:16 | 002,210,816 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\QtCore4.dll
MOD - [2012.07.16 08:20:16 | 000,814,080 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\QtNetwork4.dll
MOD - [2012.07.16 08:20:16 | 000,195,584 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qjpeg4.dll
MOD - [2012.07.16 08:20:16 | 000,025,600 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qgif4.dll
MOD - [2012.07.16 08:20:14 | 007,859,200 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\QtGui4.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012.05.29 12:09:50 | 000,035,680 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (Update-Service-Installer-Service)
SRV - [2012.10.29 03:37:17 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.10.26 09:17:46 | 004,539,200 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_b5e8a4c.dll -- (Akamai)
SRV - [2012.10.09 02:51:21 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.08.13 12:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.18 17:04:33 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.07.18 17:04:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.07.17 14:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2012.07.14 01:13:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.29 04:37:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.06.28 16:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.06.24 14:30:58 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.06.07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.29 12:09:52 | 002,143,072 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.05.29 12:09:50 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2012.05.26 11:04:52 | 000,913,792 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
SRV - [2012.03.19 12:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.11.12 18:08:00 | 003,403,420 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.02.15 12:08:56 | 000,675,840 | ---- | M] (RapidSolution Software AG) [Disabled | Stopped] -- C:\Program Files (x86)\RapidSolution\Scramby\ScrambyServer.exe -- (ScrambyServer)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.07.28 01:15:28 | 000,057,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.07.18 17:04:42 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.07.18 17:04:42 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.07.18 17:04:41 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.07.09 12:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.05.21 14:10:51 | 000,188,776 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 11:49:51 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2010.09.26 19:32:34 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2010.08.12 12:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2010.07.01 13:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2010.02.14 16:06:19 | 000,575,488 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009.08.13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.04.29 15:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008.11.11 12:42:00 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2008.11.11 12:42:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2008.11.11 12:42:00 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2007.08.08 07:31:16 | 000,034,336 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\scramby_out.sys -- (scramby_out)
DRV:64bit: - [2006.12.05 10:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PFC027.SYS -- (PAC207)
DRV - [2011.12.12 18:31:38 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2010.11.01 05:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.01.02 04:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\zbani: "URL" = hxxp://home.zbani.com/en/get/{searchTerms}
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ncr
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 FF EA 61 0C 1E CD 01  [binary data]
IE - HKU\.DEFAULT\..\URLSearchHook:  - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\..\SearchScopes\{1A3725CF-16C8-4636-87A5-9F01EF82484A}: "URL" = hxxp://www.questbrowse.com/?prt=QUESTBROWSE199&keywords={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ncr
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 FF EA 61 0C 1E CD 01  [binary data]
IE - HKU\S-1-5-18\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\..\SearchScopes\{1A3725CF-16C8-4636-87A5-9F01EF82484A}: "URL" = hxxp://www.questbrowse.com/?prt=QUESTBROWSE199&keywords={searchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ncr
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{5E4D3DCE-F4DD-433C-A690-3EF511A532F2}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{9ECAE799-1810-47F9-AA0D-74B6C39860CF}: "URL" = hxxp://www.ricardo.ch/search/search.asp?txtSearch={searchTerms}&Catg=1&InTitleAndDesc=1
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{EE232B47-5DB3-4AA9-87BD-51DD6FA63286}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=685749&p={searchTerms}
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\zbani: "URL" = hxxp://home.zbani.com/en/get/{searchTerms}
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
 
========== FireFox ==========
 
FF - prefs.js..CT2269050.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=685749"
FF - prefs.js..browser.search.selectedEngine: "DVDVideoSoftTB Customized Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=13"
FF - prefs.js..extensions.enabledAddons: iobit@mybrowserbar.com:6.3
FF - prefs.js..extensions.enabledAddons: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:10.13.1.89
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q="
 
FF - user.js..browser.search.defaultenginename: "Google"
FF - user.js..browser.search.selectedEngine: "Google"
FF - user.js..browser.startup.homepage: "hxxp://www.google.de/ncr"
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files (x86)\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\DragoTheOwner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\DragoTheOwner\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\DragoTheOwner\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\DragoTheOwner\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll (Facebook, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.22 03:57:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.01 11:37:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\DragoTheOwner\AppData\Roaming\IDM\idmmzcc3
 
[2012.07.22 03:58:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\Extensions
[2012.10.21 21:45:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\Firefox\Profiles\onztcf3b.default\extensions
[2012.10.21 18:49:22 | 000,000,000 | ---D | M] (DVDVideoSoftTB) -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\Firefox\Profiles\onztcf3b.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2012.09.17 18:22:53 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\Firefox\Profiles\onztcf3b.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.09.18 16:44:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\Firefox\Profiles\zoujmba7.default\extensions
[2011.07.17 19:51:18 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\Firefox\Profiles\zoujmba7.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.05.09 16:13:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\Firefox\Profiles\zoujmba7.default\extensions\ffxtlbr@babylon.com
[2012.08.07 17:04:54 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\firefox\profiles\onztcf3b.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.10.21 21:45:28 | 000,001,028 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\firefox\profiles\onztcf3b.default\searchplugins\dvdvideosofttb-customized-web-search.xml
[2012.10.25 19:20:42 | 000,003,576 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\firefox\profiles\onztcf3b.default\searchplugins\Google.xml
[2012.10.12 17:11:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.08.24 21:46:49 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.10.09 14:12:08 | 000,000,000 | ---D | M] (IObit Toolbar) -- C:\PROGRAM FILES (X86)\IOBIT TOOLBAR\FF
[2012.07.14 01:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.14 01:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.14 01:45:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.14 01:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 01:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.14 01:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 01:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=48
CHR - default_search_provider: Conduit (Enabled)
CHR - default_search_provider: search_url = hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2269050
CHR - default_search_provider: suggest_url = 
CHR - homepage: hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=48
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Free Studio (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0\np_dvs_plugin.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo\10.13.1.89_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo\10.13.1.89_0\plugins/np-cwmp.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files (x86)\DNA\plugins\npbtdna.dll
CHR - plugin: DivX OVS Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
 
O1 HOSTS File: ([2012.10.15 15:16:11 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No CLSID value found.
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000..\Run: [Advanced SystemCare 5] C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000..\Run: [Facebook Update] C:\Users\DragoTheOwner\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\DragoTheOwner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Users\DragoTheOwner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\DragoTheOwner\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe (Facebook)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {AEA3991E-3109-4C98-989E-33994FEB1A91} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri64_4.4.26.0.cab (SysInfo Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47dda526-fe72-4f24-ae70-b0681e2df27d}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{d4d61c81-c984-11df-9f7c-00306727c0a0}\Shell - "" = AutoRun
O33 - MountPoints2\{d4d61c81-c984-11df-9f7c-00306727c0a0}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{d4d61c9b-c984-11df-9f7c-00306727c0a0}\Shell - "" = AutoRun
O33 - MountPoints2\{d4d61c9b-c984-11df-9f7c-00306727c0a0}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
 
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk -  - File not found
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk -  - File not found
MsConfig:64bit - StartUpReg: BabylonToolbar - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: Free Download Manager - hkey= - key= - C:\Program Files (x86)\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
MsConfig:64bit - StartUpReg: HBLiteSA - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: Pando Media Booster - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - StartUpReg: Windows Game Service - hkey= - key= -  File not found
MsConfig:64bit - State: "bootini" - Reg Error: Key error.
MsConfig:64bit - State: "startup" - Reg Error: Key error.
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.bdmpeg - bdmpega64.acm ()
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: vidc.mjpg - bdmjpeg64.dll ()
Drivers32:64bit: vidc.mpeg - bdmpegv64.dll ()
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.bdmpeg - C:\Windows\SysWow64\bdmpega.acm ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\Windows\SysWow64\lhacm.acm (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.mjpg - C:\Windows\SysWow64\bdmjpeg.dll ()
Drivers32: vidc.mpeg - C:\Windows\SysWow64\bdmpegv.dll ()
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.23 15:01:31 | 000,186,880 | ---- | C] (CEXX.ORG) -- C:\Users\DragoTheOwner\Desktop\LSPFix (1).exe
[2012.10.22 23:30:43 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Documents\Vindictus EU
[2012.10.22 23:30:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
[2012.10.22 23:30:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BandiMPEG1
[2012.10.22 23:27:00 | 000,000,000 | ---D | C] -- C:\Nexon
[2012.10.22 13:44:11 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Desktop\Neuer Ordner
[2012.10.21 18:49:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012.10.21 18:49:09 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Local\Conduit
[2012.10.21 18:49:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoftTB
[2012.10.19 13:25:29 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Desktop\logs
[2012.10.17 10:51:56 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
[2012.10.17 10:37:00 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Local\Facebook
[2012.10.16 16:09:48 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012.10.16 15:47:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2012.10.16 15:47:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2012.10.16 00:06:39 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Desktop\Pickup Bot
[2012.10.16 00:06:29 | 004,094,578 | ---- | C] (Igor Pavlov) -- C:\Users\DragoTheOwner\Desktop\Tools by Unpublished.exe
[2012.10.14 17:36:11 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Desktop\Switchbot
[2012.10.13 20:41:42 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.10.13 17:03:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\DragoTheOwner\Desktop\OTL.exe
[2012.10.12 21:59:07 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Desktop\Shizuka3-Client-2012-v3
[2012.10.10 17:29:00 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Local\CRE
[2012.10.09 14:21:06 | 000,024,960 | ---- | C] (IObit) -- C:\Windows\SysNative\RegistryDefragBootTime.exe
[2012.10.09 14:10:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit Toolbar
[2012.10.09 14:10:14 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Roaming\IObit
[2012.10.09 14:10:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 5
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.02 13:51:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.02 13:13:00 | 000,001,152 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000UA.job
[2012.11.02 11:56:43 | 000,000,960 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000UA.job
[2012.11.02 11:56:42 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core.job
[2012.11.02 09:15:28 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.02 09:15:28 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.02 09:12:09 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.02 09:12:09 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.02 09:12:09 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.02 09:12:09 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.02 09:12:09 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.02 09:08:27 | 000,000,374 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2012.11.02 09:08:26 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012.11.02 09:07:59 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cd6094d21edffc.job
[2012.11.02 09:07:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.01 15:13:01 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core.job
[2012.10.31 05:27:48 | 000,812,494 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\sephiroth-347-final-fantasy-jeux-video.jpg
[2012.10.31 05:26:38 | 000,335,515 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Sephiroth-Wing.png
[2012.10.31 05:25:08 | 000,020,780 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\004_sephiroth.jpg
[2012.10.30 21:31:39 | 005,464,881 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Black Eyed Peas - Where is the Love.mp3
[2012.10.30 21:25:39 | 008,411,538 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Scouting for Girls -  This Aint A Love Song.mp3
[2012.10.30 17:55:24 | 000,053,019 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\haschtueberhauptgelernt.jpg
[2012.10.30 17:40:02 | 000,156,354 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\omg.png
[2012.10.28 17:26:56 | 002,481,700 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Take_0003.mov
[2012.10.26 19:04:46 | 000,029,644 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\5689029_700b_v2.jpg
[2012.10.24 18:05:43 | 000,029,247 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\5664706_700b.jpg
[2012.10.24 14:00:55 | 000,000,183 | ---- | M] () -- C:\Users\Public\Desktop\Vindictus EU.url
[2012.10.23 15:01:28 | 000,186,880 | ---- | M] (CEXX.ORG) -- C:\Users\DragoTheOwner\Desktop\LSPFix (1).exe
[2012.10.22 23:30:42 | 000,001,747 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Launch Vindictus.lnk
[2012.10.21 18:49:44 | 000,000,009 | ---- | M] () -- C:\END
[2012.10.20 01:30:12 | 000,049,169 | -HS- | M] () -- C:\Users\DragoTheOwner\Desktop\Folder.jpg
[2012.10.20 01:30:12 | 000,009,774 | -HS- | M] () -- C:\Users\DragoTheOwner\Desktop\AlbumArtSmall.jpg
[2012.10.19 18:00:43 | 000,533,757 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\MovedFiles.zip
[2012.10.19 13:20:35 | 000,024,148 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Die Logs.rar
[2012.10.17 10:52:03 | 000,001,324 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
[2012.10.16 15:47:47 | 000,001,108 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012.10.16 15:47:42 | 000,000,909 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\ERUNT.lnk
[2012.10.16 00:05:43 | 004,094,578 | ---- | M] (Igor Pavlov) -- C:\Users\DragoTheOwner\Desktop\Tools by Unpublished.exe
[2012.10.15 15:16:11 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012.10.15 09:03:07 | 000,375,576 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.10.14 14:02:59 | 000,002,117 | ---- | M] () -- C:\Users\DragoTheOwner\.recently-used.xbel
[2012.10.14 13:57:01 | 000,204,828 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Blood-Lord-Vladimir-Skin.jpg
[2012.10.13 17:03:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DragoTheOwner\Desktop\OTL.exe
[2012.10.12 22:00:14 | 000,000,707 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\ClientStarter - Verknüpfung.lnk
[2012.10.12 15:05:43 | 000,284,749 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\5580371_700b_v1.jpg
[2012.10.12 14:52:22 | 000,538,327 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\adwcleaner.exe
[2012.10.11 00:18:36 | 000,002,523 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Google Chrome.lnk
[2012.10.09 14:10:14 | 000,001,225 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk
[2012.10.08 10:35:33 | 000,009,216 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.10.07 17:43:08 | 000,000,220 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Killing Floor.url
 
========== Files Created - No Company Name ==========
 
[2012.10.31 05:27:48 | 000,812,494 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\sephiroth-347-final-fantasy-jeux-video.jpg
[2012.10.31 05:26:38 | 000,335,515 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Sephiroth-Wing.png
[2012.10.31 05:25:07 | 000,020,780 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\004_sephiroth.jpg
[2012.10.30 21:32:04 | 005,464,881 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Black Eyed Peas - Where is the Love.mp3
[2012.10.30 21:25:53 | 008,411,538 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Scouting for Girls -  This Aint A Love Song.mp3
[2012.10.30 17:55:24 | 000,053,019 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\haschtueberhauptgelernt.jpg
[2012.10.30 17:40:01 | 000,156,354 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\omg.png
[2012.10.28 17:22:57 | 002,481,700 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Take_0003.mov
[2012.10.26 19:04:44 | 000,029,644 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\5689029_700b_v2.jpg
[2012.10.24 18:05:42 | 000,029,247 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\5664706_700b.jpg
[2012.10.24 14:00:55 | 000,000,183 | ---- | C] () -- C:\Users\Public\Desktop\Vindictus EU.url
[2012.10.22 23:30:42 | 000,001,747 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Launch Vindictus.lnk
[2012.10.19 18:00:43 | 000,533,757 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\MovedFiles.zip
[2012.10.19 13:20:35 | 000,024,148 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Die Logs.rar
[2012.10.17 10:51:56 | 000,001,324 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
[2012.10.17 10:37:11 | 000,000,960 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000UA.job
[2012.10.17 10:37:08 | 000,000,938 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core.job
[2012.10.16 15:47:47 | 000,001,108 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012.10.16 15:47:42 | 000,000,909 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\ERUNT.lnk
[2012.10.14 14:02:59 | 000,002,117 | ---- | C] () -- C:\Users\DragoTheOwner\.recently-used.xbel
[2012.10.14 13:57:00 | 000,204,828 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Blood-Lord-Vladimir-Skin.jpg
[2012.10.12 22:00:14 | 000,000,707 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\ClientStarter - Verknüpfung.lnk
[2012.10.12 15:05:41 | 000,284,749 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\5580371_700b_v1.jpg
[2012.10.12 14:52:20 | 000,538,327 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\adwcleaner.exe
[2012.10.10 17:29:07 | 000,000,009 | ---- | C] () -- C:\END
[2012.10.09 14:10:14 | 000,001,225 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk
[2012.10.07 17:43:08 | 000,000,220 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Killing Floor.url
[2012.07.27 13:11:05 | 000,003,551 | ---- | C] () -- C:\Windows\wininit.ini
[2012.07.22 23:33:25 | 000,009,216 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.28 16:44:42 | 000,428,904 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.05.01 20:50:14 | 922,460,208 | ---- | C] () -- C:\Users\DragoTheOwner\War_Rock_10182011_G1_Xfire.exe
[2012.03.21 17:54:48 | 000,000,000 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Local\{30DEB4EF-7BA3-4C31-B2F1-2D0414B6C43D}
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.25 00:58:18 | 000,282,472 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.09.25 00:58:10 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.05.31 07:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2011.05.31 07:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2011.05.24 17:06:10 | 000,150,184 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011.04.18 22:30:47 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.03.10 15:58:44 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.11.22 11:00:06 | 004,269,056 | ---- | C] () -- C:\Windows\SysWow64\system.dll
[2010.11.16 14:33:06 | 000,021,220 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Roaming\UserTile.png
[2010.03.01 19:09:42 | 000,007,606 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Local\Resmon.ResmonCfg
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.09.10 02:54:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\.minecraft
[2011.12.17 10:40:57 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Auslogics
[2011.05.22 10:51:28 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\avidemux
[2010.01.27 20:21:46 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Degener
[2011.02.10 03:21:33 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DMCache
[2012.06.15 11:26:19 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Downloaded Installations
[2012.07.06 16:11:52 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DragonicaECB
[2012.10.10 17:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoft
[2012.09.17 18:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.01.27 20:21:56 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Ebner
[2012.05.17 06:47:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Epson
[2012.06.15 11:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FileOpen
[2011.05.18 18:28:59 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FOG Downloader
[2012.10.09 14:21:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Free Download Manager
[2010.06.10 18:40:43 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\GetRightToGo
[2012.10.14 14:02:59 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\gtk-2.0
[2011.06.18 16:05:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Hi-Rez Studios
[2011.11.03 10:28:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\ICQ
[2011.01.14 23:21:26 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IDM
[2012.10.09 14:10:14 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IObit
[2010.07.15 08:44:06 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LG Electronics
[2010.08.24 13:01:25 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient
[2012.05.24 15:02:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient2
[2010.10.11 21:42:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\MAGIX
[2011.10.30 20:30:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\mp3DirectCut
[2011.04.03 00:20:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Need for Speed World
[2012.06.15 11:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Nitro PDF
[2011.07.10 20:48:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Notepad++
[2012.06.15 11:50:09 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\OpenOffice.org
[2010.06.27 20:43:41 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\PhotoScape
[2012.07.03 19:23:35 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\runic games
[2011.10.08 09:17:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Screaming Bee
[2011.05.14 18:00:34 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\SFBot
[2012.07.20 01:20:12 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-updater
[2012.06.28 19:38:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-zsync
[2010.12.18 20:34:04 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Soldat
[2012.08.07 17:29:10 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TeamViewer
[2011.05.10 19:18:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Teeworlds
[2012.11.02 14:06:42 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TS3Client
[2012.04.20 22:31:08 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TuneUp Software
[2012.09.18 16:36:54 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Uniblue
[2011.10.15 18:16:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.09.10 02:54:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\.minecraft
[2012.06.15 09:44:14 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Adobe
[2012.09.23 16:45:20 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Apple Computer
[2010.10.08 20:44:04 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\ArcSoft
[2011.12.17 10:40:57 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Auslogics
[2011.05.22 10:51:28 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\avidemux
[2012.07.27 14:44:58 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Avira
[2011.01.07 23:17:15 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\AVS4YOU
[2010.01.27 20:21:46 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Degener
[2011.01.08 16:15:16 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DivX
[2011.02.10 03:21:33 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DMCache
[2012.06.15 11:26:19 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Downloaded Installations
[2012.07.06 16:11:52 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DragonicaECB
[2012.10.10 17:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoft
[2012.09.17 18:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.01.27 20:21:56 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Ebner
[2012.05.17 06:47:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Epson
[2012.06.15 11:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FileOpen
[2011.05.18 18:28:59 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FOG Downloader
[2012.10.09 14:21:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Free Download Manager
[2010.06.10 18:40:43 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\GetRightToGo
[2012.10.14 14:02:59 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\gtk-2.0
[2010.09.18 15:21:36 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Hamachi
[2011.06.18 16:05:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Hi-Rez Studios
[2011.11.03 10:28:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\ICQ
[2010.01.27 15:55:55 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Identities
[2011.01.14 23:21:26 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IDM
[2010.02.14 16:06:21 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\InstallShield
[2012.10.09 14:10:14 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IObit
[2010.07.15 08:44:06 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LG Electronics
[2010.08.24 13:01:25 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient
[2012.05.24 15:02:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient2
[2010.01.27 19:28:38 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Macromedia
[2010.10.11 21:42:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\MAGIX
[2012.09.18 16:54:25 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Malwarebytes
[2009.07.14 19:18:18 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Media Center Programs
[2012.10.17 10:51:56 | 000,000,000 | --SD | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Microsoft
[2012.07.22 03:58:26 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Mozilla
[2011.10.30 20:30:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\mp3DirectCut
[2011.04.03 00:20:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Need for Speed World
[2012.06.15 11:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Nitro PDF
[2011.07.10 20:48:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Notepad++
[2012.04.22 14:31:58 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\NVIDIA
[2012.06.15 11:50:09 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\OpenOffice.org
[2010.06.27 20:43:41 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\PhotoScape
[2012.07.03 19:23:35 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\runic games
[2011.10.08 09:17:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Screaming Bee
[2011.05.14 18:00:34 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\SFBot
[2012.07.20 01:20:12 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-updater
[2012.06.28 19:38:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-zsync
[2012.11.02 14:06:06 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Skype
[2011.07.23 23:03:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\skypePM
[2010.12.18 20:34:04 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Soldat
[2010.08.10 12:36:36 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\teamspeak2
[2012.08.07 17:29:10 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TeamViewer
[2011.05.10 19:18:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Teeworlds
[2012.11.02 14:06:42 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TS3Client
[2012.04.20 22:31:08 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TuneUp Software
[2012.09.18 16:36:54 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Uniblue
[2011.10.15 18:16:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Windows Live Writer
[2010.01.27 16:09:32 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2011.01.29 16:45:25 | 079,043,646 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe7
[2011.01.29 16:45:25 | 087,148,709 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe5
[2011.01.29 16:45:25 | 074,667,317 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe6
[2011.01.29 16:45:25 | 079,551,845 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe4
[2011.01.29 16:45:25 | 068,507,997 | ---- | M] (Igor Pavlov) -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe
[2011.01.29 16:45:25 | 064,054,648 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe1
[2011.01.29 16:45:25 | 075,811,492 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe2
[2011.01.29 16:45:25 | 074,545,348 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe3
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2012.09.07 16:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
<           >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.06.28 20:36:59 | 000,001,124 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2011.10.15 11:41:45 | 000,000,198 | ---- | C] () -- C:\Windows\Tasks\{CD7D28A7-F48B-41CE-B478-5A4BFF4BF3EB}.job
[2012.03.27 16:33:15 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core1cd0c2eed37e280.job
[2012.04.24 12:09:42 | 000,000,240 | ---- | C] () -- C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012.job
[2012.05.23 17:15:41 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.06.09 15:06:09 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core.job
[2012.07.13 02:14:16 | 000,001,106 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cd6094d21edffc.job
[2012.07.26 16:34:42 | 000,001,152 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000UA.job
[2012.10.17 10:37:08 | 000,000,938 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core.job
[2012.10.17 10:37:11 | 000,000,960 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000UA.job
 
========== Files - Unicode (All) ==========
[2012.10.29 20:35:35 | 074,685,268 | ---- | M] ()(C:\Users\DragoTheOwner\Desktop\vBestamvsofalltime ? Magic Eye AMV.mp4) -- C:\Users\DragoTheOwner\Desktop\√Bestamvsofalltime ▪ Magic Eye AMV.mp4
[2012.10.29 20:34:59 | 074,685,268 | ---- | C] ()(C:\Users\DragoTheOwner\Desktop\vBestamvsofalltime ? Magic Eye AMV.mp4) -- C:\Users\DragoTheOwner\Desktop\√Bestamvsofalltime ▪ Magic Eye AMV.mp4
[2012.10.29 20:34:57 | 060,899,413 | ---- | M] ()(C:\Users\DragoTheOwner\Desktop\vBestamvsofalltime ? Our Tapes AMV.mp4) -- C:\Users\DragoTheOwner\Desktop\√Bestamvsofalltime ▪ Our Tapes AMV.mp4
[2012.10.29 20:33:05 | 060,899,413 | ---- | C] ()(C:\Users\DragoTheOwner\Desktop\vBestamvsofalltime ? Our Tapes AMV.mp4) -- C:\Users\DragoTheOwner\Desktop\√Bestamvsofalltime ▪ Our Tapes AMV.mp4

< End of report >

Es tut mir leid das ich solange gebraucht habe. Ich hatte in letzter Zeit ne menge zu tun.

Valentice94 · 02.11.2012, 14:24

ups!

Doppelgemoppelt

cosinus · 03.11.2012, 16:26

Gut, mediyes dürfte erlegt sein

1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!

Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

Valentice94 · 04.11.2012, 18:44

TDSSKiller Report:

Code:

ATTFilter

18:41:59.0754 1360  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:41:59.0877 1360  ============================================================
18:41:59.0877 1360  Current date / time: 2012/11/04 18:41:59.0877
18:41:59.0877 1360  SystemInfo:
18:41:59.0877 1360  
18:41:59.0877 1360  OS Version: 6.1.7601 ServicePack: 1.0
18:41:59.0877 1360  Product type: Workstation
18:41:59.0877 1360  ComputerName: NOEL
18:41:59.0879 1360  UserName: DragoTheOwner
18:41:59.0879 1360  Windows directory: C:\Windows
18:41:59.0879 1360  System windows directory: C:\Windows
18:41:59.0879 1360  Running under WOW64
18:41:59.0879 1360  Processor architecture: Intel x64
18:41:59.0879 1360  Number of processors: 2
18:41:59.0879 1360  Page size: 0x1000
18:41:59.0879 1360  Boot type: Normal boot
18:41:59.0879 1360  ============================================================
18:42:00.0885 1360  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:42:00.0891 1360  ============================================================
18:42:00.0891 1360  \Device\Harddisk0\DR0:
18:42:00.0891 1360  MBR partitions:
18:42:00.0891 1360  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:42:00.0891 1360  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
18:42:00.0891 1360  ============================================================
18:42:00.0919 1360  C: <-> \Device\Harddisk0\DR0\Partition2
18:42:00.0919 1360  ============================================================
18:42:00.0919 1360  Initialize success
18:42:00.0920 1360  ============================================================
18:42:25.0966 4968  ============================================================
18:42:25.0966 4968  Scan started
18:42:25.0966 4968  Mode: Manual; SigCheck; TDLFS; 
18:42:25.0966 4968  ============================================================
18:42:26.0582 4968  ================ Scan system memory ========================
18:42:26.0582 4968  System memory - ok
18:42:26.0583 4968  ================ Scan services =============================
18:42:26.0702 4968  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:42:26.0791 4968  1394ohci - ok
18:42:26.0817 4968  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:42:26.0832 4968  ACPI - ok
18:42:26.0844 4968  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:42:26.0907 4968  AcpiPmi - ok
18:42:26.0977 4968  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:42:26.0986 4968  AdobeARMservice - ok
18:42:27.0081 4968  [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:42:27.0091 4968  AdobeFlashPlayerUpdateSvc - ok
18:42:27.0126 4968  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:42:27.0144 4968  adp94xx - ok
18:42:27.0161 4968  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:42:27.0176 4968  adpahci - ok
18:42:27.0189 4968  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:42:27.0201 4968  adpu320 - ok
18:42:27.0280 4968  [ 96D6CDD0B32846E8CFBE592F4F32E608 ] AdvancedSystemCareService5 C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
18:42:27.0316 4968  AdvancedSystemCareService5 - ok
18:42:27.0357 4968  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:42:27.0501 4968  AeLookupSvc - ok
18:42:27.0554 4968  [ 0D0E5281784C2C526BA43C2ECD374288 ] Afc             C:\Windows\syswow64\drivers\Afc.sys
18:42:27.0566 4968  Afc - ok
18:42:27.0600 4968  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
18:42:27.0647 4968  AFD - ok
18:42:27.0683 4968  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:42:27.0694 4968  agp440 - ok
18:42:27.0816 4968  [ E1B1F152C4E82C85E846D25C9E6E6CC8 ] Akamai          c:\program files (x86)\common files\akamai/netsession_win_b5e8a4c.dll
18:42:27.0817 4968  Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_b5e8a4c.dll. md5: E1B1F152C4E82C85E846D25C9E6E6CC8
18:42:27.0826 4968  Akamai ( HiddenFile.Multi.Generic ) - warning
18:42:27.0826 4968  Akamai - detected HiddenFile.Multi.Generic (1)
18:42:27.0837 4968  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
18:42:27.0892 4968  ALG - ok
18:42:27.0910 4968  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:42:27.0919 4968  aliide - ok
18:42:27.0933 4968  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
18:42:27.0943 4968  amdide - ok
18:42:27.0972 4968  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:42:28.0012 4968  AmdK8 - ok
18:42:28.0017 4968  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:42:28.0028 4968  AmdPPM - ok
18:42:28.0067 4968  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:42:28.0078 4968  amdsata - ok
18:42:28.0093 4968  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:42:28.0106 4968  amdsbs - ok
18:42:28.0123 4968  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:42:28.0133 4968  amdxata - ok
18:42:28.0168 4968  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:42:28.0177 4968  AntiVirSchedulerService - ok
18:42:28.0203 4968  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:42:28.0212 4968  AntiVirService - ok
18:42:28.0250 4968  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
18:42:28.0356 4968  AppID - ok
18:42:28.0391 4968  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:42:28.0430 4968  AppIDSvc - ok
18:42:28.0459 4968  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
18:42:28.0508 4968  Appinfo - ok
18:42:28.0563 4968  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:42:28.0572 4968  Apple Mobile Device - ok
18:42:28.0590 4968  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:42:28.0602 4968  arc - ok
18:42:28.0615 4968  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:42:28.0626 4968  arcsas - ok
18:42:28.0717 4968  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:42:28.0727 4968  aspnet_state - ok
18:42:28.0752 4968  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:42:28.0794 4968  AsyncMac - ok
18:42:28.0820 4968  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
18:42:28.0829 4968  atapi - ok
18:42:28.0860 4968  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:42:28.0920 4968  AudioEndpointBuilder - ok
18:42:28.0930 4968  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:42:28.0964 4968  AudioSrv - ok
18:42:28.0984 4968  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
18:42:28.0995 4968  avgntflt - ok
18:42:29.0014 4968  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
18:42:29.0025 4968  avipbb - ok
18:42:29.0030 4968  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
18:42:29.0040 4968  avkmgr - ok
18:42:29.0074 4968  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:42:29.0140 4968  AxInstSV - ok
18:42:29.0179 4968  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
18:42:29.0226 4968  b06bdrv - ok
18:42:29.0261 4968  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:42:29.0301 4968  b57nd60a - ok
18:42:29.0331 4968  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:42:29.0359 4968  BDESVC - ok
18:42:29.0366 4968  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:42:29.0416 4968  Beep - ok
18:42:29.0459 4968  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
18:42:29.0496 4968  BFE - ok
18:42:29.0536 4968  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
18:42:29.0590 4968  BITS - ok
18:42:29.0612 4968  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:42:29.0637 4968  blbdrive - ok
18:42:29.0701 4968  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:42:29.0715 4968  Bonjour Service - ok
18:42:29.0750 4968  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:42:29.0774 4968  bowser - ok
18:42:29.0791 4968  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:42:29.0804 4968  BrFiltLo - ok
18:42:29.0819 4968  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:42:29.0831 4968  BrFiltUp - ok
18:42:29.0869 4968  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
18:42:29.0890 4968  Browser - ok
18:42:29.0918 4968  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:42:29.0966 4968  Brserid - ok
18:42:29.0992 4968  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:42:30.0021 4968  BrSerWdm - ok
18:42:30.0058 4968  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:42:30.0083 4968  BrUsbMdm - ok
18:42:30.0099 4968  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:42:30.0109 4968  BrUsbSer - ok
18:42:30.0119 4968  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:42:30.0143 4968  BTHMODEM - ok
18:42:30.0182 4968  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
18:42:30.0228 4968  bthserv - ok
18:42:30.0255 4968  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:42:30.0285 4968  cdfs - ok
18:42:30.0318 4968  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
18:42:30.0351 4968  cdrom - ok
18:42:30.0379 4968  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
18:42:30.0426 4968  CertPropSvc - ok
18:42:30.0455 4968  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:42:30.0482 4968  circlass - ok
18:42:30.0520 4968  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
18:42:30.0535 4968  CLFS - ok
18:42:30.0583 4968  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:42:30.0593 4968  clr_optimization_v2.0.50727_32 - ok
18:42:30.0636 4968  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:42:30.0673 4968  clr_optimization_v2.0.50727_64 - ok
18:42:30.0786 4968  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:42:30.0812 4968  clr_optimization_v4.0.30319_32 - ok
18:42:30.0824 4968  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:42:30.0834 4968  clr_optimization_v4.0.30319_64 - ok
18:42:30.0853 4968  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:42:30.0863 4968  CmBatt - ok
18:42:30.0881 4968  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:42:30.0891 4968  cmdide - ok
18:42:30.0920 4968  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
18:42:30.0972 4968  CNG - ok
18:42:30.0991 4968  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:42:31.0000 4968  Compbatt - ok
18:42:31.0019 4968  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:42:31.0042 4968  CompositeBus - ok
18:42:31.0047 4968  COMSysApp - ok
18:42:31.0073 4968  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:42:31.0082 4968  crcdisk - ok
18:42:31.0115 4968  [ 4F5414602E2544A4554D95517948B705 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:42:31.0143 4968  CryptSvc - ok
18:42:31.0185 4968  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:42:31.0234 4968  DcomLaunch - ok
18:42:31.0268 4968  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
18:42:31.0317 4968  defragsvc - ok
18:42:31.0343 4968  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:42:31.0395 4968  DfsC - ok
18:42:31.0429 4968  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:42:31.0480 4968  Dhcp - ok
18:42:31.0495 4968  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
18:42:31.0538 4968  discache - ok
18:42:31.0562 4968  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:42:31.0573 4968  Disk - ok
18:42:31.0615 4968  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:42:31.0636 4968  Dnscache - ok
18:42:31.0670 4968  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:42:31.0701 4968  dot3svc - ok
18:42:31.0737 4968  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
18:42:31.0779 4968  DPS - ok
18:42:31.0806 4968  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:42:31.0835 4968  drmkaud - ok
18:42:31.0838 4968  dump_wmimmc - ok
18:42:31.0884 4968  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:42:31.0910 4968  DXGKrnl - ok
18:42:31.0914 4968  EagleX64 - ok
18:42:31.0941 4968  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
18:42:31.0972 4968  EapHost - ok
18:42:32.0049 4968  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
18:42:32.0146 4968  ebdrv - ok
18:42:32.0180 4968  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
18:42:32.0233 4968  EFS - ok
18:42:32.0295 4968  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:42:32.0359 4968  ehRecvr - ok
18:42:32.0393 4968  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
18:42:32.0415 4968  ehSched - ok
18:42:32.0448 4968  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:42:32.0466 4968  elxstor - ok
18:42:32.0480 4968  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:42:32.0509 4968  ErrDev - ok
18:42:32.0548 4968  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
18:42:32.0603 4968  EventSystem - ok
18:42:32.0621 4968  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
18:42:32.0668 4968  exfat - ok
18:42:32.0694 4968  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:42:32.0738 4968  fastfat - ok
18:42:32.0778 4968  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
18:42:32.0835 4968  Fax - ok
18:42:32.0857 4968  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:42:32.0867 4968  fdc - ok
18:42:32.0889 4968  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
18:42:32.0936 4968  fdPHost - ok
18:42:32.0974 4968  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:42:33.0004 4968  FDResPub - ok
18:42:33.0009 4968  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:42:33.0020 4968  FileInfo - ok
18:42:33.0040 4968  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:42:33.0069 4968  Filetrace - ok
18:42:33.0085 4968  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:42:33.0095 4968  flpydisk - ok
18:42:33.0122 4968  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:42:33.0136 4968  FltMgr - ok
18:42:33.0177 4968  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
18:42:33.0211 4968  FontCache - ok
18:42:33.0260 4968  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:42:33.0269 4968  FontCache3.0.0.0 - ok
18:42:33.0289 4968  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:42:33.0299 4968  FsDepends - ok
18:42:33.0336 4968  [ C2E475625F2C6F7DCDE4E920523A0573 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
18:42:33.0349 4968  fssfltr - ok
18:42:33.0457 4968  [ 4E2E6FEDFE4A3445DBD0C623A242362D ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
18:42:33.0494 4968  fsssvc - ok
18:42:33.0522 4968  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:42:33.0531 4968  Fs_Rec - ok
18:42:33.0562 4968  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:42:33.0578 4968  fvevol - ok
18:42:33.0603 4968  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:42:33.0613 4968  gagp30kx - ok
18:42:33.0646 4968  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:42:33.0654 4968  GEARAspiWDM - ok
18:42:33.0694 4968  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
18:42:33.0750 4968  gpsvc - ok
18:42:33.0806 4968  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:42:33.0815 4968  gupdate - ok
18:42:33.0819 4968  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:42:33.0827 4968  gupdatem - ok
18:42:33.0855 4968  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
18:42:33.0864 4968  hamachi - ok
18:42:33.0875 4968  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:42:33.0914 4968  hcw85cir - ok
18:42:33.0936 4968  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:42:33.0970 4968  HdAudAddService - ok
18:42:34.0004 4968  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
18:42:34.0037 4968  HDAudBus - ok
18:42:34.0054 4968  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:42:34.0064 4968  HidBatt - ok
18:42:34.0087 4968  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:42:34.0100 4968  HidBth - ok
18:42:34.0118 4968  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:42:34.0143 4968  HidIr - ok
18:42:34.0169 4968  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
18:42:34.0199 4968  hidserv - ok
18:42:34.0217 4968  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:42:34.0227 4968  HidUsb - ok
18:42:34.0252 4968  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:42:34.0296 4968  hkmsvc - ok
18:42:34.0332 4968  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:42:34.0359 4968  HomeGroupListener - ok
18:42:34.0384 4968  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:42:34.0408 4968  HomeGroupProvider - ok
18:42:34.0424 4968  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:42:34.0435 4968  HpSAMD - ok
18:42:34.0485 4968  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:42:34.0540 4968  HTTP - ok
18:42:34.0598 4968  [ CDAA8E257BB625B2387219E605DDE37D ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
18:42:34.0603 4968  hwdatacard ( UnsignedFile.Multi.Generic ) - warning
18:42:34.0603 4968  hwdatacard - detected UnsignedFile.Multi.Generic (1)
18:42:34.0630 4968  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:42:34.0639 4968  hwpolicy - ok
18:42:34.0658 4968  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:42:34.0670 4968  i8042prt - ok
18:42:34.0693 4968  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:42:34.0710 4968  iaStorV - ok
18:42:34.0783 4968  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
18:42:34.0798 4968  IDriverT ( UnsignedFile.Multi.Generic ) - warning
18:42:34.0798 4968  IDriverT - detected UnsignedFile.Multi.Generic (1)
18:42:34.0840 4968  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:42:34.0863 4968  idsvc - ok
18:42:34.0902 4968  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:42:34.0912 4968  iirsp - ok
18:42:34.0943 4968  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
18:42:34.0997 4968  IKEEXT - ok
18:42:35.0024 4968  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
18:42:35.0037 4968  intelide - ok
18:42:35.0050 4968  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:42:35.0075 4968  intelppm - ok
18:42:35.0116 4968  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:42:35.0165 4968  IPBusEnum - ok
18:42:35.0226 4968  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:42:35.0269 4968  IpFilterDriver - ok
18:42:35.0309 4968  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:42:35.0358 4968  iphlpsvc - ok
18:42:35.0394 4968  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:42:35.0405 4968  IPMIDRV - ok
18:42:35.0428 4968  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:42:35.0471 4968  IPNAT - ok
18:42:35.0515 4968  [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:42:35.0540 4968  iPod Service - ok
18:42:35.0556 4968  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:42:35.0588 4968  IRENUM - ok
18:42:35.0611 4968  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:42:35.0620 4968  isapnp - ok
18:42:35.0653 4968  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:42:35.0667 4968  iScsiPrt - ok
18:42:35.0691 4968  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:42:35.0700 4968  kbdclass - ok
18:42:35.0721 4968  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:42:35.0731 4968  kbdhid - ok
18:42:35.0745 4968  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
18:42:35.0754 4968  KeyIso - ok
18:42:35.0786 4968  [ 07071C1E3CD8F0F9114AAC8B072CA1E5 ] KMWDFILTER      C:\Windows\system32\DRIVERS\KMWDFILTER.sys
18:42:35.0794 4968  KMWDFILTER - ok
18:42:35.0819 4968  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:42:35.0829 4968  KSecDD - ok
18:42:35.0836 4968  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:42:35.0847 4968  KSecPkg - ok
18:42:35.0862 4968  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:42:35.0909 4968  ksthunk - ok
18:42:35.0957 4968  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:42:36.0004 4968  KtmRm - ok
18:42:36.0043 4968  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:42:36.0088 4968  LanmanServer - ok
18:42:36.0118 4968  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:42:36.0161 4968  LanmanWorkstation - ok
18:42:36.0190 4968  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:42:36.0234 4968  lltdio - ok
18:42:36.0278 4968  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:42:36.0321 4968  lltdsvc - ok
18:42:36.0345 4968  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:42:36.0375 4968  lmhosts - ok
18:42:36.0398 4968  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:42:36.0410 4968  LSI_FC - ok
18:42:36.0427 4968  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:42:36.0438 4968  LSI_SAS - ok
18:42:36.0455 4968  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:42:36.0466 4968  LSI_SAS2 - ok
18:42:36.0488 4968  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:42:36.0499 4968  LSI_SCSI - ok
18:42:36.0519 4968  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
18:42:36.0564 4968  luafv - ok
18:42:36.0607 4968  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:42:36.0640 4968  Mcx2Svc - ok
18:42:36.0659 4968  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:42:36.0670 4968  megasas - ok
18:42:36.0685 4968  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:42:36.0700 4968  MegaSR - ok
18:42:36.0736 4968  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
18:42:36.0783 4968  MMCSS - ok
18:42:36.0809 4968  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
18:42:36.0855 4968  Modem - ok
18:42:36.0881 4968  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:42:36.0909 4968  monitor - ok
18:42:36.0944 4968  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:42:36.0954 4968  mouclass - ok
18:42:36.0979 4968  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:42:36.0990 4968  mouhid - ok
18:42:37.0011 4968  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:42:37.0022 4968  mountmgr - ok
18:42:37.0056 4968  [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:42:37.0066 4968  MozillaMaintenance - ok
18:42:37.0086 4968  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:42:37.0098 4968  mpio - ok
18:42:37.0115 4968  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:42:37.0145 4968  mpsdrv - ok
18:42:37.0189 4968  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:42:37.0240 4968  MpsSvc - ok
18:42:37.0260 4968  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:42:37.0286 4968  MRxDAV - ok
18:42:37.0311 4968  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:42:37.0359 4968  mrxsmb - ok
18:42:37.0390 4968  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:42:37.0404 4968  mrxsmb10 - ok
18:42:37.0409 4968  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:42:37.0445 4968  mrxsmb20 - ok
18:42:37.0481 4968  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:42:37.0491 4968  msahci - ok
18:42:37.0522 4968  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:42:37.0533 4968  msdsm - ok
18:42:37.0553 4968  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
18:42:37.0576 4968  MSDTC - ok
18:42:37.0586 4968  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:42:37.0614 4968  Msfs - ok
18:42:37.0632 4968  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:42:37.0661 4968  mshidkmdf - ok
18:42:37.0665 4968  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:42:37.0675 4968  msisadrv - ok
18:42:37.0712 4968  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:42:37.0762 4968  MSiSCSI - ok
18:42:37.0786 4968  msiserver - ok
18:42:37.0806 4968  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:42:37.0835 4968  MSKSSRV - ok
18:42:37.0855 4968  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:42:37.0898 4968  MSPCLOCK - ok
18:42:37.0919 4968  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:42:37.0961 4968  MSPQM - ok
18:42:37.0995 4968  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:42:38.0011 4968  MsRPC - ok
18:42:38.0023 4968  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:42:38.0032 4968  mssmbios - ok
18:42:38.0051 4968  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:42:38.0091 4968  MSTEE - ok
18:42:38.0107 4968  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:42:38.0117 4968  MTConfig - ok
18:42:38.0134 4968  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
18:42:38.0145 4968  Mup - ok
18:42:38.0173 4968  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
18:42:38.0226 4968  napagent - ok
18:42:38.0267 4968  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:42:38.0307 4968  NativeWifiP - ok
18:42:38.0351 4968  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:42:38.0377 4968  NDIS - ok
18:42:38.0393 4968  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:42:38.0442 4968  NdisCap - ok
18:42:38.0463 4968  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:42:38.0492 4968  NdisTapi - ok
18:42:38.0519 4968  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:42:38.0552 4968  Ndisuio - ok
18:42:38.0567 4968  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:42:38.0610 4968  NdisWan - ok
18:42:38.0636 4968  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:42:38.0664 4968  NDProxy - ok
18:42:38.0677 4968  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:42:38.0723 4968  NetBIOS - ok
18:42:38.0751 4968  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:42:38.0788 4968  NetBT - ok
18:42:38.0805 4968  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
18:42:38.0815 4968  Netlogon - ok
18:42:38.0838 4968  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
18:42:38.0886 4968  Netman - ok
18:42:38.0913 4968  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:42:38.0947 4968  NetMsmqActivator - ok
18:42:38.0951 4968  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:42:38.0960 4968  NetPipeActivator - ok
18:42:38.0978 4968  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
18:42:39.0030 4968  netprofm - ok
18:42:39.0034 4968  netr28ux - ok
18:42:39.0076 4968  [ 118E9136B5B48DD5B2CC81F78431A69E ] netr7364        C:\Windows\system32\DRIVERS\netr7364.sys
18:42:39.0132 4968  netr7364 - ok
18:42:39.0137 4968  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:42:39.0146 4968  NetTcpActivator - ok
18:42:39.0150 4968  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:42:39.0160 4968  NetTcpPortSharing - ok
18:42:39.0183 4968  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:42:39.0193 4968  nfrd960 - ok
18:42:39.0226 4968  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:42:39.0270 4968  NlaSvc - ok
18:42:39.0275 4968  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:42:39.0305 4968  Npfs - ok
18:42:39.0309 4968  npggsvc - ok
18:42:39.0314 4968  NPPTNT2 - ok
18:42:39.0341 4968  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
18:42:39.0387 4968  nsi - ok
18:42:39.0392 4968  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:42:39.0429 4968  nsiproxy - ok
18:42:39.0480 4968  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:42:39.0520 4968  Ntfs - ok
18:42:39.0543 4968  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
18:42:39.0587 4968  Null - ok
18:42:39.0633 4968  [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
18:42:39.0661 4968  NVENETFD - ok
18:42:39.0697 4968  [ 5F1FF880ADACF7E0FF7C27BA188B05DA ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
18:42:39.0709 4968  NVHDA - ok
18:42:39.0947 4968  [ 39DEFE644321F9A4B7F527664F628DEA ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:42:40.0294 4968  nvlddmkm - ok
18:42:40.0328 4968  [ 0AD267A4674805B61A5D7B911D2A978A ] NVNET           C:\Windows\system32\DRIVERS\nvmf6264.sys
18:42:40.0342 4968  NVNET - ok
18:42:40.0380 4968  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:42:40.0391 4968  nvraid - ok
18:42:40.0431 4968  [ F6C6D8298DD85507F680437EC2E6899C ] nvsmu           C:\Windows\system32\DRIVERS\nvsmu.sys
18:42:40.0439 4968  nvsmu - ok
18:42:40.0459 4968  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:42:40.0471 4968  nvstor - ok
18:42:40.0518 4968  [ A8BD627C6B78745CE8D591E9636E533F ] nvsvc           C:\Windows\system32\nvvsvc.exe
18:42:40.0542 4968  nvsvc - ok
18:42:40.0608 4968  [ ABF9218BC7B87ED93C0B5DEAD9E2F7E9 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:42:40.0638 4968  nvUpdatusService - ok
18:42:40.0656 4968  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:42:40.0668 4968  nv_agp - ok
18:42:40.0695 4968  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:42:40.0719 4968  ohci1394 - ok
18:42:40.0753 4968  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:42:40.0802 4968  p2pimsvc - ok
18:42:40.0844 4968  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:42:40.0869 4968  p2psvc - ok
18:42:40.0916 4968  [ 3A6DCEB1848470320E4A3C12D7A35B1C ] PAC207          C:\Windows\system32\DRIVERS\PFC027.SYS
18:42:40.0966 4968  PAC207 - ok
18:42:40.0994 4968  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:42:41.0005 4968  Parport - ok
18:42:41.0023 4968  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:42:41.0033 4968  partmgr - ok
18:42:41.0048 4968  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:42:41.0079 4968  PcaSvc - ok
18:42:41.0086 4968  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
18:42:41.0098 4968  pci - ok
18:42:41.0118 4968  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
18:42:41.0128 4968  pciide - ok
18:42:41.0142 4968  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:42:41.0155 4968  pcmcia - ok
18:42:41.0160 4968  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:42:41.0171 4968  pcw - ok
18:42:41.0203 4968  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:42:41.0260 4968  PEAUTH - ok
18:42:41.0349 4968  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:42:41.0376 4968  PerfHost - ok
18:42:41.0435 4968  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
18:42:41.0500 4968  pla - ok
18:42:41.0543 4968  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:42:41.0563 4968  PlugPlay - ok
18:42:41.0567 4968  PnkBstrA - ok
18:42:41.0607 4968  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:42:41.0632 4968  PNRPAutoReg - ok
18:42:41.0665 4968  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:42:41.0679 4968  PNRPsvc - ok
18:42:41.0701 4968  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:42:41.0759 4968  PolicyAgent - ok
18:42:41.0796 4968  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
18:42:41.0847 4968  Power - ok
18:42:41.0876 4968  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:42:41.0905 4968  PptpMiniport - ok
18:42:41.0935 4968  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:42:41.0957 4968  Processor - ok
18:42:41.0998 4968  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:42:42.0051 4968  ProfSvc - ok
18:42:42.0070 4968  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:42:42.0079 4968  ProtectedStorage - ok
18:42:42.0112 4968  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:42:42.0163 4968  Psched - ok
18:42:42.0202 4968  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:42:42.0252 4968  ql2300 - ok
18:42:42.0268 4968  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:42:42.0279 4968  ql40xx - ok
18:42:42.0313 4968  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
18:42:42.0331 4968  QWAVE - ok
18:42:42.0343 4968  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:42:42.0374 4968  QWAVEdrv - ok
18:42:42.0394 4968  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:42:42.0432 4968  RasAcd - ok
18:42:42.0458 4968  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:42:42.0498 4968  RasAgileVpn - ok
18:42:42.0517 4968  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
18:42:42.0551 4968  RasAuto - ok
18:42:42.0590 4968  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:42:42.0633 4968  Rasl2tp - ok
18:42:42.0669 4968  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
18:42:42.0701 4968  RasMan - ok
18:42:42.0714 4968  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:42:42.0744 4968  RasPppoe - ok
18:42:42.0749 4968  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:42:42.0784 4968  RasSstp - ok
18:42:42.0799 4968  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:42:42.0848 4968  rdbss - ok
18:42:42.0872 4968  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:42:42.0885 4968  rdpbus - ok
18:42:42.0905 4968  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:42:42.0934 4968  RDPCDD - ok
18:42:42.0940 4968  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:42:42.0981 4968  RDPENCDD - ok
18:42:42.0988 4968  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:42:43.0017 4968  RDPREFMP - ok
18:42:43.0053 4968  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:42:43.0101 4968  RDPWD - ok
18:42:43.0128 4968  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:42:43.0142 4968  rdyboost - ok
18:42:43.0181 4968  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:42:43.0228 4968  RemoteAccess - ok
18:42:43.0260 4968  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:42:43.0305 4968  RemoteRegistry - ok
18:42:43.0334 4968  [ CAF88D6573D21CD2AA27001DDBFDC74D ] RMCAST          C:\Windows\system32\DRIVERS\RMCAST.sys
18:42:43.0380 4968  RMCAST - ok
18:42:43.0410 4968  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:42:43.0452 4968  RpcEptMapper - ok
18:42:43.0480 4968  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
18:42:43.0509 4968  RpcLocator - ok
18:42:43.0547 4968  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
18:42:43.0579 4968  RpcSs - ok
18:42:43.0596 4968  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:42:43.0641 4968  rspndr - ok
18:42:43.0666 4968  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
18:42:43.0676 4968  SamSs - ok
18:42:43.0695 4968  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:42:43.0706 4968  sbp2port - ok
18:42:43.0710 4968  SBSDWSCService - ok
18:42:43.0727 4968  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:42:43.0770 4968  SCardSvr - ok
18:42:43.0810 4968  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:42:43.0848 4968  scfilter - ok
18:42:43.0881 4968  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
18:42:43.0947 4968  Schedule - ok
18:42:43.0977 4968  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:42:44.0004 4968  SCPolicySvc - ok
18:42:44.0042 4968  [ F6BA09AF1104B4BF6C83857EF5B6BFBB ] ScrambyServer   C:\Program Files (x86)\RapidSolution\Scramby\ScrambyServer.exe
18:42:44.0072 4968  ScrambyServer ( UnsignedFile.Multi.Generic ) - warning
18:42:44.0072 4968  ScrambyServer - detected UnsignedFile.Multi.Generic (1)
18:42:44.0100 4968  [ 3C9A97573D3B8A8450F92636D9846A74 ] scramby_out     C:\Windows\system32\drivers\scramby_out.sys
18:42:44.0109 4968  scramby_out - ok
18:42:44.0137 4968  [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
18:42:44.0146 4968  ScreamBAudioSvc - ok
18:42:44.0165 4968  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:42:44.0216 4968  SDRSVC - ok
18:42:44.0238 4968  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:42:44.0286 4968  secdrv - ok
18:42:44.0330 4968  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
18:42:44.0378 4968  seclogon - ok
18:42:44.0409 4968  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
18:42:44.0453 4968  SENS - ok
18:42:44.0473 4968  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:42:44.0523 4968  SensrSvc - ok
18:42:44.0533 4968  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:42:44.0544 4968  Serenum - ok
18:42:44.0561 4968  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:42:44.0594 4968  Serial - ok
18:42:44.0613 4968  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:42:44.0623 4968  sermouse - ok
18:42:44.0657 4968  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:42:44.0703 4968  SessionEnv - ok
18:42:44.0741 4968  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:42:44.0752 4968  sffdisk - ok
18:42:44.0774 4968  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:42:44.0796 4968  sffp_mmc - ok
18:42:44.0812 4968  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:42:44.0847 4968  sffp_sd - ok
18:42:44.0872 4968  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:42:44.0898 4968  sfloppy - ok
18:42:44.0950 4968  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:42:44.0984 4968  SharedAccess - ok
18:42:45.0018 4968  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:42:45.0050 4968  ShellHWDetection - ok
18:42:45.0066 4968  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:42:45.0076 4968  SiSRaid2 - ok
18:42:45.0090 4968  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:42:45.0101 4968  SiSRaid4 - ok
18:42:45.0198 4968  [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
18:42:45.0279 4968  Skype C2C Service - ok
18:42:45.0317 4968  [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:42:45.0326 4968  SkypeUpdate - ok
18:42:45.0339 4968  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:42:45.0380 4968  Smb - ok
18:42:45.0422 4968  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:42:45.0450 4968  SNMPTRAP - ok
18:42:45.0478 4968  [ 7455ED832A33FEF453407F5411C3342D ] speedfan        C:\Windows\syswow64\speedfan.sys
18:42:45.0487 4968  speedfan - ok
18:42:45.0504 4968  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:42:45.0513 4968  spldr - ok
18:42:45.0549 4968  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
18:42:45.0579 4968  Spooler - ok
18:42:45.0656 4968  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
18:42:45.0770 4968  sppsvc - ok
18:42:45.0789 4968  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:42:45.0840 4968  sppuinotify - ok
18:42:45.0871 4968  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:42:45.0919 4968  srv - ok
18:42:45.0928 4968  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:42:45.0961 4968  srv2 - ok
18:42:45.0967 4968  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:42:45.0995 4968  srvnet - ok
18:42:46.0013 4968  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:42:46.0065 4968  SSDPSRV - ok
18:42:46.0085 4968  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:42:46.0121 4968  SstpSvc - ok
18:42:46.0162 4968  Steam Client Service - ok
18:42:46.0213 4968  [ 2C25A72B53B28034BE260D81C4EA4955 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:42:46.0228 4968  Stereo Service - ok
18:42:46.0255 4968  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:42:46.0264 4968  stexstor - ok
18:42:46.0312 4968  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
18:42:46.0346 4968  stisvc - ok
18:42:46.0377 4968  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:42:46.0387 4968  swenum - ok
18:42:46.0410 4968  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
18:42:46.0447 4968  swprv - ok
18:42:46.0505 4968  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
18:42:46.0580 4968  SysMain - ok
18:42:46.0616 4968  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:42:46.0633 4968  TabletInputService - ok
18:42:46.0670 4968  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:42:46.0728 4968  TapiSrv - ok
18:42:46.0757 4968  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
18:42:46.0799 4968  TBS - ok
18:42:46.0857 4968  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:42:46.0913 4968  Tcpip - ok
18:42:46.0937 4968  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:42:46.0972 4968  TCPIP6 - ok
18:42:47.0001 4968  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:42:47.0051 4968  tcpipreg - ok
18:42:47.0084 4968  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:42:47.0127 4968  TDPIPE - ok
18:42:47.0176 4968  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:42:47.0215 4968  TDTCP - ok
18:42:47.0239 4968  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:42:47.0283 4968  tdx - ok
18:42:47.0368 4968  [ A4D2CE94B028EF1E437CF4AC3D8FF26C ] TeamViewer7     C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
18:42:47.0442 4968  TeamViewer7 - ok
18:42:47.0471 4968  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:42:47.0481 4968  TermDD - ok
18:42:47.0507 4968  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
18:42:47.0545 4968  TermService - ok
18:42:47.0573 4968  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
18:42:47.0603 4968  Themes - ok
18:42:47.0633 4968  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
18:42:47.0662 4968  THREADORDER - ok
18:42:47.0680 4968  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
18:42:47.0727 4968  TrkWks - ok
18:42:47.0782 4968  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:42:47.0825 4968  TrustedInstaller - ok
18:42:47.0862 4968  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:42:47.0902 4968  tssecsrv - ok
18:42:47.0924 4968  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:42:47.0947 4968  TsUsbFlt - ok
18:42:48.0012 4968  [ 811A229718C85356BC81EB20F35EB7F6 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
18:42:48.0069 4968  TuneUp.UtilitiesSvc - ok
18:42:48.0097 4968  [ DCC94C51D27C7EC0DADECA8F64C94FCF ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
18:42:48.0131 4968  TuneUpUtilitiesDrv - ok
18:42:48.0217 4968  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:42:48.0294 4968  tunnel - ok
18:42:48.0331 4968  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:42:48.0342 4968  uagp35 - ok
18:42:48.0383 4968  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:42:48.0415 4968  udfs - ok
18:42:48.0445 4968  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:42:48.0477 4968  UI0Detect - ok
18:42:48.0497 4968  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:42:48.0507 4968  uliagpkx - ok
18:42:48.0538 4968  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
18:42:48.0567 4968  umbus - ok
18:42:48.0590 4968  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:42:48.0610 4968  UmPass - ok
18:42:48.0634 4968  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
18:42:48.0670 4968  upnphost - ok
18:42:48.0674 4968  upperdev - ok
18:42:48.0702 4968  [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
18:42:48.0713 4968  USBAAPL64 - ok
18:42:48.0755 4968  [ 5FCC71487888589A9244AF54CFEFAB29 ] usbbus          C:\Windows\system32\DRIVERS\lgx64bus.sys
18:42:48.0792 4968  usbbus - ok
18:42:48.0811 4968  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:42:48.0861 4968  usbccgp - ok
18:42:48.0896 4968  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:42:48.0909 4968  usbcir - ok
18:42:48.0940 4968  [ 3FB6E423F7567C92C32EA786F5FD0C69 ] UsbDiag         C:\Windows\system32\DRIVERS\lgx64diag.sys
18:42:48.0959 4968  UsbDiag - ok
18:42:48.0980 4968  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
18:42:49.0003 4968  usbehci - ok
18:42:49.0035 4968  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:42:49.0065 4968  usbhub - ok
18:42:49.0092 4968  [ 78D551F5B93488B4666F5FC8DD4815F3 ] USBModem        C:\Windows\system32\DRIVERS\lgx64modem.sys
18:42:49.0100 4968  USBModem - ok
18:42:49.0120 4968  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
18:42:49.0147 4968  usbohci - ok
18:42:49.0184 4968  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:42:49.0216 4968  usbprint - ok
18:42:49.0256 4968  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
18:42:49.0269 4968  usbscan - ok
18:42:49.0280 4968  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:42:49.0308 4968  USBSTOR - ok
18:42:49.0329 4968  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:42:49.0350 4968  usbuhci - ok
18:42:49.0381 4968  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
18:42:49.0425 4968  UxSms - ok
18:42:49.0450 4968  [ 5BF180F7F7C2F68ED6D5777840270BCE ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
18:42:49.0458 4968  UxTuneUp - ok
18:42:49.0474 4968  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
18:42:49.0485 4968  VaultSvc - ok
18:42:49.0497 4968  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:42:49.0507 4968  vdrvroot - ok
18:42:49.0543 4968  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
18:42:49.0595 4968  vds - ok
18:42:49.0628 4968  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:42:49.0640 4968  vga - ok
18:42:49.0660 4968  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:42:49.0708 4968  VgaSave - ok
18:42:49.0756 4968  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:42:49.0769 4968  vhdmp - ok
18:42:49.0801 4968  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:42:49.0811 4968  viaide - ok
18:42:49.0816 4968  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:42:49.0826 4968  volmgr - ok
18:42:49.0846 4968  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:42:49.0862 4968  volmgrx - ok
18:42:49.0871 4968  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:42:49.0886 4968  volsnap - ok
18:42:49.0905 4968  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:42:49.0917 4968  vsmraid - ok
18:42:49.0962 4968  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
18:42:50.0042 4968  VSS - ok
18:42:50.0062 4968  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:42:50.0075 4968  vwifibus - ok
18:42:50.0093 4968  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:42:50.0118 4968  vwififlt - ok
18:42:50.0139 4968  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
18:42:50.0153 4968  vwifimp - ok
18:42:50.0186 4968  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
18:42:50.0220 4968  W32Time - ok
18:42:50.0239 4968  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:42:50.0268 4968  WacomPen - ok
18:42:50.0273 4968  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:42:50.0308 4968  WANARP - ok
18:42:50.0312 4968  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:42:50.0342 4968  Wanarpv6 - ok
18:42:50.0393 4968  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
18:42:50.0435 4968  wbengine - ok
18:42:50.0459 4968  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:42:50.0477 4968  WbioSrvc - ok
18:42:50.0496 4968  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:42:50.0531 4968  wcncsvc - ok
18:42:50.0550 4968  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:42:50.0573 4968  WcsPlugInService - ok
18:42:50.0590 4968  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:42:50.0599 4968  Wd - ok
18:42:50.0630 4968  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:42:50.0651 4968  Wdf01000 - ok
18:42:50.0663 4968  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:42:50.0734 4968  WdiServiceHost - ok
18:42:50.0738 4968  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:42:50.0753 4968  WdiSystemHost - ok
18:42:50.0784 4968  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
18:42:50.0821 4968  WebClient - ok
18:42:50.0839 4968  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:42:50.0878 4968  Wecsvc - ok
18:42:50.0898 4968  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:42:50.0929 4968  wercplsupport - ok
18:42:50.0945 4968  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:42:50.0992 4968  WerSvc - ok
18:42:51.0015 4968  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:42:51.0044 4968  WfpLwf - ok
18:42:51.0067 4968  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:42:51.0078 4968  WIMMount - ok
18:42:51.0100 4968  WinDefend - ok
18:42:51.0109 4968  WinHttpAutoProxySvc - ok
18:42:51.0165 4968  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:42:51.0197 4968  Winmgmt - ok
18:42:51.0240 4968  [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0  C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
18:42:51.0251 4968  WinRing0_1_2_0 - ok
18:42:51.0314 4968  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
18:42:51.0381 4968  WinRM - ok
18:42:51.0425 4968  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
18:42:51.0450 4968  WinUsb - ok
18:42:51.0488 4968  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:42:51.0536 4968  Wlansvc - ok
18:42:51.0646 4968  [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:42:51.0706 4968  wlidsvc - ok
18:42:51.0747 4968  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:42:51.0758 4968  WmiAcpi - ok
18:42:51.0786 4968  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:42:51.0813 4968  wmiApSrv - ok
18:42:51.0833 4968  WMPNetworkSvc - ok
18:42:51.0848 4968  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:42:51.0874 4968  WPCSvc - ok
18:42:51.0903 4968  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:42:51.0946 4968  WPDBusEnum - ok
18:42:51.0984 4968  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:42:52.0025 4968  ws2ifsl - ok
18:42:52.0050 4968  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
18:42:52.0088 4968  wscsvc - ok
18:42:52.0092 4968  WSearch - ok
18:42:52.0165 4968  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:42:52.0226 4968  wuauserv - ok
18:42:52.0255 4968  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:42:52.0304 4968  WudfPf - ok
18:42:52.0327 4968  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:42:52.0358 4968  WUDFRd - ok
18:42:52.0382 4968  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:42:52.0413 4968  wudfsvc - ok
18:42:52.0437 4968  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:42:52.0464 4968  WwanSvc - ok
18:42:52.0542 4968  X6va003 - ok
18:42:52.0546 4968  X6va005 - ok
18:42:52.0551 4968  X6va008 - ok
18:42:52.0715 4968  X6va009 - ok
18:42:52.0769 4968  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
18:42:52.0798 4968  xusb21 - ok
18:42:52.0801 4968  ================ Scan global ===============================
18:42:52.0842 4968  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:42:52.0872 4968  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:42:52.0879 4968  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:42:52.0893 4968  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:42:52.0920 4968  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:42:52.0924 4968  [Global] - ok
18:42:52.0924 4968  ================ Scan MBR ==================================
18:42:52.0935 4968  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:42:53.0171 4968  \Device\Harddisk0\DR0 - ok
18:42:53.0171 4968  ================ Scan VBR ==================================
18:42:53.0174 4968  [ 2836349FFB891440E6B82C9318BF3BAB ] \Device\Harddisk0\DR0\Partition1
18:42:53.0175 4968  \Device\Harddisk0\DR0\Partition1 - ok
18:42:53.0203 4968  [ E404271ACB5EB03A40D2083D07EF928A ] \Device\Harddisk0\DR0\Partition2
18:42:53.0204 4968  \Device\Harddisk0\DR0\Partition2 - ok
18:42:53.0205 4968  ============================================================
18:42:53.0205 4968  Scan finished
18:42:53.0205 4968  ============================================================
18:42:53.0218 2372  Detected object count: 4
18:42:53.0218 2372  Actual detected object count: 4
18:43:22.0590 2372  Akamai ( HiddenFile.Multi.Generic ) - skipped by user
18:43:22.0590 2372  Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 
18:43:22.0591 2372  hwdatacard ( UnsignedFile.Multi.Generic ) - skipped by user
18:43:22.0591 2372  hwdatacard ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:43:22.0592 2372  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
18:43:22.0593 2372  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:43:22.0594 2372  ScrambyServer ( UnsignedFile.Multi.Generic ) - skipped by user
18:43:22.0594 2372  ScrambyServer ( UnsignedFile.Multi.Generic ) - User select action: Skip

aswMBR Report:

Code:

ATTFilter

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-11-04 18:08:16
-----------------------------
18:08:16.995    OS Version: Windows x64 6.1.7601 Service Pack 1
18:08:16.995    Number of processors: 2 586 0x602
18:08:16.996    ComputerName: NOEL  UserName: 
18:08:17.707    Initialize success
18:08:26.918    AVAST engine defs: 12110400
18:08:41.921    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
18:08:41.922    Disk 0 Vendor: WDC_WD5000AADS-00S9B0 01.00A01 Size: 476940MB BusType: 3
18:08:41.934    Disk 0 MBR read successfully
18:08:41.936    Disk 0 MBR scan
18:08:41.940    Disk 0 Windows 7 default MBR code
18:08:41.943    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
18:08:41.950    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       476838 MB offset 206848
18:08:41.971    Disk 0 scanning C:\Windows\system32\drivers
18:08:49.888    Service scanning
18:09:08.091    Modules scanning
18:09:08.096    Disk 0 trace - called modules:
18:09:08.108    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys 
18:09:08.111    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800423b430]
18:09:08.116    3 CLASSPNP.SYS[fffff880011c743f] -> nt!IofCallDriver -> [0xfffffa80040f0580]
18:09:08.120    5 ACPI.sys[fffff88000eb57a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-3[0xfffffa80040f2060]
18:09:09.241    AVAST engine scan C:\Windows
18:09:10.990    AVAST engine scan C:\Windows\system32
18:11:59.607    AVAST engine scan C:\Windows\system32\drivers
18:12:09.988    AVAST engine scan C:\Users\DragoTheOwner
18:22:19.102    File: C:\Users\DragoTheOwner\Desktop\Pickup Bot\PickUp-Bot (Vista & 7).dll  **INFECTED** Win32:Malware-gen
18:22:19.147    File: C:\Users\DragoTheOwner\Desktop\Pickup Bot\PickUp-Bot (XP).dll  **INFECTED** Win32:Malware-gen
18:22:19.181    File: C:\Users\DragoTheOwner\Desktop\Pickup Bot\Spam-Bot (Vista & 7).dll  **INFECTED** Win32:Spyware-gen [Spy]
18:22:19.215    File: C:\Users\DragoTheOwner\Desktop\Pickup Bot\Spam-Bot (XP).dll  **INFECTED** Win32:Spyware-gen [Spy]
18:22:19.246    File: C:\Users\DragoTheOwner\Desktop\Pickup Bot\Switch-Bot (Vista & 7).dll  **INFECTED** Win32:Malware-gen
18:22:19.304    File: C:\Users\DragoTheOwner\Desktop\Pickup Bot\Tools einstellen (Vista & 7).dll  **INFECTED** Win32:Trojan-gen
18:22:19.337    File: C:\Users\DragoTheOwner\Desktop\Pickup Bot\Tools einstellen (XP).dll  **INFECTED** Win32:Trojan-gen
18:22:19.367    File: C:\Users\DragoTheOwner\Desktop\Pickup Bot\Upp-Tool (Vista & 7).dll  **INFECTED** Win32:Malware-gen
18:22:19.401    File: C:\Users\DragoTheOwner\Desktop\Pickup Bot\Upp-Tool (XP).dll  **INFECTED** Win32:Malware-gen
18:23:43.876    AVAST engine scan C:\ProgramData
18:29:01.068    Scan finished successfully
18:41:21.022    Disk 0 MBR has been saved successfully to "C:\Users\DragoTheOwner\Desktop\MBR.dat"
18:41:21.027    The log file has been saved successfully to "C:\Users\DragoTheOwner\Desktop\aswMBR.txt"

19.10.2012, 14:33	#35
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Keine Rückmeldung und Freeze Wieso lädst du die Logs hoch? Die Logs solltest du hier posten - hochgeladen werden sollte die ZIP-Datei mit der OTL-Q! __________________ Logfiles bitte immer in CODE-Tags posten

19.10.2012, 16:44	#37
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Keine Rückmeldung und Freeze Und es wäre ja auch zu abwegig da mal nach zu googlen Rechtsklick auf den Ordner MovedFiles, senden an => ZIP komprimierter Ordner __________________ Logfiles bitte immer in CODE-Tags posten

Keine Rückmeldung und Freeze

Plagegeister aller Art und deren Bekämpfung: Keine Rückmeldung und Freeze