.searchnu.com/406

Stechus · 03.09.2012, 13:50

Guten Tag, wie mir scheint, hat sich mein Pc mit einem netten Schädling infiziert. Da ich aber nur über sehr bescheidene Fähigkeiten verfüge, bräuchte ich jemanden, der mich an die Hand nimmt.

Ich wäre über jede Hilfe dankbar.

Stechus

cosinus · 04.09.2012, 20:52

Bitte erstmal routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Die Funde mit Malwarebytes bitte alle entfernen, sodass sie in der Quarantäne von Malwarebytes aufgehoben werden! NICHTS voreilig aus der Quarantäne entfernen!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

Stechus · 04.09.2012, 22:55

Malwarebytes:

Code:

ATTFilter

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.09.04.10

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Stechus Kaktus :: STECHUSKAKTUS [Administrator]

04.09.2012 22:35:36
mbam-log-2012-09-04 (22-35-36).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 342972
Laufzeit: 1 Stunde(n), 8 Minute(n), 39 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Code:

ATTFilter

 
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.05.21.02

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Stechus Kaktus :: STECHUSKAKTUS [Administrator]

21.05.2012 18:36:20
mbam-log-2012-05-21 (18-36-20).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 201546
Laufzeit: 8 Minute(n), 54 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Code:

ATTFilter

 
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.04.02.04

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Stechus Kaktus :: STECHUSKAKTUS [Administrator]

02.04.2012 16:03:30
mbam-log-2012-04-02 (16-03-30).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 351647
Laufzeit: 1 Stunde(n), 23 Minute(n), 11 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

ESET Online Scanner:

Code:

ATTFilter

 
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=eb02db5484517646a109d3ef106f1d11
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-05 12:28:17
# local_time=2012-09-05 02:28:17 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT 
# compatibility_mode=1792 16777215 100 0 13086959 13086959 0 0
# compatibility_mode=5121 16777214 0 32 4735 105024569 0 0
# compatibility_mode=5893 16776573 100 94 44677 99201836 0 0
# compatibility_mode=8192 67108863 100 0 136 136 0 0
# scanned=160029
# found=0
# cleaned=0
# scan_time=8731

Ich hoffe, dass waren die gewünschten infos.

Vielen Dank, dass du dich der Sache angenommen hast.

cosinus · 05.09.2012, 14:10

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Suche.
Nach Ende des Suchlaufs öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

Stechus · 05.09.2012, 16:24

ADWCleaner

Code:

ATTFilter

 # AdwCleaner v2.000 - Datei am 09/05/2012 um 17:21:05 erstellt
# Aktualisiert am 30/08/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium  (64 bits)
# Benutzer : Stechus Kaktus - STECHUSKAKTUS
# Normaler Modus : Normal
# Ausgeführt unter : C:\Users\Stechus Kaktus\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gefunden : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml
Datei Gefunden : C:\Users\Public\Desktop\eBay.lnk
Datei Gefunden : C:\Users\STECHU~1\AppData\Local\Temp\searchqutoolbar-manifest.xml
Datei Gefunden : C:\Users\Stechus Kaktus\AppData\Roaming\Mozilla\Firefox\Profiles\p24rhmfm.default\searchplugins\Search_Results.xml
Ordner Gefunden : C:\ProgramData\boost_interprocess
Ordner Gefunden : C:\ProgramData\Partner
Ordner Gefunden : C:\Users\Stechus Kaktus\AppData\Local\Ilivid Player

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\DataMngr
Schlüssel Gefunden : HKCU\Software\ilivid
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gefunden : HKLM\SOFTWARE\DataMngr
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gefunden : HKLM\SOFTWARE\Software
Schlüssel Gefunden : HKU\S-1-5-21-2495238752-3057620508-2955416666-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v15.0 (de)

Profilname : default 
Datei : C:\Users\Stechus Kaktus\AppData\Roaming\Mozilla\Firefox\Profiles\p24rhmfm.default\prefs.js

Gefunden : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://plasmoo.com/index.htm?SearchMashi[...]
Gefunden : user_pref("browser.search.order.1", "Search Results");
Gefunden : user_pref("browser.startup.homepage", "hxxp://www.searchqu.com/406");
Gefunden : user_pref("icqtoolbar.history", "online%20malware%20scanner||bitdefender||chakuza||englische%20verei[...]
Gefunden : user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&appid=102&systemid=406&sr=0&q=");
Gefunden : user_pref("plasmoo.search.engine.prevkeywordurl", "hxxp://dts.search-results.com/sr?src=ffb&appid=10[...]
Gefunden : user_pref("plasmoo.search.engine.prevstartuphomepage", "hxxp://www.searchqu.com/406");

*************************

AdwCleaner[R1].txt - [3675 octets] - [05/09/2012 17:21:05]

########## EOF - C:\AdwCleaner[R1].txt - [3735 octets] ##########

cosinus · 06.09.2012, 10:27

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Löschen.
Bestätige jeweils mit Ok.
Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

Stechus · 06.09.2012, 11:31

Code:

ATTFilter

# AdwCleaner v2.000 - Datei am 09/06/2012 um 12:26:46 erstellt
# Aktualisiert am 30/08/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium  (64 bits)
# Benutzer : Stechus Kaktus - STECHUSKAKTUS
# Normaler Modus : Normal
# Ausgeführt unter : C:\Users\Stechus Kaktus\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml
Datei Gelöscht : C:\Users\Public\Desktop\eBay.lnk
Datei Gelöscht : C:\Users\STECHU~1\AppData\Local\Temp\searchqutoolbar-manifest.xml
Datei Gelöscht : C:\Users\Stechus Kaktus\AppData\Roaming\Mozilla\Firefox\Profiles\p24rhmfm.default\searchplugins\Search_Results.xml
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Users\Stechus Kaktus\AppData\Local\Ilivid Player

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKLM\SOFTWARE\Software
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

Wiederhergestellt : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0 (de)

Profilname : default 
Datei : C:\Users\Stechus Kaktus\AppData\Roaming\Mozilla\Firefox\Profiles\p24rhmfm.default\prefs.js

C:\Users\Stechus Kaktus\AppData\Roaming\Mozilla\Firefox\Profiles\p24rhmfm.default\user.js ... Gelöscht !

Gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://plasmoo.com/index.htm?SearchMashi[...]
Gelöscht : user_pref("browser.search.order.1", "Search Results");
Gelöscht : user_pref("browser.startup.homepage", "hxxp://www.searchqu.com/406");
Gelöscht : user_pref("icqtoolbar.history", "online%20malware%20scanner||bitdefender||chakuza||englische%20verei[...]
Gelöscht : user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&appid=102&systemid=406&sr=0&q=");
Gelöscht : user_pref("plasmoo.search.engine.prevkeywordurl", "hxxp://dts.search-results.com/sr?src=ffb&appid=10[...]
Gelöscht : user_pref("plasmoo.search.engine.prevstartuphomepage", "hxxp://www.searchqu.com/406");

*************************

AdwCleaner[R1].txt - [3796 octets] - [05/09/2012 17:21:05]
AdwCleaner[S1].txt - [4340 octets] - [06/09/2012 12:26:46]

########## EOF - C:\AdwCleaner[S1].txt - [4400 octets] ##########

cosinus · 06.09.2012, 15:19

Hätte da mal drei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?
3.) Searchnu ist nun weg?

Stechus · 06.09.2012, 19:15

Grüß Dich cosinus,

sorry das ich mich erst jetzt melde, aber ich hatte Spätschicht.

1.) Windows scheint uneingeschränkt zu funktionieren.

2.) Im Startmenü sind soweit ich es sehen kann, noch alle Ordner vorhanden.

3.) Searchnu taucht bei morzilla nicht mehr als Startseite auf.

Nun hätte ich einige Fragen:

1.) Bin ich nun "Keimfrei"?

2.) Wie kann ich mich erkenntlich zeigen?

3.) Was würdest du mir empfehlen, um eine solche Infektion in Zukunft zu verhindern?

Besten Dank im Voraus!!!!!

cosinus · 06.09.2012, 21:12

Nein wir sind noch nicht fertig!

Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code:

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf .
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Stechus · 06.09.2012, 22:15

OTL

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 06.09.2012 22:54:12 - Run 1
OTL by OldTimer - Version 3.2.61.0     Folder = C:\Users\Stechus Kaktus\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 2,28 Gb Available Physical Memory | 58,87% Memory free
7,73 Gb Paging File | 5,54 Gb Available in Paging File | 71,70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,04 Gb Total Space | 104,15 Gb Free Space | 69,88% Space Free | Partition Type: NTFS
Drive D: | 148,65 Gb Total Space | 140,80 Gb Free Space | 94,72% Space Free | Partition Type: NTFS
 
Computer Name: STECHUSKAKTUS | User Name: Stechus Kaktus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.09.06 22:51:04 | 000,599,040 | ---- | M] (OldTimer Tools) -- C:\Users\Stechus Kaktus\Desktop\OTL.exe
PRC - [2012.07.31 09:24:36 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.08 14:52:00 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.08 14:51:54 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.03.04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
PRC - [2009.11.21 08:52:16 | 002,454,840 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
PRC - [2009.10.28 12:15:10 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2009.10.02 14:26:10 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009.09.30 20:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.09.30 20:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.07.28 21:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009.07.22 14:40:00 | 000,083,336 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
PRC - [2009.03.10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2009.01.13 22:33:40 | 000,034,088 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
PRC - [2007.01.04 20:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.06.15 14:42:57 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll
MOD - [2012.06.15 14:42:44 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll
MOD - [2012.05.12 05:53:59 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0c00b1a8336dd4c1bd1ebce7780f20b4\System.Runtime.Remoting.ni.dll
MOD - [2012.05.12 05:52:57 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll
MOD - [2012.05.12 05:52:53 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll
MOD - [2012.05.12 05:52:51 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll
MOD - [2012.05.12 05:52:40 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll
MOD - [2009.07.14 19:58:12 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.07.14 19:58:10 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2009.09.09 00:56:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.28 15:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2012.09.01 07:54:12 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.30 08:13:33 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.05.08 14:52:00 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.08 14:51:54 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.08.12 01:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programme\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009.11.10 14:54:54 | 000,824,688 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Programme\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV - [2009.11.05 23:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2009.11.05 10:19:12 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV - [2009.10.27 21:12:14 | 000,252,784 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009.10.21 11:40:00 | 000,193,904 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Stopped] -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2009.10.15 17:49:56 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService)
SRV - [2009.10.06 10:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009.10.02 14:26:12 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009.09.30 20:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009.09.30 20:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009.09.28 15:46:02 | 000,251,760 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.05.22 20:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009.03.10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2007.01.04 20:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.05.08 14:52:01 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.08 14:52:01 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.09.16 16:08:07 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.11.12 14:48:56 | 000,005,504 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\StarOpen.sys -- (StarOpen)
DRV:64bit: - [2009.11.05 23:15:40 | 000,291,328 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.10.15 21:11:26 | 000,307,760 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.10.02 14:33:48 | 000,946,688 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2009.10.02 13:58:58 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.09.17 13:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009.09.09 01:31:52 | 006,204,928 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.07.30 22:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2009.07.30 20:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009.07.24 16:57:08 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2009.07.14 17:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.13 23:12:00 | 000,019,824 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfec.sys -- (tosrfec)
DRV:64bit: - [2009.06.22 18:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009.06.19 20:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009.06.10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 22:35:46 | 000,427,008 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8187Se.sys -- (RTL8187Se)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.20 19:04:56 | 000,202,016 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2007.04.16 21:51:50 | 000,014,112 | R--- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV - [2011.07.22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV - [2011.07.12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV - [2009.11.12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009.09.22 18:39:56 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-21-2495238752-3057620508-2955416666-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEH&bmod=TSEH
IE - HKU\S-1-5-21-2495238752-3057620508-2955416666-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEH&bmod=TSEH
IE - HKU\S-1-5-21-2495238752-3057620508-2955416666-1001\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-2495238752-3057620508-2955416666-1001\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-2495238752-3057620508-2955416666-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2495238752-3057620508-2955416666-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2495238752-3057620508-2955416666-1001\..\SearchScopes\{21969D29-4CCE-4150-90F9-FBC462717A7B}: "URL" = hxxp://rover.ebay.com/rover/1/707-44556-9400-9/4?satitle={searchTerms}
IE - HKU\S-1-5-21-2495238752-3057620508-2955416666-1001\..\SearchScopes\{5D3D53DD-A6EF-4955-9D79-412269F9C31E}: "URL" = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibade-win7-ie-search-21&index=blended&linkCode=ur2
IE - HKU\S-1-5-21-2495238752-3057620508-2955416666-1001\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-2495238752-3057620508-2955416666-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7TSEH_deDE379DE379
IE - HKU\S-1-5-21-2495238752-3057620508-2955416666-1001\..\SearchScopes\Plasmoo: "URL" = hxxp://plasmoo.com/index.htm?SearchMashine=true&q={searchTerms}
IE - HKU\S-1-5-21-2495238752-3057620508-2955416666-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Plasmoo"
FF - prefs.js..browser.search.defaultthis.engineName: "Plasmoo"
FF - prefs.js..browser.search.defaulturl: "hxxp://plasmoo.com/index.htm?SearchMashine=true&amp;q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledAddons: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.119
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.2.6
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: engine@plasmoo.com:1.0.0.32
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.01 07:54:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.08.22 15:33:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.01 07:54:13 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.08.22 15:33:05 | 000,000,000 | ---D | M]
 
[2012.04.02 17:31:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\Extensions
[2012.06.28 06:59:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\Firefox\Profiles\p24rhmfm.default\extensions
[2011.06.02 09:39:16 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\Firefox\Profiles\p24rhmfm.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.06.28 06:59:06 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\Firefox\Profiles\p24rhmfm.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2012.09.01 07:56:31 | 000,000,950 | ---- | M] () -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-1.xml
[2012.03.19 18:29:34 | 000,000,950 | ---- | M] () -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-10.xml
[2012.04.06 11:10:56 | 000,000,950 | ---- | M] () -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-11.xml
[2011.08.19 15:06:29 | 000,000,950 | ---- | M] () -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-2.xml
[2011.09.02 16:13:50 | 000,000,950 | ---- | M] () -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-3.xml
[2011.09.07 23:29:49 | 000,000,950 | ---- | M] () -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-4.xml
[2011.09.29 08:47:30 | 000,000,950 | ---- | M] () -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-5.xml
[2011.11.15 17:48:42 | 000,000,950 | ---- | M] () -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-6.xml
[2012.01.05 13:30:53 | 000,000,950 | ---- | M] () -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-7.xml
[2012.02.01 06:37:34 | 000,000,950 | ---- | M] () -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-8.xml
[2012.02.28 13:20:51 | 000,000,950 | ---- | M] () -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-9.xml
[2011.06.25 09:42:17 | 000,001,056 | ---- | M] () -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin.xml
[2011.04.28 19:42:58 | 000,001,975 | ---- | M] () -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\plasmoo.xml
[2012.04.02 17:31:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.09.01 07:54:12 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.26 23:45:56 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.01 07:54:11 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.26 23:45:56 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.26 23:45:56 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.26 23:45:56 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.26 23:45:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.04.02 17:11:13 | 000,441,500 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 127.0.0.1	www.123fporn.info
O1 - Hosts: 15173 more lines...
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-2495238752-3057620508-2955416666-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [HSON] C:\Programme\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Programme\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [TosNC] C:\Programme\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Programme\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Programme\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKU\.DEFAULT..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-18..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2495238752-3057620508-2955416666-1001..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Stechus Kaktus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Stechus Kaktus\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Stechus Kaktus\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{16D0CDC8-3918-4CC7-82A3-6EB4BD069F02}: DhcpNameServer = 100.100.0.101
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{900267B2-1C0A-428B-8DD6-8C0F5874AB90}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{038fe954-381e-11e0-ba75-705ab6711a2b}\Shell - "" = AutoRun
O33 - MountPoints2\{038fe954-381e-11e0-ba75-705ab6711a2b}\Shell\AutoRun\command - "" = F:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
MsConfig:64bit - StartUpReg: ICQ - hkey= - key= - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
MsConfig:64bit - StartUpReg: mcagent_exe - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: Skype - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: mcmscsvc - Service
SafeBootMin:64bit: MCODS - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: !SASCORE - C:\Programme\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: mcmscsvc - Service
SafeBootMin: MCODS - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: mcmscsvc - Service
SafeBootNet:64bit: MCODS - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: MpfService - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: !SASCORE - C:\Programme\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: mcmscsvc - Service
SafeBootNet: MCODS - Service
SafeBootNet: Messenger - Service
SafeBootNet: MpfService - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - 
ActiveX:64bit: >{86E4D9E7-5085-4CB3-AE29-4CFD782E79DB} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.dvacm - C:\PROGRA~2\COMMON~1\ULEADS~1\vio\dvacm.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.mpegacm - C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.ulmp3acm - C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.06 22:51:00 | 000,599,040 | ---- | C] (OldTimer Tools) -- C:\Users\Stechus Kaktus\Desktop\OTL.exe
[2012.09.05 00:00:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.09.04 23:59:28 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Stechus Kaktus\Desktop\esetsmartinstaller_enu.exe
[2012.09.03 16:16:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.09.03 14:33:12 | 170,992,432 | ---- | C] (Emsisoft GmbH                                               ) -- C:\Users\Stechus Kaktus\Desktop\EmsisoftAntiMalwareSetup.exe
[2012.09.03 14:28:23 | 000,000,000 | ---D | C] -- C:\Users\Stechus Kaktus\Desktop\Reinigung
[2012.08.22 15:54:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2012.08.22 15:46:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2012.08.22 15:44:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2012.08.16 19:43:23 | 000,000,000 | ---D | C] -- C:\Users\Stechus Kaktus\AppData\Roaming\Brain Workshop
[2012.08.16 19:43:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brain Workshop
[2012.08.16 19:43:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Brain Workshop
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.06 22:55:19 | 000,016,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.06 22:55:19 | 000,016,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.06 22:51:04 | 000,599,040 | ---- | M] (OldTimer Tools) -- C:\Users\Stechus Kaktus\Desktop\OTL.exe
[2012.09.06 22:47:36 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.09.06 22:47:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.06 22:47:12 | 3112,390,656 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.06 20:38:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.06 20:34:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.04 23:59:32 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Stechus Kaktus\Desktop\esetsmartinstaller_enu.exe
[2012.09.04 22:34:44 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.03 14:37:09 | 170,992,432 | ---- | M] (Emsisoft GmbH                                               ) -- C:\Users\Stechus Kaktus\Desktop\EmsisoftAntiMalwareSetup.exe
[2012.09.03 14:31:54 | 000,511,265 | ---- | M] () -- C:\Users\Stechus Kaktus\Desktop\adwcleaner.exe
[2012.08.22 15:33:06 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012.08.16 19:43:17 | 000,001,085 | ---- | M] () -- C:\Users\Stechus Kaktus\Desktop\Brain Workshop.lnk
[2012.08.16 19:27:39 | 000,376,224 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.09.03 14:31:46 | 000,511,265 | ---- | C] () -- C:\Users\Stechus Kaktus\Desktop\adwcleaner.exe
[2012.08.16 19:43:17 | 000,001,085 | ---- | C] () -- C:\Users\Stechus Kaktus\Desktop\Brain Workshop.lnk
[2010.06.26 00:11:17 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
 
========== LOP Check ==========
 
[2012.08.16 19:43:23 | 000,000,000 | ---D | M] -- C:\Users\Stechus Kaktus\AppData\Roaming\Brain Workshop
[2010.07.31 11:29:56 | 000,000,000 | ---D | M] -- C:\Users\Stechus Kaktus\AppData\Roaming\Canneverbe Limited
[2011.06.02 09:39:16 | 000,000,000 | ---D | M] -- C:\Users\Stechus Kaktus\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.01.14 18:29:15 | 000,000,000 | ---D | M] -- C:\Users\Stechus Kaktus\AppData\Roaming\ICQ
[2012.07.23 12:34:44 | 000,000,000 | ---D | M] -- C:\Users\Stechus Kaktus\AppData\Roaming\QuickScan
[2010.12.27 21:19:37 | 000,000,000 | ---D | M] -- C:\Users\Stechus Kaktus\AppData\Roaming\Toshiba
[2012.07.29 06:41:27 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.06.07 22:16:55 | 000,000,000 | ---D | M] -- C:\Users\Stechus Kaktus\AppData\Roaming\Adobe
[2010.05.11 13:39:16 | 000,000,000 | ---D | M] -- C:\Users\Stechus Kaktus\AppData\Roaming\ATI
[2012.04.06 12:52:42 | 000,000,000 | ---D | M] -- C:\Users\Stechus Kaktus\AppData\Roaming\Avira
[2012.08.16 19:43:23 | 000,000,000 | ---D | M] -- C:\Users\Stechus Kaktus\AppData\Roaming\Brain Workshop
[2010.07.31 11:29:56 | 000,000,000 | ---D | M] -- C:\Users\Stechus Kaktus\AppData\Roaming\Canneverbe Limited
[2011.06.02 09:39:16 | 000,000,000 | ---D | M] -- C:\Users\Stechus Kaktus\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.05.11 13:43:09 | 000,000,000 | ---D | M] -- C:\Users\Stechus Kaktus\AppData\Roaming\Google
[2011.01.14 18:29:15 | 000,000,000 | ---D | M] -- C:\Users\Stechus Kaktus\AppData\Roaming\ICQ
[2010.05.11 13:38:30 | 000,000,000 | ---D | M] -- C:\Users\Stechus Kaktus\AppData\Roaming\Identities
[2010.05.11 13:39:21 | 000,000,000 | ---D | M] -- C:\Users\Stechus Kaktus\AppData\Roaming\Intel Corporation
[2009.12.04 14:33:13 | 000,000,000 | ---D | M] -- C:\Users\Stechus Kaktus\AppData\Roaming\Macromedia
[2012.04.02 16:02:34 | 000,000,000 | ---D | M] -- C:\Users\Stechus Kaktus\AppData\Roaming\Malwarebytes
[2009.07.14 20:18:18 | 000,000,000 | ---D | M] -- C:\Users\Stechus Kaktus\AppData\Roaming\Media Center Programs
[2012.06.25 15:35:31 | 000,000,000 | --SD | M] -- C:\Users\Stechus Kaktus\AppData\Roaming\Microsoft
[2010.11.08 12:01:16 | 000,000,000 | ---D | M] -- C:\Users\Stechus Kaktus\AppData\Roaming\Mozilla
[2012.07.23 12:34:44 | 000,000,000 | ---D | M] -- C:\Users\Stechus Kaktus\AppData\Roaming\QuickScan
[2012.02.29 17:28:15 | 000,000,000 | ---D | M] -- C:\Users\Stechus Kaktus\AppData\Roaming\Skype
[2012.02.29 17:04:18 | 000,000,000 | ---D | M] -- C:\Users\Stechus Kaktus\AppData\Roaming\skypePM
[2012.04.02 17:52:25 | 000,000,000 | ---D | M] -- C:\Users\Stechus Kaktus\AppData\Roaming\SUPERAntiSpyware.com
[2010.12.27 21:19:37 | 000,000,000 | ---D | M] -- C:\Users\Stechus Kaktus\AppData\Roaming\Toshiba
 
< %APPDATA%\*.exe /s >
[2009.11.11 03:14:22 | 000,038,208 | ---- | M] () -- C:\Users\Stechus Kaktus\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2010.12.23 11:10:29 | 002,827,728 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\Stechus Kaktus\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: IASTOR.SYS  >
[2009.10.02 13:58:58 | 000,537,112 | ---- | M] (Intel Corporation) MD5=631FA8935163B01FC0C02966CB3ADB92 -- C:\Windows\SysNative\drivers\iaStor.sys
[2009.10.02 13:58:58 | 000,537,112 | ---- | M] (Intel Corporation) MD5=631FA8935163B01FC0C02966CB3ADB92 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_b03f80929ac23556\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0033117673c16921\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\SysNative\user32.dll
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >

< End of report >

--- --- ---

cosinus · 07.09.2012, 10:49

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

ATTFilter

:OTL
FF - prefs.js..browser.search.defaultenginename: "Plasmoo"
FF - prefs.js..browser.search.defaultthis.engineName: "Plasmoo"
FF - prefs.js..browser.search.defaulturl: "http://plasmoo.com/index.htm?SearchMashine=true&amp;q={searchTerms}"
FF - prefs.js..extensions.enabledItems: engine@plasmoo.com:1.0.0.32
FF - user.js - File not found
[2011.06.02 09:39:16 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\Firefox\Profiles\p24rhmfm.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.06.28 06:59:06 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\Firefox\Profiles\p24rhmfm.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2012.09.01 07:56:31 | 000,000,950 | ---- | M] () -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-1.xml
[2012.03.19 18:29:34 | 000,000,950 | ---- | M] () -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-10.xml
[2012.04.06 11:10:56 | 000,000,950 | ---- | M] () -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-11.xml
[2011.08.19 15:06:29 | 000,000,950 | ---- | M] () -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-2.xml
[2011.09.02 16:13:50 | 000,000,950 | ---- | M] () -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-3.xml
[2011.09.07 23:29:49 | 000,000,950 | ---- | M] () -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-4.xml
[2011.09.29 08:47:30 | 000,000,950 | ---- | M] () -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-5.xml
[2011.11.15 17:48:42 | 000,000,950 | ---- | M] () -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-6.xml
[2012.01.05 13:30:53 | 000,000,950 | ---- | M] () -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-7.xml
[2012.02.01 06:37:34 | 000,000,950 | ---- | M] () -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-8.xml
[2012.02.28 13:20:51 | 000,000,950 | ---- | M] () -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-9.xml
[2011.06.25 09:42:17 | 000,001,056 | ---- | M] () -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin.xml
[2011.04.28 19:42:58 | 000,001,975 | ---- | M] () -- C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\plasmoo.xml
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{038fe954-381e-11e0-ba75-705ab6711a2b}\Shell - "" = AutoRun
O33 - MountPoints2\{038fe954-381e-11e0-ba75-705ab6711a2b}\Shell\AutoRun\command - "" = F:\pushinst.exe
:Files
C:\Program Files (x86)\ICQ6Toolbar
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Stechus · 07.09.2012, 11:47

Code:

ATTFilter

All processes killed
========== OTL ==========
Prefs.js: "Plasmoo" removed from browser.search.defaultenginename
Prefs.js: "Plasmoo" removed from browser.search.defaultthis.engineName
Prefs.js: "hxxp://plasmoo.com/index.htm?SearchMashine=true&amp;q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: engine@plasmoo.com:1.0.0.32 removed from extensions.enabledItems
C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\Firefox\Profiles\p24rhmfm.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\chrome folder moved successfully.
C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\Firefox\Profiles\p24rhmfm.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} folder moved successfully.
C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\Firefox\Profiles\p24rhmfm.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins folder moved successfully.
C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\Firefox\Profiles\p24rhmfm.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\META-INF folder moved successfully.
C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\Firefox\Profiles\p24rhmfm.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\defaults\preferences folder moved successfully.
C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\Firefox\Profiles\p24rhmfm.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\defaults folder moved successfully.
C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\Firefox\Profiles\p24rhmfm.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\chrome\skin\images folder moved successfully.
C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\Firefox\Profiles\p24rhmfm.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\chrome\skin folder moved successfully.
C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\Firefox\Profiles\p24rhmfm.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\chrome\locale\ro-RO folder moved successfully.
C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\Firefox\Profiles\p24rhmfm.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\chrome\locale\en-US folder moved successfully.
C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\Firefox\Profiles\p24rhmfm.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\chrome\locale folder moved successfully.
C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\Firefox\Profiles\p24rhmfm.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\chrome\content folder moved successfully.
C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\Firefox\Profiles\p24rhmfm.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\chrome folder moved successfully.
C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\Firefox\Profiles\p24rhmfm.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} folder moved successfully.
C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\icqplugin.xml moved successfully.
C:\Users\Stechus Kaktus\AppData\Roaming\mozilla\firefox\profiles\p24rhmfm.default\searchplugins\plasmoo.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ deleted successfully.
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ deleted successfully.
C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{038fe954-381e-11e0-ba75-705ab6711a2b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{038fe954-381e-11e0-ba75-705ab6711a2b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{038fe954-381e-11e0-ba75-705ab6711a2b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{038fe954-381e-11e0-ba75-705ab6711a2b}\ not found.
File F:\pushinst.exe not found.
========== FILES ==========
C:\Program Files (x86)\ICQ6Toolbar folder moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Stechus Kaktus\Desktop\cmd.bat deleted successfully.
C:\Users\Stechus Kaktus\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41044 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: Stechus Kaktus
->Temp folder emptied: 10184159 bytes
->Temporary Internet Files folder emptied: 22761108 bytes
->Java cache emptied: 252591 bytes
->FireFox cache emptied: 598174223 bytes
->Flash cache emptied: 2879513 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 135265788 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36048856 bytes
RecycleBin emptied: 826208 bytes
 
Total Files Cleaned = 769,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
->Flash cache emptied: 0 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: Public
 
User: Stechus Kaktus
->Flash cache emptied: 0 bytes
 
Total Flash Files Cleaned = 0,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.61.0 log created on 09072012_124112

Files\Folders moved on Reboot...
C:\Users\Stechus Kaktus\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

cosinus · 09.09.2012, 20:32

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

Stechus · 09.09.2012, 21:41

Code:

ATTFilter

22:35:20.0963 0360  TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
22:35:21.0104 0360  ============================================================
22:35:21.0104 0360  Current date / time: 2012/09/09 22:35:21.0104
22:35:21.0104 0360  SystemInfo:
22:35:21.0104 0360  
22:35:21.0104 0360  OS Version: 6.1.7600 ServicePack: 0.0
22:35:21.0104 0360  Product type: Workstation
22:35:21.0104 0360  ComputerName: STECHUSKAKTUS
22:35:21.0104 0360  UserName: Stechus Kaktus
22:35:21.0104 0360  Windows directory: C:\Windows
22:35:21.0104 0360  System windows directory: C:\Windows
22:35:21.0104 0360  Running under WOW64
22:35:21.0104 0360  Processor architecture: Intel x64
22:35:21.0104 0360  Number of processors: 4
22:35:21.0104 0360  Page size: 0x1000
22:35:21.0104 0360  Boot type: Normal boot
22:35:21.0104 0360  ============================================================
22:35:21.0494 0360  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:35:21.0509 0360  ============================================================
22:35:21.0509 0360  \Device\Harddisk0\DR0:
22:35:21.0509 0360  MBR partitions:
22:35:21.0509 0360  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC8800, BlocksNum 0x12A17000
22:35:21.0509 0360  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x12ADF800, BlocksNum 0x1294F000
22:35:21.0509 0360  ============================================================
22:35:21.0525 0360  C: <-> \Device\Harddisk0\DR0\Partition1
22:35:21.0556 0360  D: <-> \Device\Harddisk0\DR0\Partition2
22:35:21.0556 0360  ============================================================
22:35:21.0556 0360  Initialize success
22:35:21.0556 0360  ============================================================
22:35:56.0656 5872  ============================================================
22:35:56.0656 5872  Scan started
22:35:56.0656 5872  Mode: Manual; SigCheck; TDLFS; 
22:35:56.0656 5872  ============================================================
22:35:57.0389 5872  ================ Scan system memory ========================
22:35:57.0389 5872  System memory - ok
22:35:57.0389 5872  ================ Scan services =============================
22:35:57.0498 5872  [ 7D9D615201A483D6FA99491C2E655A5A ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
22:35:57.0561 5872  !SASCORE - ok
22:35:57.0764 5872  [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
22:35:57.0873 5872  1394ohci - ok
22:35:57.0935 5872  [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
22:35:57.0966 5872  ACPI - ok
22:35:57.0982 5872  [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
22:35:58.0107 5872  AcpiPmi - ok
22:35:58.0263 5872  [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:35:58.0294 5872  AdobeFlashPlayerUpdateSvc - ok
22:35:58.0341 5872  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
22:35:58.0372 5872  adp94xx - ok
22:35:58.0403 5872  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
22:35:58.0434 5872  adpahci - ok
22:35:58.0450 5872  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
22:35:58.0466 5872  adpu320 - ok
22:35:58.0497 5872  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:35:58.0684 5872  AeLookupSvc - ok
22:35:58.0731 5872  [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD             C:\Windows\system32\drivers\afd.sys
22:35:58.0793 5872  AFD - ok
22:35:58.0840 5872  [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
22:35:58.0980 5872  AgereSoftModem - ok
22:35:59.0012 5872  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
22:35:59.0027 5872  agp440 - ok
22:35:59.0058 5872  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
22:35:59.0136 5872  ALG - ok
22:35:59.0152 5872  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
22:35:59.0168 5872  aliide - ok
22:35:59.0230 5872  [ 16D2883EA6296333435DF0C8B7D164B8 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:35:59.0324 5872  AMD External Events Utility - ok
22:35:59.0355 5872  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
22:35:59.0370 5872  amdide - ok
22:35:59.0386 5872  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
22:35:59.0433 5872  AmdK8 - ok
22:35:59.0433 5872  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
22:35:59.0480 5872  AmdPPM - ok
22:35:59.0511 5872  [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:35:59.0526 5872  amdsata - ok
22:35:59.0558 5872  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
22:35:59.0573 5872  amdsbs - ok
22:35:59.0589 5872  [ DB27766102C7BF7E95140A2AA81D042E ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:35:59.0589 5872  amdxata - ok
22:35:59.0729 5872  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:35:59.0745 5872  AntiVirSchedulerService - ok
22:35:59.0792 5872  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:35:59.0807 5872  AntiVirService - ok
22:35:59.0854 5872  [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID           C:\Windows\system32\drivers\appid.sys
22:35:59.0963 5872  AppID - ok
22:35:59.0994 5872  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:36:00.0072 5872  AppIDSvc - ok
22:36:00.0119 5872  [ D065BE66822847B7F127D1F90158376E ] Appinfo         C:\Windows\System32\appinfo.dll
22:36:00.0166 5872  Appinfo - ok
22:36:00.0197 5872  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
22:36:00.0228 5872  arc - ok
22:36:00.0244 5872  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
22:36:00.0260 5872  arcsas - ok
22:36:00.0275 5872  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:36:00.0353 5872  AsyncMac - ok
22:36:00.0384 5872  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
22:36:00.0400 5872  atapi - ok
22:36:00.0603 5872  [ C9F90FEE4FDC829382B9130A92FB744C ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
22:36:00.0852 5872  atikmdag - ok
22:36:00.0899 5872  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:36:00.0993 5872  AudioEndpointBuilder - ok
22:36:01.0024 5872  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:36:01.0071 5872  AudioSrv - ok
22:36:01.0133 5872  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
22:36:01.0164 5872  avgntflt - ok
22:36:01.0196 5872  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
22:36:01.0211 5872  avipbb - ok
22:36:01.0227 5872  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
22:36:01.0242 5872  avkmgr - ok
22:36:01.0289 5872  [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:36:01.0414 5872  AxInstSV - ok
22:36:01.0445 5872  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
22:36:01.0523 5872  b06bdrv - ok
22:36:01.0554 5872  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:36:01.0601 5872  b57nd60a - ok
22:36:01.0648 5872  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:36:01.0695 5872  BDESVC - ok
22:36:01.0710 5872  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:36:01.0788 5872  Beep - ok
22:36:01.0835 5872  [ 4992C609A6315671463E30F6512BC022 ] BFE             C:\Windows\System32\bfe.dll
22:36:01.0929 5872  BFE - ok
22:36:01.0960 5872  [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS            C:\Windows\System32\qmgr.dll
22:36:02.0054 5872  BITS - ok
22:36:02.0085 5872  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:36:02.0132 5872  blbdrive - ok
22:36:02.0163 5872  [ 19D20159708E152267E53B66677A4995 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:36:02.0225 5872  bowser - ok
22:36:02.0256 5872  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:36:02.0288 5872  BrFiltLo - ok
22:36:02.0303 5872  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:36:02.0319 5872  BrFiltUp - ok
22:36:02.0350 5872  [ 6B054C67AAA87843504E8E3C09102009 ] Browser         C:\Windows\System32\browser.dll
22:36:02.0412 5872  Browser - ok
22:36:02.0428 5872  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:36:02.0459 5872  Brserid - ok
22:36:02.0459 5872  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:36:02.0506 5872  BrSerWdm - ok
22:36:02.0506 5872  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:36:02.0568 5872  BrUsbMdm - ok
22:36:02.0584 5872  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:36:02.0600 5872  BrUsbSer - ok
22:36:02.0615 5872  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
22:36:02.0646 5872  BTHMODEM - ok
22:36:02.0678 5872  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
22:36:02.0724 5872  bthserv - ok
22:36:02.0771 5872  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:36:02.0802 5872  cdfs - ok
22:36:02.0849 5872  [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:36:02.0880 5872  cdrom - ok
22:36:02.0912 5872  [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc     C:\Windows\System32\certprop.dll
22:36:02.0990 5872  CertPropSvc - ok
22:36:03.0083 5872  [ ADBDC69A0C25361870A1AC009D29F960 ] cfWiMAXService  C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
22:36:03.0114 5872  cfWiMAXService - ok
22:36:03.0130 5872  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
22:36:03.0177 5872  circlass - ok
22:36:03.0208 5872  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
22:36:03.0224 5872  CLFS - ok
22:36:03.0317 5872  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:36:03.0348 5872  clr_optimization_v2.0.50727_32 - ok
22:36:03.0411 5872  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:36:03.0426 5872  clr_optimization_v2.0.50727_64 - ok
22:36:03.0520 5872  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:36:03.0567 5872  clr_optimization_v4.0.30319_32 - ok
22:36:03.0614 5872  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:36:03.0645 5872  clr_optimization_v4.0.30319_64 - ok
22:36:03.0676 5872  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:36:03.0738 5872  CmBatt - ok
22:36:03.0770 5872  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
22:36:03.0770 5872  cmdide - ok
22:36:03.0832 5872  [ CA7720B73446FDDEC5C69519C1174C98 ] CNG             C:\Windows\system32\Drivers\cng.sys
22:36:03.0894 5872  CNG - ok
22:36:03.0941 5872  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:36:03.0957 5872  Compbatt - ok
22:36:03.0972 5872  [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
22:36:04.0019 5872  CompositeBus - ok
22:36:04.0019 5872  COMSysApp - ok
22:36:04.0066 5872  [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
22:36:04.0066 5872  ConfigFree Service - ok
22:36:04.0097 5872  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
22:36:04.0113 5872  crcdisk - ok
22:36:04.0128 5872  [ F02786B66375292E58C8777082D4396D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:36:04.0175 5872  CryptSvc - ok
22:36:04.0206 5872  [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:36:04.0284 5872  DcomLaunch - ok
22:36:04.0316 5872  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
22:36:04.0394 5872  defragsvc - ok
22:36:04.0456 5872  [ 9C253CE7311CA60FC11C774692A13208 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:36:04.0518 5872  DfsC - ok
22:36:04.0534 5872  [ CE3B9562D997F69B330D181A8875960F ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:36:04.0643 5872  Dhcp - ok
22:36:04.0674 5872  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
22:36:04.0752 5872  discache - ok
22:36:04.0784 5872  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
22:36:04.0799 5872  Disk - ok
22:36:04.0830 5872  [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:36:04.0877 5872  Dnscache - ok
22:36:04.0908 5872  [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc         C:\Windows\System32\dot3svc.dll
22:36:04.0971 5872  dot3svc - ok
22:36:04.0986 5872  [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS             C:\Windows\system32\dps.dll
22:36:05.0049 5872  DPS - ok
22:36:05.0080 5872  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:36:05.0142 5872  drmkaud - ok
22:36:05.0205 5872  [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:36:05.0283 5872  DXGKrnl - ok
22:36:05.0298 5872  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
22:36:05.0345 5872  EapHost - ok
22:36:05.0439 5872  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
22:36:05.0610 5872  ebdrv - ok
22:36:05.0642 5872  [ 156F6159457D0AA7E59B62681B56EB90 ] EFS             C:\Windows\System32\lsass.exe
22:36:05.0688 5872  EFS - ok
22:36:05.0766 5872  [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:36:05.0829 5872  ehRecvr - ok
22:36:05.0860 5872  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
22:36:05.0922 5872  ehSched - ok
22:36:05.0969 5872  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
22:36:06.0016 5872  elxstor - ok
22:36:06.0016 5872  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
22:36:06.0063 5872  ErrDev - ok
22:36:06.0110 5872  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
22:36:06.0156 5872  EventSystem - ok
22:36:06.0172 5872  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
22:36:06.0234 5872  exfat - ok
22:36:06.0250 5872  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:36:06.0312 5872  fastfat - ok
22:36:06.0359 5872  [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax             C:\Windows\system32\fxssvc.exe
22:36:06.0422 5872  Fax - ok
22:36:06.0453 5872  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
22:36:06.0484 5872  fdc - ok
22:36:06.0515 5872  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
22:36:06.0578 5872  fdPHost - ok
22:36:06.0593 5872  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:36:06.0671 5872  FDResPub - ok
22:36:06.0702 5872  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:36:06.0718 5872  FileInfo - ok
22:36:06.0734 5872  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:36:06.0796 5872  Filetrace - ok
22:36:06.0812 5872  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
22:36:06.0827 5872  flpydisk - ok
22:36:06.0858 5872  [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:36:06.0874 5872  FltMgr - ok
22:36:06.0921 5872  [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache       C:\Windows\system32\FntCache.dll
22:36:07.0061 5872  FontCache - ok
22:36:07.0124 5872  [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:36:07.0139 5872  FontCache3.0.0.0 - ok
22:36:07.0170 5872  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:36:07.0202 5872  FsDepends - ok
22:36:07.0217 5872  [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:36:07.0233 5872  Fs_Rec - ok
22:36:07.0280 5872  [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:36:07.0311 5872  fvevol - ok
22:36:07.0342 5872  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
22:36:07.0358 5872  gagp30kx - ok
22:36:07.0436 5872  [ C44D560E441F091EA3B72F778EC60DE2 ] GameConsoleService C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
22:36:07.0467 5872  GameConsoleService - ok
22:36:07.0514 5872  [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc           C:\Windows\System32\gpsvc.dll
22:36:07.0576 5872  gpsvc - ok
22:36:07.0654 5872  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:36:07.0685 5872  gupdate - ok
22:36:07.0716 5872  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:36:07.0732 5872  gupdatem - ok
22:36:07.0779 5872  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
22:36:07.0810 5872  gusvc - ok
22:36:07.0857 5872  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:36:07.0904 5872  hcw85cir - ok
22:36:07.0950 5872  [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:36:07.0997 5872  HdAudAddService - ok
22:36:08.0028 5872  [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
22:36:08.0060 5872  HDAudBus - ok
22:36:08.0091 5872  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
22:36:08.0106 5872  HECIx64 - ok
22:36:08.0106 5872  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
22:36:08.0138 5872  HidBatt - ok
22:36:08.0138 5872  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
22:36:08.0169 5872  HidBth - ok
22:36:08.0169 5872  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
22:36:08.0216 5872  HidIr - ok
22:36:08.0231 5872  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
22:36:08.0294 5872  hidserv - ok
22:36:08.0340 5872  [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:36:08.0372 5872  HidUsb - ok
22:36:08.0434 5872  [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:36:08.0512 5872  hkmsvc - ok
22:36:08.0528 5872  [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:36:08.0590 5872  HomeGroupListener - ok
22:36:08.0621 5872  [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:36:08.0652 5872  HomeGroupProvider - ok
22:36:08.0684 5872  [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
22:36:08.0715 5872  HpSAMD - ok
22:36:08.0762 5872  [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:36:08.0840 5872  HTTP - ok
22:36:08.0855 5872  [ F17766A19145F111856378DF337A5D79 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:36:08.0871 5872  hwpolicy - ok
22:36:08.0902 5872  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
22:36:08.0918 5872  i8042prt - ok
22:36:08.0964 5872  [ 631FA8935163B01FC0C02966CB3ADB92 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
22:36:08.0996 5872  iaStor - ok
22:36:09.0074 5872  [ 7493EA4DE41348F7D3EDBF9DB298F56A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:36:09.0089 5872  IAStorDataMgrSvc - ok
22:36:09.0136 5872  [ B75E45C564E944A2657167D197AB29DA ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:36:09.0167 5872  iaStorV - ok
22:36:09.0183 5872  ICQ Service - ok
22:36:09.0245 5872  [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:36:09.0292 5872  idsvc - ok
22:36:09.0323 5872  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
22:36:09.0323 5872  iirsp - ok
22:36:09.0370 5872  [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT          C:\Windows\System32\ikeext.dll
22:36:09.0432 5872  IKEEXT - ok
22:36:09.0526 5872  [ 59B0BBA422F04467E8C89B7CE6AE95E1 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:36:09.0620 5872  IntcAzAudAddService - ok
22:36:09.0635 5872  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
22:36:09.0651 5872  intelide - ok
22:36:09.0682 5872  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:36:09.0698 5872  intelppm - ok
22:36:09.0760 5872  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:36:09.0822 5872  IPBusEnum - ok
22:36:09.0838 5872  [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:36:09.0869 5872  IpFilterDriver - ok
22:36:09.0900 5872  [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:36:09.0978 5872  iphlpsvc - ok
22:36:09.0994 5872  [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
22:36:10.0025 5872  IPMIDRV - ok
22:36:10.0025 5872  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:36:10.0088 5872  IPNAT - ok
22:36:10.0119 5872  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:36:10.0134 5872  IRENUM - ok
22:36:10.0150 5872  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
22:36:10.0166 5872  isapnp - ok
22:36:10.0181 5872  [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
22:36:10.0197 5872  iScsiPrt - ok
22:36:10.0259 5872  [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr       C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
22:36:10.0290 5872  IviRegMgr - ok
22:36:10.0306 5872  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:36:10.0322 5872  kbdclass - ok
22:36:10.0368 5872  [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:36:10.0400 5872  kbdhid - ok
22:36:10.0400 5872  [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso          C:\Windows\system32\lsass.exe
22:36:10.0431 5872  KeyIso - ok
22:36:10.0462 5872  [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:36:10.0478 5872  KSecDD - ok
22:36:10.0509 5872  [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:36:10.0524 5872  KSecPkg - ok
22:36:10.0524 5872  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:36:10.0602 5872  ksthunk - ok
22:36:10.0634 5872  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:36:10.0696 5872  KtmRm - ok
22:36:10.0743 5872  [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:36:10.0790 5872  LanmanServer - ok
22:36:10.0821 5872  [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:36:10.0899 5872  LanmanWorkstation - ok
22:36:10.0946 5872  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:36:11.0024 5872  lltdio - ok
22:36:11.0055 5872  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:36:11.0102 5872  lltdsvc - ok
22:36:11.0117 5872  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:36:11.0180 5872  lmhosts - ok
22:36:11.0258 5872  [ A1C148801B4AF64847AEB9F3AD9594EF ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:36:11.0273 5872  LMS ( UnsignedFile.Multi.Generic ) - warning
22:36:11.0273 5872  LMS - detected UnsignedFile.Multi.Generic (1)
22:36:11.0320 5872  [ 41E122F6D1448C94CC05196BC41D6BFB ] LPCFilter       C:\Windows\system32\DRIVERS\LPCFilter.sys
22:36:11.0351 5872  LPCFilter - ok
22:36:11.0383 5872  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
22:36:11.0414 5872  LSI_FC - ok
22:36:11.0429 5872  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
22:36:11.0445 5872  LSI_SAS - ok
22:36:11.0445 5872  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:36:11.0461 5872  LSI_SAS2 - ok
22:36:11.0476 5872  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:36:11.0492 5872  LSI_SCSI - ok
22:36:11.0523 5872  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
22:36:11.0570 5872  luafv - ok
22:36:11.0617 5872  [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:36:11.0632 5872  Mcx2Svc - ok
22:36:11.0648 5872  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
22:36:11.0663 5872  megasas - ok
22:36:11.0679 5872  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
22:36:11.0695 5872  MegaSR - ok
22:36:11.0710 5872  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
22:36:11.0773 5872  MMCSS - ok
22:36:11.0773 5872  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
22:36:11.0835 5872  Modem - ok
22:36:11.0851 5872  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:36:11.0897 5872  monitor - ok
22:36:11.0913 5872  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:36:11.0929 5872  mouclass - ok
22:36:11.0960 5872  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:36:12.0007 5872  mouhid - ok
22:36:12.0022 5872  [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:36:12.0038 5872  mountmgr - ok
22:36:12.0100 5872  [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:36:12.0131 5872  MozillaMaintenance - ok
22:36:12.0147 5872  [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
22:36:12.0163 5872  mpio - ok
22:36:12.0194 5872  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:36:12.0256 5872  mpsdrv - ok
22:36:12.0303 5872  [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:36:12.0412 5872  MpsSvc - ok
22:36:12.0412 5872  [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:36:12.0428 5872  MRxDAV - ok
22:36:12.0459 5872  [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:36:12.0490 5872  mrxsmb - ok
22:36:12.0521 5872  [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:36:12.0537 5872  mrxsmb10 - ok
22:36:12.0584 5872  [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:36:12.0615 5872  mrxsmb20 - ok
22:36:12.0646 5872  [ 5C37497276E3B3A5488B23A326A754B7 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
22:36:12.0662 5872  msahci - ok
22:36:12.0677 5872  [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
22:36:12.0693 5872  msdsm - ok
22:36:12.0724 5872  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
22:36:12.0755 5872  MSDTC - ok
22:36:12.0771 5872  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:36:12.0818 5872  Msfs - ok
22:36:12.0849 5872  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:36:12.0896 5872  mshidkmdf - ok
22:36:12.0911 5872  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
22:36:12.0927 5872  msisadrv - ok
22:36:12.0958 5872  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:36:13.0036 5872  MSiSCSI - ok
22:36:13.0036 5872  msiserver - ok
22:36:13.0067 5872  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:36:13.0177 5872  MSKSSRV - ok
22:36:13.0177 5872  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:36:13.0239 5872  MSPCLOCK - ok
22:36:13.0255 5872  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:36:13.0333 5872  MSPQM - ok
22:36:13.0364 5872  [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:36:13.0379 5872  MsRPC - ok
22:36:13.0411 5872  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
22:36:13.0411 5872  mssmbios - ok
22:36:13.0442 5872  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:36:13.0489 5872  MSTEE - ok
22:36:13.0504 5872  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
22:36:13.0520 5872  MTConfig - ok
22:36:13.0535 5872  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
22:36:13.0551 5872  Mup - ok
22:36:13.0598 5872  [ 4987E079A4530FA737A128BE54B63B12 ] napagent        C:\Windows\system32\qagentRT.dll
22:36:13.0691 5872  napagent - ok
22:36:13.0738 5872  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:36:13.0801 5872  NativeWifiP - ok
22:36:13.0847 5872  [ CAD515DBD07D082BB317D9928CE8962C ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:36:13.0910 5872  NDIS - ok
22:36:13.0925 5872  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:36:13.0972 5872  NdisCap - ok
22:36:14.0003 5872  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:36:14.0081 5872  NdisTapi - ok
22:36:14.0097 5872  [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:36:14.0159 5872  Ndisuio - ok
22:36:14.0175 5872  [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:36:14.0222 5872  NdisWan - ok
22:36:14.0237 5872  [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:36:14.0300 5872  NDProxy - ok
22:36:14.0315 5872  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:36:14.0378 5872  NetBIOS - ok
22:36:14.0409 5872  [ 9162B273A44AB9DCE5B44362731D062A ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:36:14.0440 5872  NetBT - ok
22:36:14.0456 5872  [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon        C:\Windows\system32\lsass.exe
22:36:14.0471 5872  Netlogon - ok
22:36:14.0518 5872  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
22:36:14.0612 5872  Netman - ok
22:36:14.0627 5872  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
22:36:14.0690 5872  netprofm - ok
22:36:14.0721 5872  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:36:14.0737 5872  NetTcpPortSharing - ok
22:36:14.0768 5872  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
22:36:14.0783 5872  nfrd960 - ok
22:36:14.0815 5872  [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:36:14.0877 5872  NlaSvc - ok
22:36:14.0939 5872  [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess       C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
22:36:14.0955 5872  NMSAccess - ok
22:36:14.0986 5872  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:36:15.0049 5872  Npfs - ok
22:36:15.0080 5872  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
22:36:15.0127 5872  nsi - ok
22:36:15.0142 5872  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:36:15.0220 5872  nsiproxy - ok
22:36:15.0283 5872  [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:36:15.0376 5872  Ntfs - ok
22:36:15.0392 5872  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
22:36:15.0439 5872  Null - ok
22:36:15.0454 5872  [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:36:15.0470 5872  nvraid - ok
22:36:15.0501 5872  [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:36:15.0532 5872  nvstor - ok
22:36:15.0563 5872  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
22:36:15.0579 5872  nv_agp - ok
22:36:15.0657 5872  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:36:15.0688 5872  odserv - ok
22:36:15.0688 5872  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
22:36:15.0719 5872  ohci1394 - ok
22:36:15.0766 5872  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:36:15.0782 5872  ose - ok
22:36:15.0829 5872  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:36:15.0891 5872  p2pimsvc - ok
22:36:15.0922 5872  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
22:36:15.0953 5872  p2psvc - ok
22:36:15.0985 5872  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
22:36:16.0000 5872  Parport - ok
22:36:16.0031 5872  [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:36:16.0047 5872  partmgr - ok
22:36:16.0063 5872  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:36:16.0094 5872  PcaSvc - ok
22:36:16.0109 5872  [ F36F6504009F2FB0DFD1B17A116AD74B ] pci             C:\Windows\system32\DRIVERS\pci.sys
22:36:16.0125 5872  pci - ok
22:36:16.0156 5872  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
22:36:16.0172 5872  pciide - ok
22:36:16.0187 5872  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
22:36:16.0203 5872  pcmcia - ok
22:36:16.0234 5872  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:36:16.0234 5872  pcw - ok
22:36:16.0250 5872  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:36:16.0312 5872  PEAUTH - ok
22:36:16.0437 5872  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:36:16.0484 5872  PerfHost - ok
22:36:16.0546 5872  [ 663962900E7FEA522126BA287715BB4A ] PGEffect        C:\Windows\system32\DRIVERS\pgeffect.sys
22:36:16.0546 5872  PGEffect - ok
22:36:16.0624 5872  [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla             C:\Windows\system32\pla.dll
22:36:16.0733 5872  pla - ok
22:36:16.0765 5872  [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:36:16.0796 5872  PlugPlay - ok
22:36:16.0811 5872  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:36:16.0874 5872  PNRPAutoReg - ok
22:36:16.0905 5872  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:36:16.0936 5872  PNRPsvc - ok
22:36:16.0983 5872  [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:36:17.0077 5872  PolicyAgent - ok
22:36:17.0123 5872  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
22:36:17.0201 5872  Power - ok
22:36:17.0248 5872  [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:36:17.0342 5872  PptpMiniport - ok
22:36:17.0357 5872  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
22:36:17.0373 5872  Processor - ok
22:36:17.0435 5872  [ 97293447431311C06703368AD0F6C4BE ] ProfSvc         C:\Windows\system32\profsvc.dll
22:36:17.0467 5872  ProfSvc - ok
22:36:17.0482 5872  [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:36:17.0498 5872  ProtectedStorage - ok
22:36:17.0529 5872  [ EE992183BD8EAEFD9973F352E587A299 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:36:17.0591 5872  Psched - ok
22:36:17.0654 5872  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
22:36:17.0763 5872  ql2300 - ok
22:36:17.0779 5872  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
22:36:17.0794 5872  ql40xx - ok
22:36:17.0841 5872  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
22:36:17.0857 5872  QWAVE - ok
22:36:17.0872 5872  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:36:17.0903 5872  QWAVEdrv - ok
22:36:17.0919 5872  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:36:17.0981 5872  RasAcd - ok
22:36:18.0013 5872  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:36:18.0075 5872  RasAgileVpn - ok
22:36:18.0091 5872  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
22:36:18.0137 5872  RasAuto - ok
22:36:18.0169 5872  [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:36:18.0231 5872  Rasl2tp - ok
22:36:18.0247 5872  [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan          C:\Windows\System32\rasmans.dll
22:36:18.0309 5872  RasMan - ok
22:36:18.0340 5872  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:36:18.0387 5872  RasPppoe - ok
22:36:18.0418 5872  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:36:18.0465 5872  RasSstp - ok
22:36:18.0496 5872  [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:36:18.0559 5872  rdbss - ok
22:36:18.0574 5872  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
22:36:18.0590 5872  rdpbus - ok
22:36:18.0590 5872  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:36:18.0637 5872  RDPCDD - ok
22:36:18.0668 5872  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:36:18.0715 5872  RDPENCDD - ok
22:36:18.0746 5872  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:36:18.0777 5872  RDPREFMP - ok
22:36:18.0824 5872  [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:36:18.0871 5872  RDPWD - ok
22:36:18.0902 5872  [ 634B9A2181D98F15941236886164EC8B ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:36:18.0933 5872  rdyboost - ok
22:36:18.0964 5872  [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi            C:\Windows\system32\drivers\regi.sys
22:36:18.0980 5872  regi - ok
22:36:19.0011 5872  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:36:19.0105 5872  RemoteAccess - ok
22:36:19.0136 5872  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:36:19.0183 5872  RemoteRegistry - ok
22:36:19.0214 5872  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:36:19.0276 5872  RpcEptMapper - ok
22:36:19.0307 5872  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
22:36:19.0354 5872  RpcLocator - ok
22:36:19.0385 5872  [ 7266972E86890E2B30C0C322E906B027 ] RpcSs           C:\Windows\system32\rpcss.dll
22:36:19.0432 5872  RpcSs - ok
22:36:19.0463 5872  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:36:19.0526 5872  rspndr - ok
22:36:19.0557 5872  RSUSBSTOR - ok
22:36:19.0588 5872  [ 483C537E69FA97C77F7FE0E2E1C1F102 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
22:36:19.0604 5872  RTHDMIAzAudService - ok
22:36:19.0651 5872  [ 365ED58B47B46DE8B1C5FA759B6FCD6E ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
22:36:19.0744 5872  RTL8167 - ok
22:36:19.0791 5872  [ 3EC7911ED886DC5D8A9F70129254679C ] RTL8187Se       C:\Windows\system32\DRIVERS\RTL8187Se.sys
22:36:19.0838 5872  RTL8187Se - ok
22:36:19.0900 5872  [ A8ED9726734D403217A4861A6788B144 ] rtl8192se       C:\Windows\system32\DRIVERS\rtl8192se.sys
22:36:19.0963 5872  rtl8192se - ok
22:36:19.0978 5872  [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs           C:\Windows\system32\lsass.exe
22:36:19.0994 5872  SamSs - ok
22:36:20.0103 5872  [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
22:36:20.0119 5872  SASDIFSV - ok
22:36:20.0165 5872  [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
22:36:20.0181 5872  SASKUTIL - ok
22:36:20.0197 5872  [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
22:36:20.0212 5872  sbp2port - ok
22:36:20.0259 5872  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:36:20.0321 5872  SCardSvr - ok
22:36:20.0353 5872  [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:36:20.0415 5872  scfilter - ok
22:36:20.0493 5872  [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule        C:\Windows\system32\schedsvc.dll
22:36:20.0555 5872  Schedule - ok
22:36:20.0571 5872  [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:36:20.0618 5872  SCPolicySvc - ok
22:36:20.0649 5872  [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:36:20.0711 5872  SDRSVC - ok
22:36:20.0743 5872  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:36:20.0805 5872  secdrv - ok
22:36:20.0821 5872  [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon        C:\Windows\system32\seclogon.dll
22:36:20.0899 5872  seclogon - ok
22:36:20.0914 5872  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
22:36:20.0961 5872  SENS - ok
22:36:20.0992 5872  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:36:21.0039 5872  SensrSvc - ok
22:36:21.0070 5872  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
22:36:21.0086 5872  Serenum - ok
22:36:21.0117 5872  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
22:36:21.0148 5872  Serial - ok
22:36:21.0164 5872  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
22:36:21.0195 5872  sermouse - ok
22:36:21.0211 5872  [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv      C:\Windows\system32\sessenv.dll
22:36:21.0257 5872  SessionEnv - ok
22:36:21.0273 5872  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
22:36:21.0289 5872  sffdisk - ok
22:36:21.0304 5872  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
22:36:21.0320 5872  sffp_mmc - ok
22:36:21.0320 5872  [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
22:36:21.0351 5872  sffp_sd - ok
22:36:21.0351 5872  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
22:36:21.0382 5872  sfloppy - ok
22:36:21.0398 5872  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:36:21.0507 5872  SharedAccess - ok
22:36:21.0538 5872  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:36:21.0585 5872  ShellHWDetection - ok
22:36:21.0601 5872  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:36:21.0616 5872  SiSRaid2 - ok
22:36:21.0632 5872  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
22:36:21.0647 5872  SiSRaid4 - ok
22:36:21.0663 5872  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:36:21.0710 5872  Smb - ok
22:36:21.0725 5872  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:36:21.0757 5872  SNMPTRAP - ok
22:36:21.0772 5872  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:36:21.0772 5872  spldr - ok
22:36:21.0835 5872  [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler         C:\Windows\System32\spoolsv.exe
22:36:21.0897 5872  Spooler - ok
22:36:22.0022 5872  [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc          C:\Windows\system32\sppsvc.exe
22:36:22.0147 5872  sppsvc - ok
22:36:22.0162 5872  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:36:22.0225 5872  sppuinotify - ok
22:36:22.0271 5872  [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:36:22.0318 5872  srv - ok
22:36:22.0349 5872  [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:36:22.0396 5872  srv2 - ok
22:36:22.0443 5872  [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:36:22.0474 5872  srvnet - ok
22:36:22.0521 5872  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:36:22.0583 5872  SSDPSRV - ok
22:36:22.0615 5872  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:36:22.0677 5872  SstpSvc - ok
22:36:22.0724 5872  [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen        C:\Windows\system32\drivers\StarOpen.sys
22:36:22.0724 5872  StarOpen ( UnsignedFile.Multi.Generic ) - warning
22:36:22.0724 5872  StarOpen - detected UnsignedFile.Multi.Generic (1)
22:36:22.0755 5872  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
22:36:22.0771 5872  stexstor - ok
22:36:22.0817 5872  [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc          C:\Windows\System32\wiaservc.dll
22:36:22.0849 5872  stisvc - ok
22:36:22.0864 5872  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
22:36:22.0880 5872  swenum - ok
22:36:22.0895 5872  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
22:36:22.0958 5872  swprv - ok
22:36:23.0020 5872  [ E28CA52ECF8CB6EB04B34DE440BA260E ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
22:36:23.0051 5872  SynTP - ok
22:36:23.0114 5872  [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain         C:\Windows\system32\sysmain.dll
22:36:23.0207 5872  SysMain - ok
22:36:23.0223 5872  [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:36:23.0254 5872  TabletInputService - ok
22:36:23.0270 5872  [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:36:23.0332 5872  TapiSrv - ok
22:36:23.0348 5872  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
22:36:23.0410 5872  TBS - ok
22:36:23.0504 5872  [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:36:23.0613 5872  Tcpip - ok
22:36:23.0660 5872  [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:36:23.0707 5872  TCPIP6 - ok
22:36:23.0722 5872  [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:36:23.0769 5872  tcpipreg - ok
22:36:23.0816 5872  [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst        C:\Windows\system32\DRIVERS\tdcmdpst.sys
22:36:23.0816 5872  tdcmdpst - ok
22:36:23.0863 5872  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:36:23.0909 5872  TDPIPE - ok
22:36:23.0956 5872  [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:36:24.0003 5872  TDTCP - ok
22:36:24.0019 5872  [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:36:24.0097 5872  tdx - ok
22:36:24.0175 5872  [ 601486B76ABB0CAC959EDC79DF304287 ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
22:36:24.0206 5872  TemproMonitoringService - ok
22:36:24.0221 5872  [ C448651339196C0E869A355171875522 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
22:36:24.0237 5872  TermDD - ok
22:36:24.0284 5872  [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService     C:\Windows\System32\termsrv.dll
22:36:24.0377 5872  TermService - ok
22:36:24.0393 5872  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
22:36:24.0424 5872  Themes - ok
22:36:24.0440 5872  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
22:36:24.0471 5872  THREADORDER - ok
22:36:24.0518 5872  [ 28644B0523D64EFF2FC7312A2EE74B0A ] TMachInfo       C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
22:36:24.0533 5872  TMachInfo - ok
22:36:24.0565 5872  [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv         C:\Windows\system32\TODDSrv.exe
22:36:24.0580 5872  TODDSrv - ok
22:36:24.0674 5872  [ 98C864481D62F86EC8AF65BE3419A95B ] TosCoSrv        C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
22:36:24.0705 5872  TosCoSrv - ok
22:36:24.0783 5872  [ B578F7E7914E7D9EB161032A613DE3BD ] TOSHIBA Bluetooth Service C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
22:36:24.0814 5872  TOSHIBA Bluetooth Service - ok
22:36:24.0892 5872  [ 6938CBD31B47092B042420A5FD2E9AAE ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
22:36:24.0923 5872  TOSHIBA eco Utility Service - ok
22:36:24.0955 5872  [ 4218356616E08518E6C2CB102AC3798A ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
22:36:24.0970 5872  TOSHIBA HDD SSD Alert Service - ok
22:36:25.0001 5872  Tosrfcom - ok
22:36:25.0033 5872  [ 11699D47B3491D86249C168496D55C92 ] tosrfec         C:\Windows\system32\DRIVERS\tosrfec.sys
22:36:25.0048 5872  tosrfec - ok
22:36:25.0095 5872  [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64       C:\Windows\system32\DRIVERS\tos_sps64.sys
22:36:25.0126 5872  tos_sps64 - ok
22:36:25.0204 5872  [ 270CEBD8B5DD9F232CD50D18D19C10A0 ] TPCHSrv         C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
22:36:25.0235 5872  TPCHSrv - ok
22:36:25.0267 5872  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
22:36:25.0313 5872  TrkWks - ok
22:36:25.0391 5872  [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:36:25.0423 5872  TrustedInstaller - ok
22:36:25.0454 5872  [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:36:25.0547 5872  tssecsrv - ok
22:36:25.0579 5872  [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:36:25.0641 5872  tunnel - ok
22:36:25.0703 5872  [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ           C:\Windows\system32\DRIVERS\TVALZ_O.SYS
22:36:25.0719 5872  TVALZ - ok
22:36:25.0750 5872  [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL         C:\Windows\system32\DRIVERS\TVALZFL.sys
22:36:25.0766 5872  TVALZFL - ok
22:36:25.0797 5872  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
22:36:25.0813 5872  uagp35 - ok
22:36:25.0813 5872  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:36:25.0875 5872  udfs - ok
22:36:25.0906 5872  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:36:25.0953 5872  UI0Detect - ok
22:36:25.0969 5872  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
22:36:25.0984 5872  uliagpkx - ok
22:36:26.0000 5872  [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:36:26.0031 5872  umbus - ok
22:36:26.0047 5872  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
22:36:26.0062 5872  UmPass - ok
22:36:26.0203 5872  [ 41118D920B2B268C0ADC36421248CDCF ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:36:26.0296 5872  UNS ( UnsignedFile.Multi.Generic ) - warning
22:36:26.0296 5872  UNS - detected UnsignedFile.Multi.Generic (1)
22:36:26.0327 5872  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
22:36:26.0390 5872  upnphost - ok
22:36:26.0421 5872  [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:36:26.0483 5872  usbccgp - ok
22:36:26.0515 5872  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
22:36:26.0561 5872  usbcir - ok
22:36:26.0639 5872  [ 92969BA5AC44E229C55A332864F79677 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
22:36:26.0655 5872  usbehci - ok
22:36:26.0686 5872  [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:36:26.0717 5872  usbhub - ok
22:36:26.0749 5872  [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:36:26.0795 5872  usbohci - ok
22:36:26.0827 5872  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:36:26.0842 5872  usbprint - ok
22:36:26.0873 5872  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
22:36:26.0905 5872  usbscan - ok
22:36:26.0920 5872  [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:36:26.0951 5872  USBSTOR - ok
22:36:26.0967 5872  [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
22:36:27.0014 5872  usbuhci - ok
22:36:27.0061 5872  [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
22:36:27.0123 5872  usbvideo - ok
22:36:27.0170 5872  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
22:36:27.0217 5872  UxSms - ok
22:36:27.0232 5872  [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc        C:\Windows\system32\lsass.exe
22:36:27.0248 5872  VaultSvc - ok
22:36:27.0295 5872  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
22:36:27.0310 5872  vdrvroot - ok
22:36:27.0341 5872  [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds             C:\Windows\System32\vds.exe
22:36:27.0373 5872  vds - ok
22:36:27.0388 5872  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:36:27.0404 5872  vga - ok
22:36:27.0419 5872  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:36:27.0482 5872  VgaSave - ok
22:36:27.0497 5872  [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
22:36:27.0513 5872  vhdmp - ok
22:36:27.0513 5872  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
22:36:27.0529 5872  viaide - ok
22:36:27.0544 5872  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
22:36:27.0560 5872  volmgr - ok
22:36:27.0575 5872  [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:36:27.0607 5872  volmgrx - ok
22:36:27.0607 5872  [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
22:36:27.0622 5872  volsnap - ok
22:36:27.0653 5872  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
22:36:27.0669 5872  vsmraid - ok
22:36:27.0731 5872  [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS             C:\Windows\system32\vssvc.exe
22:36:27.0825 5872  VSS - ok
22:36:27.0856 5872  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
22:36:27.0872 5872  vwifibus - ok
22:36:27.0903 5872  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
22:36:27.0934 5872  vwififlt - ok
22:36:27.0965 5872  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
22:36:27.0997 5872  vwifimp - ok
22:36:28.0012 5872  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
22:36:28.0059 5872  W32Time - ok
22:36:28.0075 5872  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
22:36:28.0090 5872  WacomPen - ok
22:36:28.0121 5872  [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:36:28.0184 5872  WANARP - ok
22:36:28.0184 5872  [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:36:28.0231 5872  Wanarpv6 - ok
22:36:28.0293 5872  [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine        C:\Windows\system32\wbengine.exe
22:36:28.0402 5872  wbengine - ok
22:36:28.0418 5872  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:36:28.0433 5872  WbioSrvc - ok
22:36:28.0480 5872  [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:36:28.0527 5872  wcncsvc - ok
22:36:28.0527 5872  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:36:28.0558 5872  WcsPlugInService - ok
22:36:28.0589 5872  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
22:36:28.0605 5872  Wd - ok
22:36:28.0621 5872  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:36:28.0667 5872  Wdf01000 - ok
22:36:28.0667 5872  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:36:28.0714 5872  WdiServiceHost - ok
22:36:28.0714 5872  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:36:28.0730 5872  WdiSystemHost - ok
22:36:28.0777 5872  [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient       C:\Windows\System32\webclnt.dll
22:36:28.0808 5872  WebClient - ok
22:36:28.0839 5872  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:36:28.0901 5872  Wecsvc - ok
22:36:28.0933 5872  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:36:28.0979 5872  wercplsupport - ok
22:36:28.0995 5872  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:36:29.0057 5872  WerSvc - ok
22:36:29.0073 5872  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:36:29.0104 5872  WfpLwf - ok
22:36:29.0135 5872  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:36:29.0151 5872  WIMMount - ok
22:36:29.0167 5872  WinDefend - ok
22:36:29.0167 5872  WinHttpAutoProxySvc - ok
22:36:29.0229 5872  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:36:29.0291 5872  Winmgmt - ok
22:36:29.0369 5872  [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM           C:\Windows\system32\WsmSvc.dll
22:36:29.0494 5872  WinRM - ok
22:36:29.0572 5872  [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
22:36:29.0619 5872  WinUsb - ok
22:36:29.0650 5872  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:36:29.0759 5872  Wlansvc - ok
22:36:29.0759 5872  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
22:36:29.0791 5872  WmiAcpi - ok
22:36:29.0822 5872  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:36:29.0869 5872  wmiApSrv - ok
22:36:29.0900 5872  WMPNetworkSvc - ok
22:36:29.0947 5872  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:36:29.0993 5872  WPCSvc - ok
22:36:30.0025 5872  [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:36:30.0040 5872  WPDBusEnum - ok
22:36:30.0071 5872  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:36:30.0149 5872  ws2ifsl - ok
22:36:30.0181 5872  [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc          C:\Windows\System32\wscsvc.dll
22:36:30.0227 5872  wscsvc - ok
22:36:30.0227 5872  WSearch - ok
22:36:30.0337 5872  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:36:30.0446 5872  wuauserv - ok
22:36:30.0461 5872  [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:36:30.0508 5872  WudfPf - ok
22:36:30.0539 5872  [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:36:30.0602 5872  WUDFRd - ok
22:36:30.0633 5872  [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:36:30.0695 5872  wudfsvc - ok
22:36:30.0711 5872  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:36:30.0758 5872  WwanSvc - ok
22:36:30.0789 5872  ================ Scan global ===============================
22:36:30.0820 5872  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:36:30.0851 5872  [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
22:36:30.0867 5872  [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
22:36:30.0898 5872  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:36:30.0929 5872  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:36:30.0945 5872  [Global] - ok
22:36:30.0945 5872  ================ Scan MBR ==================================
22:36:30.0945 5872  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:36:31.0382 5872  \Device\Harddisk0\DR0 - ok
22:36:31.0382 5872  ================ Scan VBR ==================================
22:36:31.0413 5872  [ BF82D0927F85D6E3F4F632B85EA59732 ] \Device\Harddisk0\DR0\Partition1
22:36:31.0413 5872  \Device\Harddisk0\DR0\Partition1 - ok
22:36:31.0444 5872  [ 92EB1232BDECC68DDCFF9783610ED90B ] \Device\Harddisk0\DR0\Partition2
22:36:31.0444 5872  \Device\Harddisk0\DR0\Partition2 - ok
22:36:31.0444 5872  ============================================================
22:36:31.0444 5872  Scan finished
22:36:31.0444 5872  ============================================================
22:36:31.0460 1572  Detected object count: 3
22:36:31.0460 1572  Actual detected object count: 3
22:37:25.0607 1572  LMS ( UnsignedFile.Multi.Generic ) - skipped by user
22:37:25.0607 1572  LMS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:37:25.0607 1572  StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
22:37:25.0607 1572  StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:37:25.0623 1572  UNS ( UnsignedFile.Multi.Generic ) - skipped by user
22:37:25.0623 1572  UNS ( UnsignedFile.Multi.Generic ) - User select action: Skip

06.09.2012, 15:19	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	.searchnu.com/406 Hätte da mal drei Fragen bevor es weiter geht 1.) Geht der normale Modus von Windows (wieder) uneingeschränkt? 2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden? 3.) Searchnu ist nun weg? __________________ Logfiles bitte immer in CODE-Tags posten

.searchnu.com/406

Plagegeister aller Art und deren Bekämpfung: .searchnu.com/406

.searchnu.com/406

.searchnu.com/406

.searchnu.com/406

.searchnu.com/406

.searchnu.com/406

.searchnu.com/406

.searchnu.com/406

.searchnu.com/406

.searchnu.com/406

.searchnu.com/406

.searchnu.com/406

.searchnu.com/406

.searchnu.com/406

.searchnu.com/406

.searchnu.com/406

Ähnliche Themen: .searchnu.com/406

03.09.2012, 13:50	#1
Stechus	.searchnu.com/406 Guten Tag, wie mir scheint, hat sich mein Pc mit einem netten Schädling infiziert. Da ich aber nur über sehr bescheidene Fähigkeiten verfüge, bräuchte ich jemanden, der mich an die Hand nimmt. Ich wäre über jede Hilfe dankbar. Stechus