Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Virusverdacht (Computer auf einmal extrem langsam)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 02.01.2013, 20:28   #1
mossi
 
Virusverdacht (Computer auf einmal extrem langsam) - Standard

Virusverdacht (Computer auf einmal extrem langsam)



Liebes Trojaner-Board-Team,

Wenn ich meinen Computer starte kommt nach einer Weile eine Meldung, dass ich nicht auf die HP Wireless Infromationen zugreifen kann( genau: Wireless Informationen nicht verfügbar. Die Anwendung wird jetzt geschlossen). Seid dem es angefangen hatt ist mein Internet extrem langsam und ich muss immerwieder darauf warten das Skripts antworten. Aber nicht nur das Internet, sondern auch der Computer an sich ist sehr langsam.
Auch Scans ( z.B. ein vollständiger Scan mit Malwarebytes, den ich auch nach der vertigstellung hochladen werde) ziehen sich abnormal lang hin.
Hoffe auf Hilfe.

mfg und schonmal im Vorraus.

PS: In der Vergangenheit konnte ich Suchläufe mit ESET-Onlinescanner nie zu Ende bringen, da sie zu lange gedauert haben, als dass ich sie innerhalb eines Tages zu Ende hätte bringen können. Und über Nacht den Laptop anlassen wollte ich nicht ( stört den Schlaf). Ich hoffe es ist nachzuvollziehen.

Alt 02.01.2013, 21:13   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Virusverdacht (Computer auf einmal extrem langsam) - Standard

Virusverdacht (Computer auf einmal extrem langsam)



Hallo und

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Mach bitte einen CustomScan mit OTL . Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code:
ATTFilter
msconfig
netsvcs
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMROOT%\system32\drivers\*.sys /lockedfiles
%SYSTEMROOT%\System32\config\*.sav
%SYSTEMROOT%\*. /mp /s
%SYSTEMROOT%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________

__________________

Alt 03.01.2013, 00:46   #3
mossi
 
Virusverdacht (Computer auf einmal extrem langsam) - Standard

Virusverdacht (Computer auf einmal extrem langsam)



Code:
ATTFilter
OTL logfile created on: 1/2/2013 9:53:50 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\mossi\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1.75 Gb Total Physical Memory | 1.02 Gb Available Physical Memory | 58.13% Memory free
3.49 Gb Paging File | 1.80 Gb Available in Paging File | 51.50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 131.75 Gb Total Space | 17.71 Gb Free Space | 13.44% Space Free | Partition Type: NTFS
Drive F: | 1.99 Gb Total Space | 1.97 Gb Free Space | 99.32% Space Free | Partition Type: FAT32
 
Computer Name: MOSSI-HP | User Name: mossi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\mossi\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
PRC - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
PRC - C:\Users\mossi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
PRC - C:\Windows\SysWOW64\PnkBstrB.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\McAfee\Managed VirusScan\DesktopUI\XTray.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
PRC - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
PRC - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (STacSV) -- C:\Program Files\IDT\WDM\STacSV64.exe (IDT, Inc.)
SRV:64bit: - (AESTFilters) -- C:\Program Files\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV:64bit: - (mfevtp) -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (HP Wireless Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Hewlett-Packard)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Ad-Aware Service) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SearchAnonymizer) -- C:\Users\mossi\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe ()
SRV - (PnkBstrB) -- C:\Windows\SysWOW64\PnkBstrB.exe ()
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (SBAMSvc) -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Hewlett-Packard Company)
SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (hpHotkeyMonitor) -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe (Hewlett-Packard Company)
SRV - (myAgtSvc) -- C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe (McAfee, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (pdfcDispatcher) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
SRV - (McAfee SiteAdvisor Enterprise Service) -- C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe (McAfee, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (MpfService) -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SRV - (PSI_SVC_2) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (gfiark) -- C:\Windows\SysNative\drivers\gfiark.sys (GFI Software)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (gfibto) -- C:\Windows\SysNative\drivers\gfibto.sys (GFI Software)
DRV:64bit: - (sbapifs) -- C:\Windows\SysNative\drivers\sbapifs.sys (GFI Software)
DRV:64bit: - (acedrv06) -- C:\Windows\SysNative\drivers\acedrv06.sys ()
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie64.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Company)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (MPFP) -- C:\Windows\SysNative\drivers\Mpfp.sys (McAfee, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/10
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{42082122-0C9D-4D19-8D54-D7242094F839}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/10
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{42082122-0C9D-4D19-8D54-D7242094F839}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-3759487231-3539034424-151682413-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3759487231-3539034424-151682413-1002\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-3759487231-3539034424-151682413-1002\..\SearchScopes\{13B644DB-458A-4F0C-8471-AF49AA8D569E}: "URL" = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=a37c3de1-3283-4c9a-9dd7-11cd36a7ae18&pid=freewarede&mode=bounce&k=0
IE - HKU\S-1-5-21-3759487231-3539034424-151682413-1002\..\SearchScopes\{42082122-0C9D-4D19-8D54-D7242094F839}: "URL" = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D26666F726D3D434D4E5444462670633D434D4E544446267372633D49452D536561726368426F78&st={searchTerms}&clid=a37c3de1-3283-4c9a-9dd7-11cd36a7ae18&pid=freewarede&k=0
IE - HKU\S-1-5-21-3759487231-3539034424-151682413-1002\..\SearchScopes\{549A2381-CD48-4C39-8DA0-ED5DF00C135A}: "URL" = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=a37c3de1-3283-4c9a-9dd7-11cd36a7ae18&pid=freewarede&mode=bounce&k=0
IE - HKU\S-1-5-21-3759487231-3539034424-151682413-1002\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F713D7B7365617263685465726D737D26726C733D636F6D2E6D6963726F736F66743A7B6C616E67756167657D3A7B72656665727265723A736F757263653F7D2669653D7B696E707574456E636F64696E677D266F653D7B6F7574707574456E636F64696E677D26736F7572636569643D69653726726C7A3D314937414446415F6465&st={searchTerms}&clid=a37c3de1-3283-4c9a-9dd7-11cd36a7ae18&pid=freewarede&k=0
IE - HKU\S-1-5-21-3759487231-3539034424-151682413-1002\..\SearchScopes\{AE607573-94F0-4296-A21F-4C70B08CECBB}: "URL" = hxxp://search.softonic.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E736F66746F6E69632E636F6D2F4D4F4E30303031352F74625F76313F713D7B7365617263685465726D737D26536561726368536F757263653D342663633D&st={searchTerms}&clid=a37c3de1-3283-4c9a-9dd7-11cd36a7ae18&pid=freewarede&k=0
IE - HKU\S-1-5-21-3759487231-3539034424-151682413-1002\..\SearchScopes\{B88D64C8-4016-448D-AB97-8E2803E00A35}: "URL" = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=a37c3de1-3283-4c9a-9dd7-11cd36a7ae18&pid=freewarede&mode=bounce&k=0
IE - HKU\S-1-5-21-3759487231-3539034424-151682413-1002\..\SearchScopes\{D4DB00B5-EFF5-42CC-BBD7-F5AE33E00B3A}: "URL" = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=a37c3de1-3283-4c9a-9dd7-11cd36a7ae18&pid=freewarede&mode=bounce&k=0
IE - HKU\S-1-5-21-3759487231-3539034424-151682413-1002\..\SearchScopes\{DAA7B0C9-FEE5-4AC6-92D1-0A12E70F2369}: "URL" = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=a37c3de1-3283-4c9a-9dd7-11cd36a7ae18&pid=freewarede&mode=bounce&k=0
IE - HKU\S-1-5-21-3759487231-3539034424-151682413-1002\..\SearchScopes\{EEC513DC-65FB-4B70-8C78-7DC82416554D}: "URL" = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=a37c3de1-3283-4c9a-9dd7-11cd36a7ae18&pid=freewarede&mode=bounce&k=0
IE - HKU\S-1-5-21-3759487231-3539034424-151682413-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: add-to-searchbox%40maltekraus.de:2.0
FF - prefs.js..extensions.enabledAddons: stealthyextension%40gmail.com:2.4
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.5
FF - prefs.js..extensions.enabledAddons: %7B000F1EA4-5E08-4564-A29B-29076F63A37A%7D:1.0.3.171
FF - prefs.js..extensions.enabledAddons: firejump%40firejump.net:1.0.2.5
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co"
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\mossi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\mossi\AppData\Roaming\Mozilla\Firefox\Profiles\vpihpbsd.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll ()
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\mossi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\Firefox [2010/09/08 12:30:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/09/08 12:30:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/09/08 12:30:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\ [2011/08/11 12:28:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/09 21:19:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/06/22 11:58:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\extension@preispilot.com: C:\Users\mossi\AppData\Roaming\Mozilla\Firefox\Profiles\vpihpbsd.default\extensions\extension@preispilot.com
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\firejump@firejump.net: C:\Users\mossi\AppData\Roaming\Mozilla\Firefox\Profiles\vpihpbsd.default\extensions\firejump@firejump.net [2012/11/06 19:10:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/09 21:19:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011/01/17 18:24:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mossi\AppData\Roaming\mozilla\Extensions
[2011/01/17 18:24:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mossi\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/12/24 16:07:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mossi\AppData\Roaming\mozilla\Firefox\Profiles\vpihpbsd.default\extensions
[2012/12/24 16:07:27 | 000,000,000 | ---D | M] () -- C:\Users\mossi\AppData\Roaming\mozilla\Firefox\Profiles\vpihpbsd.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
[2012/12/17 20:32:20 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\mossi\AppData\Roaming\mozilla\Firefox\Profiles\vpihpbsd.default\extensions\battlefieldheroespatcher@ea.com
[2012/12/17 14:36:29 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\mossi\AppData\Roaming\mozilla\Firefox\Profiles\vpihpbsd.default\extensions\battlefieldplay4free@ea.com
[2012/11/06 19:10:55 | 000,000,000 | ---D | M] (FireJump) -- C:\Users\mossi\AppData\Roaming\mozilla\Firefox\Profiles\vpihpbsd.default\extensions\firejump@firejump.net
[2012/12/09 21:18:23 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Users\mossi\AppData\Roaming\mozilla\Firefox\Profiles\vpihpbsd.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2012/11/06 19:34:59 | 000,025,781 | ---- | M] () (No name found) -- C:\Users\mossi\AppData\Roaming\mozilla\firefox\profiles\vpihpbsd.default\extensions\add-to-searchbox@maltekraus.de.xpi
[2012/10/20 21:48:11 | 000,001,923 | ---- | M] () (No name found) -- C:\Users\mossi\AppData\Roaming\mozilla\firefox\profiles\vpihpbsd.default\extensions\slimaddonmanager@opendfki.de.xpi
[2012/11/27 15:09:02 | 000,183,174 | ---- | M] () (No name found) -- C:\Users\mossi\AppData\Roaming\mozilla\firefox\profiles\vpihpbsd.default\extensions\stealthyextension@gmail.com.xpi
[2012/11/23 19:52:45 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\mossi\AppData\Roaming\mozilla\firefox\profiles\vpihpbsd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/11/21 00:31:52 | 000,243,496 | ---- | M] () (No name found) -- C:\Users\mossi\AppData\Roaming\mozilla\firefox\profiles\vpihpbsd.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2012/11/06 19:40:04 | 000,001,292 | ---- | M] () -- C:\Users\mossi\AppData\Roaming\mozilla\firefox\profiles\vpihpbsd.default\searchplugins\google.xml
[2012/11/06 19:11:13 | 000,002,077 | ---- | M] () -- C:\Users\mossi\AppData\Roaming\mozilla\firefox\profiles\vpihpbsd.default\searchplugins\{1862358E-AB26-4284-9516-830DE8AF0515}.xml
[2012/11/06 19:11:13 | 000,001,870 | ---- | M] () -- C:\Users\mossi\AppData\Roaming\mozilla\firefox\profiles\vpihpbsd.default\searchplugins\{27F8F5D4-4D38-43C3-83DE-A1515EA1F81F}.xml
[2012/11/06 19:11:13 | 000,002,188 | ---- | M] () -- C:\Users\mossi\AppData\Roaming\mozilla\firefox\profiles\vpihpbsd.default\searchplugins\{932BEB9C-4CFD-45A8-9DBD-602A39B5EE52}.xml
[2012/12/06 20:50:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/12/06 20:50:39 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/11/06 19:11:13 | 000,001,684 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/11/06 19:11:13 | 000,001,935 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/11/06 19:11:13 | 000,001,271 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012/11/06 19:11:13 | 000,007,051 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/11/06 19:11:13 | 000,001,278 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/11/06 19:11:13 | 000,001,170 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = hxxp://search.babylon.com/?q={searchTerms}&affID=109868&babsrc=SP_ss&mntrId=a8baa772000000000000e02a823a5521
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U4 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Bing Bar (Enabled) = C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\mossi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\mossi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: SOE Web Installer (Enabled) = C:\Users\mossi\AppData\Roaming\Mozilla\Firefox\Profiles\vpihpbsd.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
CHR - plugin: Java Deployment Toolkit 7.0.40.20 (Enabled) = C:\windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll
 
O1 HOSTS File: ([2012/12/10 21:24:38 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110811183206.dll (McAfee, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110811183206.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll (Microsoft Corporation)
O3:64bit: - HKU\S-1-5-21-3759487231-3539034424-151682413-1002\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [Ocs_SM] C:\Users\mossi\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [McAfee Managed Services Tray] C:\Program Files (x86)\McAfee\Managed VirusScan\DesktopUI\XTray.Exe (McAfee, Inc.)
O4 - HKLM..\Run: [MVS Splash] C:\Program Files (x86)\McAfee\Managed VirusScan\DesktopUI\XTray.exe (McAfee, Inc.)
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-3759487231-3539034424-151682413-1002..\Run: [Spotify Web Helper] C:\Users\mossi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3759487231-3539034424-151682413-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3759487231-3539034424-151682413-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3759487231-3539034424-151682413-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3759487231-3539034424-151682413-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-3759487231-3539034424-151682413-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //FWEvent.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O15 - HKLM\..Trusted Domains: siteadvisor.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: siteadvisor.com ([www] https in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3759487231-3539034424-151682413-1002\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3759487231-3539034424-151682413-1002\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3759487231-3539034424-151682413-1002\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3759487231-3539034424-151682413-1002\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 10.4.0)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 10.4.0)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{02955E28-DBD0-4504-9570-8AB908CBD6FD}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B20EDAB1-112B-43CE-81C0-CEC8C015A170}: DhcpNameServer = 192.168.1.100
O18:64bit: - Protocol\Handler\dssrequest - No CLSID value found
O18:64bit: - Protocol\Handler\myrm - No CLSID value found
O18:64bit: - Protocol\Handler\sacore - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\myrm {4D034FC3-013F-4b95-B544-44D49ABE3E76} - C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\MyRmProt5.1.0.340.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
MsConfig:64bit - StartUpFolder: C:^Users^mossi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk - C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE - ()
MsConfig:64bit - StartUpFolder: C:^Users^mossi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^tcbhn.lnk -  - File not found
MsConfig:64bit - StartUpReg: 4StoryPrePatch - hkey= - key= - C:\Program Files (x86)\Gameforge4D\4Story\PrePatch.exe (Zamiinc)
MsConfig:64bit - StartUpReg: Ad-Aware Antivirus - hkey= - key= - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
MsConfig:64bit - StartUpReg: Facebook Update - hkey= - key= - C:\Users\mossi\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
MsConfig:64bit - StartUpReg: HPAdvisorDock - hkey= - key= - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe ()
MsConfig:64bit - StartUpReg: NortonOnlineBackupReminder - hkey= - key= - C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe (Symantec Corporation)
MsConfig:64bit - StartUpReg: PDF Complete - hkey= - key= - C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
MsConfig:64bit - StartUpReg: Shotty - hkey= - key= - C:\Program Files\Shotty\Shotty.exe (hxxp://shotty.devs-on.net)
MsConfig:64bit - StartUpReg: Spotify Web Helper - hkey= - key= - C:\Users\mossi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
MsConfig:64bit - StartUpReg: Steam - hkey= - key= - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
MsConfig:64bit - StartUpReg: swg - hkey= - key= - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
MsConfig:64bit - State: "bootini" - Reg Error: Key error.
MsConfig:64bit - State: "services" - Reg Error: Key error.
 
 
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Ad-Aware Service - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SBAMSvc - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: mfehidk - C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet:64bit: mfehidk.sys - C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet:64bit: mfevtp - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Ad-Aware Service - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MpfService - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SBAMSvc - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\windows\SysWow64\vorbis.acm (HMS hxxp://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/01/02 17:18:54 | 000,000,000 | ---D | C] -- C:\Users\mossi\AppData\Local\Programs
[2012/12/21 20:00:49 | 000,038,096 | ---- | C] (GFI Software) -- C:\windows\SysNative\drivers\gfiark.sys
[2012/12/19 23:38:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/12/19 23:38:22 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/12/19 22:28:42 | 000,000,000 | ---D | C] -- C:\windows\pss
[2012/12/17 16:19:41 | 000,000,000 | ---D | C] -- C:\Users\mossi\AppData\Local\SCE
[2012/12/10 22:10:52 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/12/10 21:02:09 | 000,000,000 | ---D | C] -- C:\Users\mossi\AppData\Roaming\McAfee
[2012/12/10 20:20:12 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2012/12/09 21:36:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Antivirus
[2012/12/09 21:30:41 | 000,000,000 | ---D | C] -- C:\Users\mossi\AppData\Roaming\LavasoftStatistics
[2012/12/09 21:21:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2012/12/09 21:20:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2012/12/09 21:20:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Aware Antivirus
[2012/12/09 21:19:56 | 000,000,000 | ---D | C] -- C:\Users\mossi\AppData\Local\Downloaded Installations
[2012/12/09 21:19:40 | 000,047,496 | ---- | C] (GFI Software) -- C:\windows\SysNative\sbbd.exe
[2012/12/09 21:19:40 | 000,014,456 | ---- | C] (GFI Software) -- C:\windows\SysNative\drivers\gfibto.sys
[2012/12/09 21:19:08 | 000,000,000 | ---D | C] -- C:\Users\mossi\AppData\Local\adawarebp
[2012/12/09 21:18:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2012/12/09 21:18:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2012/12/09 21:17:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\adawaretb
[2012/12/09 21:16:14 | 000,000,000 | ---D | C] -- C:\Users\mossi\AppData\Roaming\Ad-Aware Antivirus
[2012/12/06 20:50:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/12/04 19:49:06 | 000,000,000 | ---D | C] -- C:\Users\mossi\AppData\Roaming\OpenOffice.org
[2012/12/04 19:41:00 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
[2012/12/04 19:38:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/01/02 23:50:01 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/01/02 23:32:01 | 000,001,110 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/02 21:36:04 | 000,001,138 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3759487231-3539034424-151682413-1002UA.job
[2013/01/02 21:32:03 | 000,001,106 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/02 17:25:45 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013/01/02 17:24:25 | 000,046,455 | ---- | M] () -- C:\windows\SysNative\Config.MPF
[2013/01/02 14:48:18 | 000,019,536 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/02 14:48:18 | 000,019,536 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/02 14:38:08 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/01/02 14:38:05 | 1875,439,616 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/31 16:15:22 | 000,000,438 | ---- | M] () -- C:\windows\SysWow64\WSCConfig.xml
[2012/12/31 00:36:12 | 000,001,116 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3759487231-3539034424-151682413-1002Core.job
[2012/12/28 15:10:46 | 000,001,868 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2012/12/24 18:17:46 | 000,000,937 | ---- | M] () -- C:\MFW75.xml
[2012/12/24 16:14:28 | 000,001,380 | ---- | M] () -- C:\Users\mossi\Desktop\Clone Wars.lnk
[2012/12/23 00:04:25 | 000,001,190 | ---- | M] () -- C:\windows\SysWow64\ServiceConfig.xml
[2012/12/21 21:17:18 | 000,697,098 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2012/12/21 21:17:18 | 000,652,376 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/12/21 21:17:18 | 000,148,362 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2012/12/21 21:17:18 | 000,121,308 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/12/21 21:17:05 | 001,613,412 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/12/21 15:55:07 | 000,295,232 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/12/20 14:58:56 | 000,000,222 | ---- | M] () -- C:\Users\mossi\Desktop\PlanetSide 2.url
[2012/12/19 23:38:31 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/12/17 16:11:52 | 000,002,521 | ---- | M] () -- C:\Users\mossi\Desktop\PlanetSide 2 PSG.lnk
[2012/12/17 06:43:13 | 000,038,096 | ---- | M] (GFI Software) -- C:\windows\SysNative\drivers\gfiark.sys
[2012/12/16 20:33:08 | 000,000,602 | ---- | M] () -- C:\MFW73.xml
[2012/12/16 01:10:49 | 000,000,602 | ---- | M] () -- C:\MFW72.xml
[2012/12/15 00:07:22 | 000,000,602 | ---- | M] () -- C:\MFW71.xml
[2012/12/14 20:16:52 | 000,000,602 | ---- | M] () -- C:\MFW70.xml
[2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012/12/13 19:37:49 | 000,002,374 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/12/11 19:36:39 | 000,000,938 | ---- | M] () -- C:\MFW69.xml
[2012/12/10 22:30:49 | 000,000,950 | ---- | M] () -- C:\MFW68.xml
[2012/12/10 21:35:25 | 000,001,549 | ---- | M] () -- C:\MFW67.xml
[2012/12/10 21:24:38 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2012/12/09 21:19:39 | 000,014,456 | ---- | M] (GFI Software) -- C:\windows\SysNative\drivers\gfibto.sys
[2012/12/06 16:05:49 | 000,000,332 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleFormossi.job
[2012/12/04 21:43:10 | 000,012,559 | ---- | M] () -- C:\Users\mossi\Documents\Idee 2.odt
[2012/12/04 19:50:54 | 000,013,199 | ---- | M] () -- C:\Users\mossi\Documents\Idee 1.odt
[2012/12/04 19:41:04 | 000,001,172 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/12/31 16:15:22 | 000,000,438 | ---- | C] () -- C:\windows\SysWow64\WSCConfig.xml
[2012/12/24 18:17:46 | 000,000,937 | ---- | C] () -- C:\MFW75.xml
[2012/12/24 16:14:28 | 000,001,380 | ---- | C] () -- C:\Users\mossi\Desktop\Clone Wars.lnk
[2012/12/23 00:04:25 | 000,001,190 | ---- | C] () -- C:\windows\SysWow64\ServiceConfig.xml
[2012/12/20 14:58:54 | 000,000,222 | ---- | C] () -- C:\Users\mossi\Desktop\PlanetSide 2.url
[2012/12/19 23:38:31 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/12/17 16:11:52 | 000,002,551 | ---- | C] () -- C:\Users\mossi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetSide 2 PSG.lnk
[2012/12/17 16:11:52 | 000,002,521 | ---- | C] () -- C:\Users\mossi\Desktop\PlanetSide 2 PSG.lnk
[2012/12/16 20:33:08 | 000,000,602 | ---- | C] () -- C:\MFW73.xml
[2012/12/16 01:10:49 | 000,000,602 | ---- | C] () -- C:\MFW72.xml
[2012/12/15 00:07:22 | 000,000,602 | ---- | C] () -- C:\MFW71.xml
[2012/12/14 20:16:52 | 000,000,602 | ---- | C] () -- C:\MFW70.xml
[2012/12/11 19:36:39 | 000,000,938 | ---- | C] () -- C:\MFW69.xml
[2012/12/10 22:30:49 | 000,000,950 | ---- | C] () -- C:\MFW68.xml
[2012/12/10 21:35:24 | 000,001,549 | ---- | C] () -- C:\MFW67.xml
[2012/12/09 21:21:07 | 000,001,868 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2012/12/04 21:43:08 | 000,012,559 | ---- | C] () -- C:\Users\mossi\Documents\Idee 2.odt
[2012/12/04 19:50:49 | 000,013,199 | ---- | C] () -- C:\Users\mossi\Documents\Idee 1.odt
[2012/12/04 19:41:04 | 000,001,172 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2012/11/06 19:11:52 | 000,000,016 | ---- | C] () -- C:\windows\SysWow64\PCProxyOff.ini
[2012/11/06 19:11:27 | 000,073,728 | ---- | C] () -- C:\windows\SysWow64\VistaInfo32.dll
[2012/11/06 19:11:00 | 000,338,432 | ---- | C] () -- C:\windows\SysWow64\sqlite36_engine.dll
[2012/10/12 14:10:06 | 001,591,306 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/10/12 14:06:31 | 000,189,248 | ---- | C] () -- C:\windows\SysWow64\PnkBstrB.exe
[2012/10/12 14:06:24 | 000,076,888 | ---- | C] () -- C:\windows\SysWow64\PnkBstrA.exe
[2012/10/12 14:06:23 | 003,130,440 | ---- | C] () -- C:\windows\SysWow64\pbsvc_blr.exe
[2012/09/22 22:38:13 | 000,000,000 | ---- | C] () -- C:\Users\mossi\defogger_reenable
[2012/06/05 18:29:32 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\mupkernps11.dll
[2012/05/18 19:13:00 | 000,000,355 | ---- | C] () -- C:\Users\mossi\AppData\Roaming\fontcacheev1.dat
[2012/04/30 20:36:31 | 000,000,680 | RHS- | C] () -- C:\Users\mossi\ntuser.pol
[2011/12/17 13:58:12 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\CmdLineExt03.dll
[2011/09/20 17:53:41 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\acedrv06.dll
[2011/07/31 20:14:40 | 000,069,632 | R--- | C] () -- C:\windows\SysWow64\xmltok.dll
[2011/07/31 20:14:40 | 000,036,864 | R--- | C] () -- C:\windows\SysWow64\xmlparse.dll
[2011/05/12 18:30:24 | 000,001,854 | ---- | C] () -- C:\Users\mossi\AppData\Roaming\GhostObjGAFix.xml
[2011/04/09 19:47:18 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/02/09 19:41:13 | 000,172,388 | ---- | C] () -- C:\Users\mossi\2010 malle.eml
[2011/02/05 13:28:22 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
 
========== ZeroAccess Check ==========
 
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012/12/10 22:30:13 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\Ad-Aware Antivirus
[2012/01/27 15:11:27 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\Black Sea Studios
[2012/05/21 13:49:06 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\Cornelsen
[2012/11/06 19:10:39 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\DesktopIconForAmazon
[2012/11/06 19:17:59 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\GameMaker
[2012/09/29 19:30:37 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\Glory of the Roman Empire
[2012/11/03 20:15:56 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\ijjigame
[2012/11/06 19:10:34 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\OCS
[2012/12/04 19:49:06 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\OpenOffice.org
[2012/11/06 19:11:13 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\Opera
[2012/12/30 22:14:22 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\Spotify
[2012/10/01 20:41:22 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\The Creative Assembly
[2011/01/17 18:24:58 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\Thunderbird
[2011/11/01 17:35:06 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\Unity
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012/12/10 22:10:52 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2011/01/18 21:44:21 | 000,000,000 | ---D | M] -- C:\88afd87f8bf29692d7
[2011/07/31 20:14:17 | 000,000,000 | ---D | M] -- C:\BlueByte
[2012/05/04 20:17:56 | 000,000,000 | ---D | M] -- C:\BlueJ
[2009/07/27 16:04:41 | 000,000,000 | ---D | M] -- C:\boot
[2012/11/17 00:17:17 | 000,000,000 | ---D | M] -- C:\ceeceb75e4171c7a8e5171a8a5293d
[2012/12/21 16:02:34 | 000,000,000 | ---D | M] -- C:\Config.Msi
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2010/09/08 10:35:56 | 000,000,000 | ---D | M] -- C:\EFI
[2010/09/08 12:59:20 | 000,000,000 | ---D | M] -- C:\hp
[2009/07/14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012/12/19 23:38:22 | 000,000,000 | R--D | M] -- C:\Program Files
[2013/01/01 02:48:50 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2013/01/01 02:48:44 | 000,000,000 | ---D | M] -- C:\ProgramData
[2012/08/30 12:26:29 | 000,000,000 | ---D | M] -- C:\swsetup
[2013/01/02 22:41:58 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011/01/17 14:07:01 | 000,000,000 | ---D | M] -- C:\SYSTEM.SAV
[2012/04/30 21:11:33 | 000,000,000 | R--D | M] -- C:\Users
[2013/01/01 18:42:18 | 000,000,000 | ---D | M] -- C:\Windows
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012/12/10 22:30:13 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\Ad-Aware Antivirus
[2011/01/17 14:17:11 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\Adobe
[2011/01/17 14:13:46 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\ATI
[2011/01/17 15:54:52 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\Avira
[2012/01/27 15:11:27 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\Black Sea Studios
[2011/02/05 13:28:59 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\Corel
[2012/06/01 21:25:02 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\CorelHomeOffice
[2012/05/21 13:49:06 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\Cornelsen
[2012/11/06 19:10:39 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\DesktopIconForAmazon
[2012/11/06 19:17:59 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\GameMaker
[2012/09/29 19:30:37 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\Glory of the Roman Empire
[2011/02/05 13:57:39 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\Google
[2011/02/02 13:36:12 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\Hewlett-Packard
[2012/07/28 12:47:49 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\hpqLog
[2011/01/17 14:11:42 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\Identities
[2012/11/03 20:15:56 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\ijjigame
[2011/01/23 14:15:04 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\InstallShield
[2012/12/09 21:30:41 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\LavasoftStatistics
[2011/01/17 14:17:14 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\Macromedia
[2012/09/23 19:26:07 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\Malwarebytes
[2012/12/10 21:02:09 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\McAfee
[2012/06/23 21:22:06 | 000,000,000 | --SD | M] -- C:\Users\mossi\AppData\Roaming\Microsoft
[2011/09/02 11:43:47 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\Mozilla
[2012/11/06 19:10:34 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\OCS
[2012/12/04 19:49:06 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\OpenOffice.org
[2012/11/06 19:11:13 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\Opera
[2012/12/19 23:44:37 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\Skype
[2011/11/26 13:39:32 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\skypePM
[2012/12/30 22:14:22 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\Spotify
[2012/10/01 20:41:22 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\The Creative Assembly
[2011/01/17 18:24:58 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\Thunderbird
[2011/11/01 17:35:06 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\Unity
[2011/12/19 21:23:42 | 000,000,000 | ---D | M] -- C:\Users\mossi\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2012/11/06 19:10:35 | 000,753,664 | ---- | M] (Microsoft) -- C:\Users\mossi\AppData\Roaming\DesktopIconForAmazon\IconForAmazon.exe
[2012/07/20 00:52:58 | 001,676,288 | ---- | M] () -- C:\Users\mossi\AppData\Roaming\ijjigame\ava_us_steam_launcher_installer_20120719.exe
[2012/01/26 17:03:06 | 000,003,262 | R--- | M] () -- C:\Users\mossi\AppData\Roaming\Microsoft\Installer\{ECB4D56B-E365-4922-AC0F-70CF770443A3}\_16496df1.exe
[2012/01/26 17:03:06 | 000,001,078 | R--- | M] () -- C:\Users\mossi\AppData\Roaming\Microsoft\Installer\{ECB4D56B-E365-4922-AC0F-70CF770443A3}\_18be6784.exe
[2012/01/26 17:03:06 | 000,001,078 | R--- | M] () -- C:\Users\mossi\AppData\Roaming\Microsoft\Installer\{ECB4D56B-E365-4922-AC0F-70CF770443A3}\_26e91eb.exe
[2012/01/26 17:03:06 | 000,003,262 | R--- | M] () -- C:\Users\mossi\AppData\Roaming\Microsoft\Installer\{ECB4D56B-E365-4922-AC0F-70CF770443A3}\_294823.exe
[2012/01/26 17:03:06 | 000,001,078 | R--- | M] () -- C:\Users\mossi\AppData\Roaming\Microsoft\Installer\{ECB4D56B-E365-4922-AC0F-70CF770443A3}\_2cd672ae.exe
[2012/01/26 17:03:06 | 000,001,078 | R--- | M] () -- C:\Users\mossi\AppData\Roaming\Microsoft\Installer\{ECB4D56B-E365-4922-AC0F-70CF770443A3}\_4ae13d6c.exe
[2012/01/26 17:03:06 | 000,001,078 | R--- | M] () -- C:\Users\mossi\AppData\Roaming\Microsoft\Installer\{ECB4D56B-E365-4922-AC0F-70CF770443A3}\_5af141bb.exe
[2012/01/26 17:03:06 | 000,001,078 | R--- | M] () -- C:\Users\mossi\AppData\Roaming\Microsoft\Installer\{ECB4D56B-E365-4922-AC0F-70CF770443A3}\_69525f90.exe
[2012/11/12 18:38:00 | 001,361,896 | ---- | M] (EA Digital Illusions CE AB) -- C:\Users\mossi\AppData\Roaming\Mozilla\Firefox\Profiles\vpihpbsd.default\extensions\battlefieldheroespatcher@ea.com\plugins\BFHUpdater.exe
[2012/06/28 00:03:24 | 001,034,224 | ---- | M] (EA Digital Illusions CE AB) -- C:\Users\mossi\AppData\Roaming\Mozilla\Firefox\Profiles\vpihpbsd.default\extensions\battlefieldplay4free@ea.com\plugins\BP4FUpdater.exe
[2012/11/06 19:10:34 | 000,106,496 | ---- | M] (OCS) -- C:\Users\mossi\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
[2012/11/06 19:10:34 | 000,040,960 | ---- | M] () -- C:\Users\mossi\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
[2012/11/06 19:58:33 | 007,880,664 | ---- | M] (Spotify Ltd) -- C:\Users\mossi\AppData\Roaming\Spotify\spotify.exe
[2012/11/06 19:58:33 | 000,117,208 | ---- | M] (Spotify Ltd) -- C:\Users\mossi\AppData\Roaming\Spotify\SpotifyLauncher.exe
[2012/11/06 19:58:32 | 001,199,576 | ---- | M] (Spotify Ltd) -- C:\Users\mossi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
 
< %SYSTEMROOT%\system32\drivers\*.sys /lockedfiles >
 
< %SYSTEMROOT%\System32\config\*.sav >
 
< %SYSTEMROOT%\*. /mp /s >
 
< %SYSTEMROOT%\system32\*.dll /lockedfiles >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 805 bytes -> C:\Users\mossi\2010 malle.eml:OECustomProperty

< End of report >
         
__________________

Alt 03.01.2013, 12:04   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Virusverdacht (Computer auf einmal extrem langsam) - Standard

Virusverdacht (Computer auf einmal extrem langsam)



Malwarebytes Anti-Rootkit

Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Entpacke das Archiv auf deinem Desktop.
  • Im neu erstellten Ordner starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.01.2013, 21:10   #5
mossi
 
Virusverdacht (Computer auf einmal extrem langsam) - Standard

Virusverdacht (Computer auf einmal extrem langsam)



Code:
ATTFilter
Malwarebytes Anti-Rootkit 1.01.0.1011
www.malwarebytes.org

Database version: v2013.01.04.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
mossi :: MOSSI-HP [administrator]

04.01.2013 20:38:13
mbar-log-2013-01-04 (20-38-13).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 29757
Time elapsed: 6 hour(s), 9 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         
Es wurde nichts gefunden, also auch kein Neustart durchgeführt.


Alt 04.01.2013, 21:44   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Virusverdacht (Computer auf einmal extrem langsam) - Standard

Virusverdacht (Computer auf einmal extrem langsam)



1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.


2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
--> Virusverdacht (Computer auf einmal extrem langsam)

Alt 04.01.2013, 22:52   #7
mossi
 
Virusverdacht (Computer auf einmal extrem langsam) - Standard

Virusverdacht (Computer auf einmal extrem langsam)



Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-04 22:42:47
-----------------------------
22:42:47.319    OS Version: Windows x64 6.1.7601 Service Pack 1
22:42:47.319    Number of processors: 1 586 0x603
22:42:47.319    ComputerName: MOSSI-HP  UserName: mossi
22:42:51.565    Initialize success
22:45:14.566    AVAST engine download error: 0
22:45:20.212    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:45:20.218    Disk 0 Vendor: WDC_WD1600BEKT-60V5T1 12.01A12 Size: 152627MB BusType: 11
22:45:20.253    Disk 0 MBR read successfully
22:45:20.262    Disk 0 MBR scan
22:45:20.268    Disk 0 Windows 7 default MBR code
22:45:20.297    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          300 MB offset 2048
22:45:20.310    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       134916 MB offset 616448
22:45:20.344    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        15360 MB offset 276924416
22:45:20.370    Disk 0 Partition 4 00     0C    FAT32 LBA MSDOS5.0     2043 MB offset 308381696
22:45:20.462    Disk 0 scanning C:\windows\system32\drivers
22:45:41.279    Service scanning
22:46:08.342    Modules scanning
22:46:08.346    Disk 0 trace - called modules:
22:46:08.406    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys 
22:46:08.417    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80024fb060]
22:46:08.479    3 CLASSPNP.SYS[fffff8800176043f] -> nt!IofCallDriver -> [0xfffffa80024d4600]
22:46:08.480    5 ACPI.sys[fffff88000eea7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80024d3680]
22:46:08.481    Scan finished successfully
22:48:55.076    Disk 0 MBR has been saved successfully to "C:\Users\mossi\Downloads\MBR.dat"
22:48:55.076    The log file has been saved successfully to "C:\Users\mossi\Downloads\aswMBR.txt"
         

Alt 04.01.2013, 22:59   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Virusverdacht (Computer auf einmal extrem langsam) - Standard

Virusverdacht (Computer auf einmal extrem langsam)



Was ist mit dem TDSS-Killer?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.01.2013, 23:20   #9
mossi
 
Virusverdacht (Computer auf einmal extrem langsam) - Standard

Virusverdacht (Computer auf einmal extrem langsam)



Code:
ATTFilter
22:58:56.0454 3856  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
22:58:58.0498 3856  ============================================================
22:58:58.0498 3856  Current date / time: 2013/01/04 22:58:58.0498
22:58:58.0498 3856  SystemInfo:
22:58:58.0498 3856  
22:58:58.0498 3856  OS Version: 6.1.7601 ServicePack: 1.0
22:58:58.0498 3856  Product type: Workstation
22:58:58.0498 3856  ComputerName: MOSSI-HP
22:58:58.0498 3856  UserName: mossi
22:58:58.0498 3856  Windows directory: C:\windows
22:58:58.0498 3856  System windows directory: C:\windows
22:58:58.0498 3856  Running under WOW64
22:58:58.0498 3856  Processor architecture: Intel x64
22:58:58.0498 3856  Number of processors: 1
22:58:58.0498 3856  Page size: 0x1000
22:58:58.0498 3856  Boot type: Normal boot
22:58:58.0498 3856  ============================================================
22:59:21.0820 3856  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:59:21.0835 3856  ============================================================
22:59:21.0835 3856  \Device\Harddisk0\DR0:
22:59:21.0835 3856  MBR partitions:
22:59:21.0835 3856  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
22:59:21.0835 3856  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x10782000
22:59:21.0835 3856  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x10818800, BlocksNum 0x1E00000
22:59:21.0835 3856  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x12618800, BlocksNum 0x3FD800
22:59:21.0835 3856  ============================================================
22:59:21.0866 3856  C: <-> \Device\Harddisk0\DR0\Partition2
22:59:21.0882 3856  F: <-> \Device\Harddisk0\DR0\Partition4
22:59:21.0929 3856  ============================================================
22:59:21.0929 3856  Initialize success
22:59:21.0929 3856  ============================================================
23:00:33.0673 5088  ============================================================
23:00:33.0673 5088  Scan started
23:00:33.0673 5088  Mode: Manual; SigCheck; TDLFS; 
23:00:33.0673 5088  ============================================================
23:00:36.0715 5088  ================ Scan system memory ========================
23:00:36.0715 5088  System memory - ok
23:00:36.0731 5088  ================ Scan services =============================
23:00:36.0934 5088  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
23:00:38.0182 5088  1394ohci - ok
23:00:38.0244 5088  [ C8030D922511A926D0AA06B78C4B87A9 ] acedrv06        C:\windows\system32\drivers\acedrv06.sys
23:00:38.0338 5088  acedrv06 ( UnsignedFile.Multi.Generic ) - warning
23:00:38.0338 5088  acedrv06 - detected UnsignedFile.Multi.Generic (1)
23:00:38.0400 5088  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\windows\system32\drivers\ACPI.sys
23:00:38.0478 5088  ACPI - ok
23:00:38.0525 5088  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
23:00:38.0743 5088  AcpiPmi - ok
23:00:38.0868 5088  [ E9BACEDF8511EF671E817D8690E12DE3 ] Ad-Aware Service C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
23:00:44.0188 5088  Ad-Aware Service - ok
23:00:44.0297 5088  [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:00:44.0328 5088  AdobeFlashPlayerUpdateSvc - ok
23:00:44.0484 5088  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\windows\system32\DRIVERS\adp94xx.sys
23:00:44.0531 5088  adp94xx - ok
23:00:44.0562 5088  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\windows\system32\DRIVERS\adpahci.sys
23:00:44.0593 5088  adpahci - ok
23:00:44.0624 5088  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\windows\system32\DRIVERS\adpu320.sys
23:00:44.0656 5088  adpu320 - ok
23:00:44.0687 5088  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
23:00:47.0277 5088  AeLookupSvc - ok
23:00:47.0386 5088  [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
23:00:50.0693 5088  AESTFilters - ok
23:00:50.0989 5088  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\windows\system32\drivers\afd.sys
23:00:53.0470 5088  AFD - ok
23:00:53.0517 5088  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\windows\system32\drivers\agp440.sys
23:00:53.0579 5088  agp440 - ok
23:00:53.0610 5088  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\windows\System32\alg.exe
23:01:03.0235 5088  ALG - ok
23:01:03.0282 5088  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\windows\system32\drivers\aliide.sys
23:01:03.0329 5088  aliide - ok
23:01:03.0376 5088  [ 5A06AB7AB4D389DFE3C109599DF0BB65 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
23:01:07.0260 5088  AMD External Events Utility - ok
23:01:07.0323 5088  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\windows\system32\drivers\amdide.sys
23:01:07.0338 5088  amdide - ok
23:01:07.0401 5088  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\windows\system32\DRIVERS\amdk8.sys
23:01:07.0759 5088  AmdK8 - ok
23:01:07.0978 5088  [ 650DDCCD6657E20737433CB774521B81 ] amdkmdag        C:\windows\system32\DRIVERS\atikmdag.sys
23:01:08.0430 5088  amdkmdag - ok
23:01:08.0477 5088  [ F51B013C55B30DBE3AD59A7FE197C5BA ] amdkmdap        C:\windows\system32\DRIVERS\atikmpag.sys
23:01:08.0617 5088  amdkmdap - ok
23:01:08.0664 5088  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\windows\system32\DRIVERS\amdppm.sys
23:01:08.0914 5088  AmdPPM - ok
23:01:08.0961 5088  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\windows\system32\drivers\amdsata.sys
23:01:08.0976 5088  amdsata - ok
23:01:09.0039 5088  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\windows\system32\DRIVERS\amdsbs.sys
23:01:09.0070 5088  amdsbs - ok
23:01:09.0085 5088  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\windows\system32\drivers\amdxata.sys
23:01:09.0117 5088  amdxata - ok
23:01:09.0195 5088  [ D0438DB784D7BD2F07F5B9C7FB698049 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
23:01:14.0280 5088  AntiVirSchedulerService - ok
23:01:14.0343 5088  [ 55C34FF96DBF02A39523CF48503BF8D1 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
23:01:14.0374 5088  AntiVirService - ok
23:01:14.0436 5088  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\windows\system32\drivers\appid.sys
23:01:14.0748 5088  AppID - ok
23:01:14.0779 5088  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\windows\System32\appidsvc.dll
23:01:15.0029 5088  AppIDSvc - ok
23:01:15.0091 5088  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\windows\System32\appinfo.dll
23:01:15.0263 5088  Appinfo - ok
23:01:15.0341 5088  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\windows\system32\DRIVERS\arc.sys
23:01:15.0357 5088  arc - ok
23:01:15.0372 5088  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\windows\system32\DRIVERS\arcsas.sys
23:01:15.0403 5088  arcsas - ok
23:01:15.0481 5088  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:01:15.0575 5088  aspnet_state - ok
23:01:15.0622 5088  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
23:01:15.0825 5088  AsyncMac - ok
23:01:15.0887 5088  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\windows\system32\drivers\atapi.sys
23:01:15.0903 5088  atapi - ok
23:01:16.0027 5088  [ 2D648572BA9A610952FCAFBA1E119C2D ] AtiHdmiService  C:\windows\system32\drivers\AtiHdmi.sys
23:01:16.0277 5088  AtiHdmiService - ok
23:01:16.0308 5088  [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie         C:\windows\system32\DRIVERS\AtiPcie64.sys
23:01:16.0355 5088  AtiPcie - ok
23:01:16.0480 5088  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
23:01:16.0698 5088  AudioEndpointBuilder - ok
23:01:16.0714 5088  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\windows\System32\Audiosrv.dll
23:01:16.0885 5088  AudioSrv - ok
23:01:16.0917 5088  [ 39C2E2870FC0C2AE0595B883CBE716B4 ] avgntflt        C:\windows\system32\DRIVERS\avgntflt.sys
23:01:16.0995 5088  avgntflt - ok
23:01:17.0041 5088  [ C98FA6E5AD0E857D22716BD2B8B1F399 ] avipbb          C:\windows\system32\DRIVERS\avipbb.sys
23:01:17.0057 5088  avipbb - ok
23:01:17.0166 5088  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\windows\System32\AxInstSV.dll
23:01:17.0447 5088  AxInstSV - ok
23:01:17.0478 5088  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\windows\system32\DRIVERS\bxvbda.sys
23:01:17.0728 5088  b06bdrv - ok
23:01:17.0790 5088  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
23:01:17.0946 5088  b57nd60a - ok
23:01:18.0071 5088  [ 810BE94A9E42309B3F74217AC28BC6AC ] BCM43XX         C:\windows\system32\DRIVERS\bcmwl664.sys
23:01:18.0180 5088  BCM43XX - ok
23:01:18.0227 5088  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\windows\System32\bdesvc.dll
23:01:18.0586 5088  BDESVC - ok
23:01:18.0617 5088  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\windows\system32\drivers\Beep.sys
23:01:18.0945 5088  Beep - ok
23:01:19.0054 5088  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\windows\System32\bfe.dll
23:01:19.0194 5088  BFE - ok
23:01:19.0257 5088  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\windows\system32\qmgr.dll
23:01:19.0491 5088  BITS - ok
23:01:19.0553 5088  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
23:01:19.0662 5088  blbdrive - ok
23:01:19.0693 5088  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
23:01:19.0896 5088  bowser - ok
23:01:19.0959 5088  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\windows\system32\DRIVERS\BrFiltLo.sys
23:01:20.0271 5088  BrFiltLo - ok
23:01:20.0317 5088  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\windows\system32\DRIVERS\BrFiltUp.sys
23:01:20.0395 5088  BrFiltUp - ok
23:01:20.0442 5088  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\windows\system32\DRIVERS\bridge.sys
23:01:20.0536 5088  BridgeMP - ok
23:01:20.0645 5088  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\windows\System32\browser.dll
23:01:20.0785 5088  Browser - ok
23:01:20.0817 5088  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\windows\System32\Drivers\Brserid.sys
23:01:21.0004 5088  Brserid - ok
23:01:21.0019 5088  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
23:01:21.0144 5088  BrSerWdm - ok
23:01:21.0269 5088  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
23:01:21.0347 5088  BrUsbMdm - ok
23:01:21.0378 5088  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
23:01:21.0425 5088  BrUsbSer - ok
23:01:21.0550 5088  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys
23:01:22.0236 5088  BthEnum - ok
23:01:22.0267 5088  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
23:01:22.0377 5088  BTHMODEM - ok
23:01:22.0423 5088  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
23:01:22.0455 5088  BthPan - ok
23:01:22.0517 5088  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
23:01:22.0673 5088  BTHPORT - ok
23:01:22.0735 5088  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\windows\system32\bthserv.dll
23:01:22.0891 5088  bthserv - ok
23:01:22.0985 5088  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
23:01:23.0079 5088  BTHUSB - ok
23:01:23.0172 5088  [ 7A2CE8C1BF4DAA1F2766E21E9CA11078 ] btwampfl        C:\windows\system32\drivers\btwampfl.sys
23:01:23.0203 5088  btwampfl - ok
23:01:23.0297 5088  [ A75BF6802A967F5AACECC3C67FEBDF55 ] btwaudio        C:\windows\system32\drivers\btwaudio.sys
23:01:23.0359 5088  btwaudio - ok
23:01:23.0375 5088  [ D895DC213EDBDA5FCC53AAD1F1E0E63B ] btwavdt         C:\windows\system32\DRIVERS\btwavdt.sys
23:01:23.0406 5088  btwavdt - ok
23:01:23.0687 5088  [ 692F8648D7686D91E34A65AC698019D8 ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
23:01:23.0859 5088  btwdins - ok
23:01:24.0061 5088  [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap        C:\windows\system32\DRIVERS\btwl2cap.sys
23:01:24.0124 5088  btwl2cap - ok
23:01:24.0217 5088  [ 6D7AA2BDE0135599C5F230D69DB3B420 ] btwrchid        C:\windows\system32\DRIVERS\btwrchid.sys
23:01:24.0249 5088  btwrchid - ok
23:01:24.0327 5088  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
23:01:24.0514 5088  cdfs - ok
23:01:24.0623 5088  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
23:01:24.0779 5088  cdrom - ok
23:01:24.0857 5088  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\windows\System32\certprop.dll
23:01:25.0247 5088  CertPropSvc - ok
23:01:25.0309 5088  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\windows\system32\DRIVERS\circlass.sys
23:01:25.0372 5088  circlass - ok
23:01:25.0419 5088  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\windows\system32\CLFS.sys
23:01:25.0434 5088  CLFS - ok
23:01:25.0497 5088  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:01:30.0645 5088  clr_optimization_v2.0.50727_32 - ok
23:01:30.0738 5088  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:01:30.0863 5088  clr_optimization_v2.0.50727_64 - ok
23:01:30.0925 5088  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:01:31.0097 5088  clr_optimization_v4.0.30319_32 - ok
23:01:31.0128 5088  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:01:31.0222 5088  clr_optimization_v4.0.30319_64 - ok
23:01:31.0269 5088  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
23:01:31.0347 5088  CmBatt - ok
23:01:31.0393 5088  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\windows\system32\drivers\cmdide.sys
23:01:31.0440 5088  cmdide - ok
23:01:31.0503 5088  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\windows\system32\Drivers\cng.sys
23:01:31.0612 5088  CNG - ok
23:01:31.0627 5088  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\windows\system32\DRIVERS\compbatt.sys
23:01:31.0674 5088  Compbatt - ok
23:01:31.0721 5088  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
23:01:31.0783 5088  CompositeBus - ok
23:01:31.0799 5088  COMSysApp - ok
23:01:31.0830 5088  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\windows\system32\DRIVERS\crcdisk.sys
23:01:31.0846 5088  crcdisk - ok
23:01:31.0908 5088  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\windows\system32\cryptsvc.dll
23:01:32.0064 5088  CryptSvc - ok
23:01:32.0111 5088  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\windows\system32\rpcss.dll
23:01:32.0283 5088  DcomLaunch - ok
23:01:32.0329 5088  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\windows\System32\defragsvc.dll
23:01:32.0485 5088  defragsvc - ok
23:01:32.0548 5088  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\windows\system32\Drivers\dfsc.sys
23:01:32.0673 5088  DfsC - ok
23:01:32.0751 5088  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\windows\system32\dhcpcore.dll
23:01:32.0891 5088  Dhcp - ok
23:01:32.0938 5088  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\windows\system32\drivers\discache.sys
23:01:33.0390 5088  discache - ok
23:01:33.0421 5088  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\windows\system32\DRIVERS\disk.sys
23:01:33.0453 5088  Disk - ok
23:01:33.0484 5088  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\windows\System32\dnsrslvr.dll
23:01:33.0562 5088  Dnscache - ok
23:01:33.0624 5088  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\windows\System32\dot3svc.dll
23:01:33.0718 5088  dot3svc - ok
23:01:33.0765 5088  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\windows\system32\dps.dll
23:01:33.0921 5088  DPS - ok
23:01:33.0967 5088  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
23:01:34.0061 5088  drmkaud - ok
23:01:34.0139 5088  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
23:01:34.0248 5088  DXGKrnl - ok
23:01:34.0295 5088  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\windows\System32\eapsvc.dll
23:01:34.0420 5088  EapHost - ok
23:01:34.0576 5088  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\windows\system32\DRIVERS\evbda.sys
23:01:34.0794 5088  ebdrv - ok
23:01:34.0841 5088  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\windows\System32\lsass.exe
23:01:35.0013 5088  EFS - ok
23:01:35.0091 5088  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
23:01:35.0293 5088  ehRecvr - ok
23:01:35.0340 5088  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\windows\ehome\ehsched.exe
23:01:35.0481 5088  ehSched - ok
23:01:35.0527 5088  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\windows\system32\DRIVERS\elxstor.sys
23:01:35.0621 5088  elxstor - ok
23:01:35.0652 5088  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\windows\system32\drivers\errdev.sys
23:01:35.0730 5088  ErrDev - ok
23:01:35.0808 5088  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\windows\system32\es.dll
23:01:35.0980 5088  EventSystem - ok
23:01:36.0042 5088  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\windows\system32\drivers\exfat.sys
23:01:36.0198 5088  exfat - ok
23:01:36.0245 5088  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\windows\system32\drivers\fastfat.sys
23:01:36.0401 5088  fastfat - ok
23:01:36.0495 5088  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\windows\system32\fxssvc.exe
23:01:36.0651 5088  Fax - ok
23:01:36.0682 5088  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\windows\system32\DRIVERS\fdc.sys
23:01:36.0760 5088  fdc - ok
23:01:36.0807 5088  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\windows\system32\fdPHost.dll
23:01:36.0963 5088  fdPHost - ok
23:01:36.0994 5088  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\windows\system32\fdrespub.dll
23:01:37.0134 5088  FDResPub - ok
23:01:37.0181 5088  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
23:01:37.0228 5088  FileInfo - ok
23:01:37.0259 5088  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
23:01:37.0415 5088  Filetrace - ok
23:01:37.0446 5088  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\windows\system32\DRIVERS\flpydisk.sys
23:01:37.0524 5088  flpydisk - ok
23:01:37.0602 5088  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
23:01:37.0665 5088  FltMgr - ok
23:01:37.0758 5088  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\windows\system32\FntCache.dll
23:01:37.0977 5088  FontCache - ok
23:01:38.0039 5088  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:01:38.0117 5088  FontCache3.0.0.0 - ok
23:01:38.0148 5088  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
23:01:38.0195 5088  FsDepends - ok
23:01:38.0242 5088  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
23:01:38.0289 5088  Fs_Rec - ok
23:01:38.0335 5088  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
23:01:38.0413 5088  fvevol - ok
23:01:38.0445 5088  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\windows\system32\DRIVERS\gagp30kx.sys
23:01:38.0507 5088  gagp30kx - ok
23:01:38.0569 5088  [ E80C14B9C6E5B57BB7710B356857A964 ] gfiark          C:\windows\system32\drivers\gfiark.sys
23:01:38.0632 5088  gfiark - ok
23:01:38.0679 5088  [ 14908F4F9005C29DE8F5587E271390EE ] gfibto          C:\windows\system32\drivers\gfibto.sys
23:01:38.0725 5088  gfibto - ok
23:01:38.0788 5088  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\windows\System32\gpsvc.dll
23:01:38.0991 5088  gpsvc - ok
23:01:39.0069 5088  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:01:39.0131 5088  gupdate - ok
23:01:39.0178 5088  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:01:39.0225 5088  gupdatem - ok
23:01:39.0256 5088  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
23:01:39.0318 5088  gusvc - ok
23:01:39.0349 5088  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
23:01:39.0490 5088  hcw85cir - ok
23:01:39.0552 5088  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
23:01:39.0646 5088  HdAudAddService - ok
23:01:39.0693 5088  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\windows\system32\drivers\HDAudBus.sys
23:01:39.0786 5088  HDAudBus - ok
23:01:39.0833 5088  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\windows\system32\DRIVERS\HidBatt.sys
23:01:39.0895 5088  HidBatt - ok
23:01:39.0942 5088  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\windows\system32\DRIVERS\hidbth.sys
23:01:40.0036 5088  HidBth - ok
23:01:40.0067 5088  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\windows\system32\DRIVERS\hidir.sys
23:01:40.0145 5088  HidIr - ok
23:01:40.0192 5088  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\windows\System32\hidserv.dll
23:01:40.0348 5088  hidserv - ok
23:01:40.0410 5088  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
23:01:40.0473 5088  HidUsb - ok
23:01:40.0519 5088  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\windows\system32\kmsvc.dll
23:01:40.0691 5088  hkmsvc - ok
23:01:40.0753 5088  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
23:01:40.0894 5088  HomeGroupListener - ok
23:01:40.0941 5088  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
23:01:41.0034 5088  HomeGroupProvider - ok
23:01:41.0143 5088  [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
23:01:41.0190 5088  HP Support Assistant Service - ok
23:01:41.0268 5088  [ 58CC11D14D88EF70EF7ABBC75B5EEBD8 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
23:01:41.0331 5088  HP Wireless Assistant Service - ok
23:01:41.0424 5088  [ B19FF523B533A3F198B9239E1749C940 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
23:01:46.0806 5088  HPDrvMntSvc.exe - ok
23:01:46.0853 5088  [ 120C1CEB5E45DB0A04416242BD6C1E3E ] hpHotkeyMonitor C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
23:01:46.0900 5088  hpHotkeyMonitor - ok
23:01:46.0947 5088  [ B98EE5D4535A685634B90F7E04DE0DF7 ] HpqKbFiltr      C:\windows\system32\DRIVERS\HpqKbFiltr.sys
23:01:46.0962 5088  HpqKbFiltr - ok
23:01:47.0025 5088  [ 01091B900E15878B4434F9C726C4541D ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
23:01:47.0118 5088  hpqwmiex - ok
23:01:47.0165 5088  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
23:01:47.0181 5088  HpSAMD - ok
23:01:47.0243 5088  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\windows\system32\drivers\HTTP.sys
23:01:47.0399 5088  HTTP - ok
23:01:47.0446 5088  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
23:01:47.0508 5088  hwpolicy - ok
23:01:47.0539 5088  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\windows\system32\drivers\i8042prt.sys
23:01:47.0602 5088  i8042prt - ok
23:01:47.0664 5088  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
23:01:47.0742 5088  iaStorV - ok
23:01:47.0820 5088  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:01:47.0976 5088  idsvc - ok
23:01:48.0007 5088  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\windows\system32\DRIVERS\iirsp.sys
23:01:48.0054 5088  iirsp - ok
23:01:48.0117 5088  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\windows\System32\ikeext.dll
23:01:48.0226 5088  IKEEXT - ok
23:01:48.0273 5088  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\windows\system32\drivers\intelide.sys
23:01:48.0288 5088  intelide - ok
23:01:48.0319 5088  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
23:01:48.0366 5088  intelppm - ok
23:01:48.0397 5088  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\windows\system32\ipbusenum.dll
23:01:48.0491 5088  IPBusEnum - ok
23:01:48.0522 5088  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
23:01:48.0600 5088  IpFilterDriver - ok
23:01:48.0647 5088  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
23:01:48.0772 5088  iphlpsvc - ok
23:01:48.0819 5088  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
23:01:48.0897 5088  IPMIDRV - ok
23:01:48.0943 5088  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
23:01:49.0068 5088  IPNAT - ok
23:01:49.0115 5088  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\windows\system32\drivers\irenum.sys
23:01:49.0271 5088  IRENUM - ok
23:01:49.0302 5088  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\windows\system32\drivers\isapnp.sys
23:01:49.0349 5088  isapnp - ok
23:01:49.0599 5088  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
23:01:49.0614 5088  iScsiPrt - ok
23:01:49.0677 5088  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\windows\system32\drivers\kbdclass.sys
23:01:49.0692 5088  kbdclass - ok
23:01:49.0739 5088  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\windows\system32\drivers\kbdhid.sys
23:01:49.0864 5088  kbdhid - ok
23:01:49.0895 5088  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\windows\system32\lsass.exe
23:01:49.0926 5088  KeyIso - ok
23:01:49.0973 5088  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
23:01:49.0989 5088  KSecDD - ok
23:01:50.0035 5088  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
23:01:50.0067 5088  KSecPkg - ok
23:01:50.0082 5088  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
23:01:50.0160 5088  ksthunk - ok
23:01:50.0191 5088  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\windows\system32\msdtckrm.dll
23:01:50.0285 5088  KtmRm - ok
23:01:50.0332 5088  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\windows\System32\srvsvc.dll
23:01:50.0425 5088  LanmanServer - ok
23:01:50.0457 5088  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
23:01:50.0613 5088  LanmanWorkstation - ok
23:01:50.0706 5088  [ 47269F0DE1E5089C6F23BC1EC48CFC31 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
23:01:51.0205 5088  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
23:01:51.0205 5088  LightScribeService - detected UnsignedFile.Multi.Generic (1)
23:01:51.0252 5088  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
23:01:51.0330 5088  lltdio - ok
23:01:51.0361 5088  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\windows\System32\lltdsvc.dll
23:01:51.0455 5088  lltdsvc - ok
23:01:51.0486 5088  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\windows\System32\lmhsvc.dll
23:01:51.0564 5088  lmhosts - ok
23:01:51.0611 5088  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\windows\system32\DRIVERS\lsi_fc.sys
23:01:51.0627 5088  LSI_FC - ok
23:01:51.0658 5088  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\windows\system32\DRIVERS\lsi_sas.sys
23:01:51.0689 5088  LSI_SAS - ok
23:01:51.0705 5088  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\windows\system32\DRIVERS\lsi_sas2.sys
23:01:51.0736 5088  LSI_SAS2 - ok
23:01:51.0751 5088  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\windows\system32\DRIVERS\lsi_scsi.sys
23:01:51.0783 5088  LSI_SCSI - ok
23:01:51.0814 5088  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\windows\system32\drivers\luafv.sys
23:01:51.0892 5088  luafv - ok
23:01:51.0954 5088  [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector   C:\windows\system32\drivers\mbam.sys
23:01:51.0985 5088  MBAMProtector - ok
23:01:52.0048 5088  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
23:01:52.0079 5088  MBAMScheduler - ok
23:01:52.0126 5088  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
23:01:52.0219 5088  MBAMService - ok
23:01:52.0282 5088  [ FCD749A10CF28DF4F508D2BF87491E83 ] McAfee SiteAdvisor Enterprise Service C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe
23:01:52.0329 5088  McAfee SiteAdvisor Enterprise Service - ok
23:01:52.0391 5088  [ DD0F83167275CC2C66EA87B479CADC14 ] McShield        C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
23:01:52.0469 5088  McShield - ok
23:01:52.0531 5088  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
23:01:52.0625 5088  Mcx2Svc - ok
23:01:52.0656 5088  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\windows\system32\DRIVERS\megasas.sys
23:01:52.0703 5088  megasas - ok
23:01:52.0750 5088  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\windows\system32\DRIVERS\MegaSR.sys
23:01:52.0828 5088  MegaSR - ok
23:01:52.0875 5088  [ 6AE40901ABC3AC5FA3C33314DB59D36E ] mfeapfk         C:\windows\system32\drivers\mfeapfk.sys
23:01:52.0921 5088  mfeapfk - ok
23:01:52.0968 5088  [ 49DC553557C31704DCB4771245E7D556 ] mfeavfk         C:\windows\system32\drivers\mfeavfk.sys
23:01:52.0999 5088  mfeavfk - ok
23:01:53.0015 5088  mfeavfk01 - ok
23:01:53.0046 5088  [ B2E1B291676AC3919058798A6707DBC9 ] mfehidk         C:\windows\system32\drivers\mfehidk.sys
23:01:53.0093 5088  mfehidk - ok
23:01:53.0124 5088  [ 582BD7C0C1C9913F44B6835651A52BD1 ] mferkdet        C:\windows\system32\drivers\mferkdet.sys
23:01:53.0140 5088  mferkdet - ok
23:01:53.0171 5088  [ 5DA98EB70211B64879A9781ECDEEADC6 ] mfevtp          C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
23:01:53.0202 5088  mfevtp - ok
23:01:53.0218 5088  [ A2AD5E7FAD5AD659D3073F826C35E127 ] mfewfpk         C:\windows\system32\drivers\mfewfpk.sys
23:01:53.0249 5088  mfewfpk - ok
23:01:53.0280 5088  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\windows\system32\mmcss.dll
23:01:53.0358 5088  MMCSS - ok
23:01:53.0389 5088  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\windows\system32\drivers\modem.sys
23:01:53.0467 5088  Modem - ok
23:01:53.0499 5088  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\windows\system32\DRIVERS\monitor.sys
23:01:53.0545 5088  monitor - ok
23:01:53.0592 5088  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
23:01:53.0623 5088  mouclass - ok
23:01:53.0639 5088  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
23:01:53.0686 5088  mouhid - ok
23:01:53.0733 5088  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
23:01:53.0748 5088  mountmgr - ok
23:01:53.0811 5088  [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:01:53.0842 5088  MozillaMaintenance - ok
23:01:53.0873 5088  [ AE2E68527013EB4F761ECCC630F7F1A3 ] MPFP            C:\windows\system32\Drivers\Mpfp.sys
23:01:53.0904 5088  MPFP - ok
23:01:53.0951 5088  [ 95AAC73D11DDBA901042953E5F8146F7 ] MpfService      C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
23:01:53.0998 5088  MpfService - ok
23:01:54.0029 5088  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\windows\system32\drivers\mpio.sys
23:01:54.0060 5088  mpio - ok
23:01:54.0076 5088  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
23:01:54.0138 5088  mpsdrv - ok
23:01:54.0201 5088  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\windows\system32\mpssvc.dll
23:01:54.0310 5088  MpsSvc - ok
23:01:54.0357 5088  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
23:01:54.0403 5088  MRxDAV - ok
23:01:54.0450 5088  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
23:01:54.0575 5088  mrxsmb - ok
23:01:54.0622 5088  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
23:01:54.0700 5088  mrxsmb10 - ok
23:01:54.0747 5088  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
23:01:54.0825 5088  mrxsmb20 - ok
23:01:54.0871 5088  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\windows\system32\drivers\msahci.sys
23:01:54.0918 5088  msahci - ok
23:01:54.0965 5088  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\windows\system32\drivers\msdsm.sys
23:01:55.0027 5088  msdsm - ok
23:01:55.0059 5088  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\windows\System32\msdtc.exe
23:01:55.0183 5088  MSDTC - ok
23:01:55.0246 5088  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\windows\system32\drivers\Msfs.sys
23:01:55.0386 5088  Msfs - ok
23:01:55.0433 5088  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
23:01:55.0589 5088  mshidkmdf - ok
23:01:55.0636 5088  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
23:01:55.0683 5088  msisadrv - ok
23:01:55.0714 5088  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
23:01:55.0807 5088  MSiSCSI - ok
23:01:55.0823 5088  msiserver - ok
23:01:55.0854 5088  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
23:01:55.0932 5088  MSKSSRV - ok
23:01:55.0963 5088  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
23:01:56.0041 5088  MSPCLOCK - ok
23:01:56.0057 5088  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
23:01:56.0135 5088  MSPQM - ok
23:01:56.0182 5088  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
23:01:56.0213 5088  MsRPC - ok
23:01:56.0229 5088  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
23:01:56.0260 5088  mssmbios - ok
23:01:56.0291 5088  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
23:01:56.0338 5088  MSTEE - ok
23:01:56.0369 5088  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\windows\system32\DRIVERS\MTConfig.sys
23:01:56.0400 5088  MTConfig - ok
23:01:56.0431 5088  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\windows\system32\Drivers\mup.sys
23:01:56.0463 5088  Mup - ok
23:01:56.0509 5088  [ FD6B9817671377CFCCAD2F8A4B682A52 ] myAgtSvc        C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe
23:01:56.0541 5088  myAgtSvc - ok
23:01:56.0587 5088  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\windows\system32\qagentRT.dll
23:01:56.0697 5088  napagent - ok
23:01:56.0743 5088  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
23:01:56.0806 5088  NativeWifiP - ok
23:01:56.0868 5088  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\windows\system32\drivers\ndis.sys
23:01:56.0931 5088  NDIS - ok
23:01:56.0962 5088  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
23:01:57.0040 5088  NdisCap - ok
23:01:57.0071 5088  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
23:01:57.0149 5088  NdisTapi - ok
23:01:57.0211 5088  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
23:01:57.0289 5088  Ndisuio - ok
23:01:57.0336 5088  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
23:01:57.0399 5088  NdisWan - ok
23:01:57.0445 5088  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
23:01:57.0523 5088  NDProxy - ok
23:01:57.0555 5088  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
23:01:57.0617 5088  NetBIOS - ok
23:01:57.0648 5088  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
23:01:57.0742 5088  NetBT - ok
23:01:57.0773 5088  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\windows\system32\lsass.exe
23:01:57.0804 5088  Netlogon - ok
23:01:57.0835 5088  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\windows\System32\netman.dll
23:02:03.0217 5088  Netman - ok
23:02:03.0280 5088  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:02:03.0358 5088  NetMsmqActivator - ok
23:02:03.0373 5088  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:02:03.0389 5088  NetPipeActivator - ok
23:02:03.0436 5088  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\windows\System32\netprofm.dll
23:02:03.0514 5088  netprofm - ok
23:02:03.0529 5088  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:02:03.0561 5088  NetTcpActivator - ok
23:02:03.0576 5088  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:02:03.0592 5088  NetTcpPortSharing - ok
23:02:03.0623 5088  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\windows\system32\DRIVERS\nfrd960.sys
23:02:03.0654 5088  nfrd960 - ok
23:02:03.0701 5088  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\windows\System32\nlasvc.dll
23:02:03.0763 5088  NlaSvc - ok
23:02:03.0795 5088  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\windows\system32\drivers\Npfs.sys
23:02:03.0857 5088  Npfs - ok
23:02:03.0873 5088  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\windows\system32\nsisvc.dll
23:02:03.0935 5088  nsi - ok
23:02:03.0951 5088  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
23:02:04.0029 5088  nsiproxy - ok
23:02:04.0107 5088  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
23:02:04.0200 5088  Ntfs - ok
23:02:04.0216 5088  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\windows\system32\drivers\Null.sys
23:02:04.0294 5088  Null - ok
23:02:04.0341 5088  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\windows\system32\drivers\nvraid.sys
23:02:04.0356 5088  nvraid - ok
23:02:04.0387 5088  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\windows\system32\drivers\nvstor.sys
23:02:04.0419 5088  nvstor - ok
23:02:04.0450 5088  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
23:02:04.0465 5088  nv_agp - ok
23:02:04.0497 5088  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
23:02:04.0543 5088  ohci1394 - ok
23:02:04.0590 5088  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
23:02:04.0699 5088  p2pimsvc - ok
23:02:04.0731 5088  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\windows\system32\p2psvc.dll
23:02:04.0824 5088  p2psvc - ok
23:02:04.0855 5088  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\windows\system32\DRIVERS\parport.sys
23:02:04.0933 5088  Parport - ok
23:02:04.0965 5088  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\windows\system32\drivers\partmgr.sys
23:02:05.0011 5088  partmgr - ok
23:02:05.0058 5088  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\windows\System32\pcasvc.dll
23:02:05.0152 5088  PcaSvc - ok
23:02:05.0214 5088  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\windows\system32\drivers\pci.sys
23:02:05.0277 5088  pci - ok
23:02:05.0308 5088  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\windows\system32\drivers\pciide.sys
23:02:05.0339 5088  pciide - ok
23:02:05.0355 5088  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\windows\system32\DRIVERS\pcmcia.sys
23:02:05.0386 5088  pcmcia - ok
23:02:05.0417 5088  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\windows\system32\drivers\pcw.sys
23:02:05.0433 5088  pcw - ok
23:02:05.0479 5088  pdfcDispatcher - ok
23:02:05.0511 5088  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\windows\system32\drivers\peauth.sys
23:02:05.0604 5088  PEAUTH - ok
23:02:05.0947 5088  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\windows\SysWow64\perfhost.exe
23:02:06.0010 5088  PerfHost - ok
23:02:06.0088 5088  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\windows\system32\pla.dll
23:02:06.0291 5088  pla - ok
23:02:06.0353 5088  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
23:02:06.0509 5088  PlugPlay - ok
23:02:06.0556 5088  PnkBstrA - ok
23:02:06.0587 5088  PnkBstrB - ok
23:02:06.0634 5088  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
23:02:06.0727 5088  PNRPAutoReg - ok
23:02:06.0774 5088  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
23:02:06.0852 5088  PNRPsvc - ok
23:02:06.0899 5088  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
23:02:07.0008 5088  PolicyAgent - ok
23:02:07.0039 5088  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\windows\system32\umpo.dll
23:02:07.0133 5088  Power - ok
23:02:07.0180 5088  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
23:02:07.0258 5088  PptpMiniport - ok
23:02:07.0305 5088  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\windows\system32\DRIVERS\processr.sys
23:02:07.0336 5088  Processor - ok
23:02:07.0383 5088  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\windows\system32\profsvc.dll
23:02:07.0461 5088  ProfSvc - ok
23:02:07.0476 5088  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
23:02:07.0507 5088  ProtectedStorage - ok
23:02:07.0570 5088  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\windows\system32\DRIVERS\pacer.sys
23:02:07.0648 5088  Psched - ok
23:02:07.0679 5088  [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2       c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
23:02:07.0710 5088  PSI_SVC_2 - ok
23:02:07.0741 5088  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\windows\system32\Drivers\PxHlpa64.sys
23:02:07.0773 5088  PxHlpa64 - ok
23:02:07.0835 5088  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\windows\system32\DRIVERS\ql2300.sys
23:02:07.0913 5088  ql2300 - ok
23:02:07.0929 5088  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\windows\system32\DRIVERS\ql40xx.sys
23:02:07.0960 5088  ql40xx - ok
23:02:07.0991 5088  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\windows\system32\qwave.dll
23:02:08.0053 5088  QWAVE - ok
23:02:08.0069 5088  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
23:02:08.0131 5088  QWAVEdrv - ok
23:02:08.0163 5088  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
23:02:08.0225 5088  RasAcd - ok
23:02:08.0256 5088  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
23:02:08.0334 5088  RasAgileVpn - ok
23:02:08.0365 5088  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\windows\System32\rasauto.dll
23:02:08.0443 5088  RasAuto - ok
23:02:08.0475 5088  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
23:02:08.0537 5088  Rasl2tp - ok
23:02:08.0584 5088  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\windows\System32\rasmans.dll
23:02:08.0677 5088  RasMan - ok
23:02:08.0709 5088  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
23:02:08.0771 5088  RasPppoe - ok
23:02:08.0818 5088  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
23:02:08.0880 5088  RasSstp - ok
23:02:08.0896 5088  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
23:02:08.0974 5088  rdbss - ok
23:02:09.0005 5088  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\windows\system32\DRIVERS\rdpbus.sys
23:02:09.0052 5088  rdpbus - ok
23:02:09.0083 5088  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
23:02:09.0145 5088  RDPCDD - ok
23:02:09.0177 5088  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
23:02:09.0255 5088  RDPENCDD - ok
23:02:09.0270 5088  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
23:02:09.0333 5088  RDPREFMP - ok
23:02:09.0364 5088  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
23:02:09.0426 5088  RDPWD - ok
23:02:09.0473 5088  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
23:02:09.0504 5088  rdyboost - ok
23:02:09.0551 5088  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\windows\System32\mprdim.dll
23:02:09.0629 5088  RemoteAccess - ok
23:02:09.0676 5088  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\windows\system32\regsvc.dll
23:02:09.0754 5088  RemoteRegistry - ok
23:02:09.0801 5088  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
23:02:09.0863 5088  RFCOMM - ok
23:02:09.0894 5088  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
23:02:09.0988 5088  RpcEptMapper - ok
23:02:10.0019 5088  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\windows\system32\locator.exe
23:02:10.0066 5088  RpcLocator - ok
23:02:10.0113 5088  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\windows\system32\rpcss.dll
23:02:10.0191 5088  RpcSs - ok
23:02:10.0237 5088  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
23:02:10.0315 5088  rspndr - ok
23:02:10.0378 5088  [ BA3E57C89E6F63808D3F2B11E1A2AD3C ] RTL8167         C:\windows\system32\DRIVERS\Rt64win7.sys
23:02:10.0409 5088  RTL8167 - ok
23:02:10.0425 5088  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\windows\system32\lsass.exe
23:02:10.0471 5088  SamSs - ok
23:02:10.0612 5088  [ 99FC1599F89A80216E41175B8CA44D89 ] SBAMSvc         C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
23:02:10.0721 5088  SBAMSvc - ok
23:02:10.0783 5088  [ 8F19D62B04081C0BFF1E8D6F26220A28 ] sbapifs         C:\windows\system32\DRIVERS\sbapifs.sys
23:02:10.0815 5088  sbapifs - ok
23:02:10.0861 5088  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
23:02:10.0877 5088  sbp2port - ok
23:02:10.0908 5088  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\windows\System32\SCardSvr.dll
23:02:10.0986 5088  SCardSvr - ok
23:02:11.0033 5088  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
23:02:11.0111 5088  scfilter - ok
23:02:11.0158 5088  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\windows\system32\schedsvc.dll
23:02:11.0251 5088  Schedule - ok
23:02:11.0298 5088  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\windows\System32\certprop.dll
23:02:11.0361 5088  SCPolicySvc - ok
23:02:11.0392 5088  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\windows\system32\drivers\sdbus.sys
23:02:11.0439 5088  sdbus - ok
23:02:11.0485 5088  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\windows\System32\SDRSVC.dll
23:02:11.0579 5088  SDRSVC - ok
23:02:11.0657 5088  [ 4A5809A1D796E2675AC0332BF7B0CB11 ] SeaPort         C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
23:02:11.0688 5088  SeaPort - ok
23:02:11.0829 5088  [ 0F4A80438E7286A0E623582F5F2395BD ] SearchAnonymizer C:\Users\mossi\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
23:02:11.0891 5088  SearchAnonymizer ( UnsignedFile.Multi.Generic ) - warning
23:02:11.0891 5088  SearchAnonymizer - detected UnsignedFile.Multi.Generic (1)
23:02:11.0938 5088  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\windows\system32\drivers\secdrv.sys
23:02:12.0094 5088  secdrv - ok
23:02:12.0125 5088  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\windows\system32\seclogon.dll
23:02:12.0265 5088  seclogon - ok
23:02:12.0312 5088  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\windows\system32\sens.dll
23:02:12.0453 5088  SENS - ok
23:02:12.0499 5088  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\windows\system32\sensrsvc.dll
23:02:12.0593 5088  SensrSvc - ok
23:02:12.0624 5088  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\windows\system32\DRIVERS\serenum.sys
23:02:12.0655 5088  Serenum - ok
23:02:12.0687 5088  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\windows\system32\DRIVERS\serial.sys
23:02:12.0765 5088  Serial - ok
23:02:12.0796 5088  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\windows\system32\DRIVERS\sermouse.sys
23:02:12.0858 5088  sermouse - ok
23:02:12.0967 5088  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\windows\system32\sessenv.dll
23:02:13.0108 5088  SessionEnv - ok
23:02:13.0170 5088  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
23:02:13.0264 5088  sffdisk - ok
23:02:13.0295 5088  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
23:02:13.0357 5088  sffp_mmc - ok
23:02:13.0389 5088  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
23:02:13.0498 5088  sffp_sd - ok
23:02:13.0529 5088  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\windows\system32\DRIVERS\sfloppy.sys
23:02:13.0607 5088  sfloppy - ok
23:02:13.0669 5088  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\windows\System32\ipnathlp.dll
23:02:13.0825 5088  SharedAccess - ok
23:02:13.0888 5088  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
23:02:14.0059 5088  ShellHWDetection - ok
23:02:14.0106 5088  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\windows\system32\DRIVERS\SiSRaid2.sys
23:02:14.0153 5088  SiSRaid2 - ok
23:02:14.0200 5088  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\windows\system32\DRIVERS\sisraid4.sys
23:02:14.0262 5088  SiSRaid4 - ok
23:02:14.0309 5088  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\windows\system32\DRIVERS\smb.sys
23:02:14.0434 5088  Smb - ok
23:02:14.0512 5088  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\windows\System32\snmptrap.exe
23:02:19.0535 5088  SNMPTRAP - ok
23:02:19.0629 5088  [ 2B0BD5D647F382B9E7253C598E24D133 ] SNP2UVC         C:\windows\system32\DRIVERS\snp2uvc.sys
23:02:19.0707 5088  SNP2UVC - ok
23:02:19.0722 5088  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\windows\system32\drivers\spldr.sys
23:02:19.0753 5088  spldr - ok
23:02:19.0800 5088  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\windows\System32\spoolsv.exe
23:02:19.0925 5088  Spooler - ok
23:02:20.0065 5088  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\windows\system32\sppsvc.exe
23:02:20.0393 5088  sppsvc - ok
23:02:20.0440 5088  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\windows\system32\sppuinotify.dll
23:02:20.0596 5088  sppuinotify - ok
23:02:20.0658 5088  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\windows\system32\DRIVERS\srv.sys
23:02:20.0799 5088  srv - ok
23:02:20.0845 5088  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
23:02:20.0939 5088  srv2 - ok
23:02:20.0986 5088  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
23:02:21.0064 5088  srvnet - ok
23:02:21.0111 5088  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
23:02:21.0267 5088  SSDPSRV - ok
23:02:21.0298 5088  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\windows\system32\sstpsvc.dll
23:02:21.0376 5088  SstpSvc - ok
23:02:21.0485 5088  [ F8807AAF697E1D20C9D7716A4941E574 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
23:02:21.0516 5088  STacSV - ok
23:02:21.0579 5088  Steam Client Service - ok
23:02:21.0610 5088  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\windows\system32\DRIVERS\stexstor.sys
23:02:21.0672 5088  stexstor - ok
23:02:21.0735 5088  [ 96DF19A03D37F8568141612D31F0D035 ] STHDA           C:\windows\system32\DRIVERS\stwrt64.sys
23:02:21.0844 5088  STHDA - ok
23:02:21.0922 5088  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\windows\System32\wiaservc.dll
23:02:22.0374 5088  stisvc - ok
23:02:22.0421 5088  [ AD989072596AB313D7FA13BCF69573F7 ] stllssvr        c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
23:02:22.0452 5088  stllssvr - ok
23:02:22.0483 5088  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\windows\system32\drivers\swenum.sys
23:02:22.0499 5088  swenum - ok
23:02:22.0546 5088  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\windows\System32\swprv.dll
23:02:22.0639 5088  swprv - ok
23:02:22.0702 5088  [ 3C80203C725C28CEA5713D1AB242880A ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
23:02:22.0780 5088  SynTP - ok
23:02:22.0873 5088  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\windows\system32\sysmain.dll
23:02:23.0045 5088  SysMain - ok
23:02:23.0092 5088  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
23:02:23.0201 5088  TabletInputService - ok
23:02:23.0263 5088  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\windows\System32\tapisrv.dll
23:02:23.0435 5088  TapiSrv - ok
23:02:23.0482 5088  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\windows\System32\tbssvc.dll
23:02:23.0622 5088  TBS - ok
23:02:23.0731 5088  [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
23:02:23.0887 5088  Tcpip - ok
23:02:23.0950 5088  [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
23:02:24.0012 5088  TCPIP6 - ok
23:02:24.0059 5088  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
23:02:24.0090 5088  tcpipreg - ok
23:02:24.0121 5088  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
23:02:24.0215 5088  TDPIPE - ok
23:02:24.0246 5088  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
23:02:24.0293 5088  TDTCP - ok
23:02:24.0355 5088  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
23:02:24.0511 5088  tdx - ok
23:02:24.0574 5088  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\windows\system32\drivers\termdd.sys
23:02:24.0621 5088  TermDD - ok
23:02:24.0699 5088  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\windows\System32\termsrv.dll
23:02:24.0886 5088  TermService - ok
23:02:24.0964 5088  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\windows\system32\themeservice.dll
23:02:25.0011 5088  Themes - ok
23:02:25.0057 5088  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\windows\system32\mmcss.dll
23:02:25.0120 5088  THREADORDER - ok
23:02:25.0198 5088  [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM             C:\windows\system32\drivers\tpm.sys
23:02:25.0229 5088  TPM - ok
23:02:25.0245 5088  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\windows\System32\trkwks.dll
23:02:25.0479 5088  TrkWks - ok
23:02:25.0666 5088  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
23:02:25.0947 5088  TrustedInstaller - ok
23:02:26.0025 5088  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
23:02:26.0165 5088  tssecsrv - ok
23:02:26.0212 5088  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
23:02:26.0352 5088  TsUsbFlt - ok
23:02:26.0680 5088  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
23:02:27.0226 5088  tunnel - ok
23:02:27.0273 5088  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\windows\system32\DRIVERS\uagp35.sys
23:02:27.0335 5088  uagp35 - ok
23:02:27.0397 5088  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
23:02:27.0507 5088  udfs - ok
23:02:27.0678 5088  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\windows\system32\UI0Detect.exe
23:02:28.0333 5088  UI0Detect - ok
23:02:28.0396 5088  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
23:02:28.0458 5088  uliagpkx - ok
23:02:28.0614 5088  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\windows\system32\DRIVERS\umbus.sys
23:02:28.0661 5088  umbus - ok
23:02:28.0723 5088  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
23:02:28.0801 5088  UmPass - ok
23:02:28.0864 5088  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\windows\System32\upnphost.dll
23:02:29.0035 5088  upnphost - ok
23:02:29.0098 5088  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
23:02:29.0191 5088  usbccgp - ok
23:02:29.0238 5088  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\windows\system32\drivers\usbcir.sys
23:02:29.0285 5088  usbcir - ok
23:02:29.0316 5088  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\windows\system32\DRIVERS\usbehci.sys
23:02:29.0379 5088  usbehci - ok
23:02:29.0457 5088  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
23:02:29.0535 5088  usbhub - ok
23:02:29.0581 5088  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\windows\system32\DRIVERS\usbohci.sys
23:02:30.0205 5088  usbohci - ok
23:02:30.0268 5088  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
23:02:30.0408 5088  usbprint - ok
23:02:30.0439 5088  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
23:02:30.0611 5088  USBSTOR - ok
23:02:30.0642 5088  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
23:02:30.0720 5088  usbuhci - ok
23:02:30.0783 5088  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
23:02:30.0876 5088  usbvideo - ok
23:02:30.0923 5088  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\windows\System32\uxsms.dll
23:02:35.0962 5088  UxSms - ok
23:02:35.0993 5088  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\windows\system32\lsass.exe
23:02:36.0024 5088  VaultSvc - ok
23:02:36.0071 5088  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
23:02:36.0087 5088  vdrvroot - ok
23:02:36.0165 5088  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\windows\System32\vds.exe
23:02:36.0258 5088  vds - ok
23:02:36.0289 5088  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
23:02:36.0321 5088  vga - ok
23:02:36.0352 5088  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\windows\System32\drivers\vga.sys
23:02:36.0430 5088  VgaSave - ok
23:02:36.0477 5088  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
23:02:36.0508 5088  vhdmp - ok
23:02:36.0539 5088  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\windows\system32\drivers\viaide.sys
23:02:36.0570 5088  viaide - ok
23:02:36.0586 5088  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\windows\system32\drivers\volmgr.sys
23:02:36.0617 5088  volmgr - ok
23:02:36.0664 5088  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
23:02:36.0695 5088  volmgrx - ok
23:02:36.0742 5088  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\windows\system32\drivers\volsnap.sys
23:02:36.0773 5088  volsnap - ok
23:02:36.0789 5088  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\windows\system32\DRIVERS\vsmraid.sys
23:02:36.0820 5088  vsmraid - ok
23:02:36.0898 5088  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\windows\system32\vssvc.exe
23:02:37.0038 5088  VSS - ok
23:02:37.0069 5088  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
23:02:37.0179 5088  vwifibus - ok
23:02:37.0241 5088  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
23:02:37.0335 5088  vwififlt - ok
23:02:37.0381 5088  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\windows\system32\w32time.dll
23:02:37.0553 5088  W32Time - ok
23:02:37.0615 5088  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\windows\system32\DRIVERS\wacompen.sys
23:02:37.0693 5088  WacomPen - ok
23:02:37.0740 5088  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
23:02:37.0818 5088  WANARP - ok
23:02:37.0834 5088  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
23:02:37.0896 5088  Wanarpv6 - ok
23:02:37.0959 5088  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\windows\system32\wbengine.exe
23:02:38.0099 5088  wbengine - ok
23:02:38.0130 5088  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
23:02:38.0255 5088  WbioSrvc - ok
23:02:38.0302 5088  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\windows\System32\wcncsvc.dll
23:02:38.0863 5088  wcncsvc - ok
23:02:38.0910 5088  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
23:02:39.0019 5088  WcsPlugInService - ok
23:02:39.0066 5088  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\windows\system32\DRIVERS\wd.sys
23:02:39.0082 5088  Wd - ok
23:02:39.0144 5088  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
23:02:39.0253 5088  Wdf01000 - ok
23:02:39.0285 5088  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\windows\system32\wdi.dll
23:02:39.0441 5088  WdiServiceHost - ok
23:02:39.0472 5088  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\windows\system32\wdi.dll
23:02:39.0550 5088  WdiSystemHost - ok
23:02:39.0628 5088  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\windows\System32\webclnt.dll
23:02:39.0753 5088  WebClient - ok
23:02:39.0799 5088  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\windows\system32\wecsvc.dll
23:02:39.0971 5088  Wecsvc - ok
23:02:40.0018 5088  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\windows\System32\wercplsupport.dll
23:02:40.0174 5088  wercplsupport - ok
23:02:40.0236 5088  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\windows\System32\WerSvc.dll
23:02:40.0392 5088  WerSvc - ok
23:02:40.0439 5088  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
23:02:40.0564 5088  WfpLwf - ok
23:02:40.0611 5088  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\windows\system32\drivers\wimmount.sys
23:02:40.0658 5088  WIMMount - ok
23:02:40.0704 5088  WinDefend - ok
23:02:40.0736 5088  WinHttpAutoProxySvc - ok
23:02:40.0782 5088  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
23:02:40.0907 5088  Winmgmt - ok
23:02:40.0970 5088  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\windows\system32\WsmSvc.dll
23:02:41.0094 5088  WinRM - ok
23:02:41.0172 5088  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
23:02:41.0204 5088  WinUsb - ok
23:02:41.0250 5088  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\windows\System32\wlansvc.dll
23:02:41.0344 5088  Wlansvc - ok
23:02:41.0406 5088  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
23:02:41.0422 5088  wlcrasvc - ok
23:02:41.0594 5088  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:02:41.0781 5088  wlidsvc - ok
23:02:41.0843 5088  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
23:02:41.0906 5088  WmiAcpi - ok
23:02:41.0968 5088  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
23:02:42.0077 5088  wmiApSrv - ok
23:02:42.0124 5088  WMPNetworkSvc - ok
23:02:42.0171 5088  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\windows\System32\wpcsvc.dll
23:02:42.0327 5088  WPCSvc - ok
23:02:42.0389 5088  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
23:02:42.0498 5088  WPDBusEnum - ok
23:02:42.0545 5088  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
23:02:42.0686 5088  ws2ifsl - ok
23:02:42.0732 5088  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\windows\system32\wscsvc.dll
23:02:42.0826 5088  wscsvc - ok
23:02:42.0857 5088  WSearch - ok
23:02:42.0966 5088  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\windows\system32\wuaueng.dll
23:02:43.0076 5088  wuauserv - ok
23:02:43.0122 5088  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
23:02:43.0200 5088  WudfPf - ok
23:02:43.0247 5088  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
23:02:43.0294 5088  WUDFRd - ok
23:02:43.0325 5088  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
23:02:43.0466 5088  wudfsvc - ok
23:02:43.0512 5088  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\windows\System32\wwansvc.dll
23:02:43.0606 5088  WwanSvc - ok
23:02:43.0668 5088  ================ Scan global ===============================
23:02:43.0715 5088  [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
23:02:43.0778 5088  [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\windows\system32\winsrv.dll
23:02:43.0809 5088  [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\windows\system32\winsrv.dll
23:02:43.0856 5088  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
23:02:43.0902 5088  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
23:02:43.0918 5088  [Global] - ok
23:02:43.0934 5088  ================ Scan MBR ==================================
23:02:43.0934 5088  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:02:44.0277 5088  \Device\Harddisk0\DR0 - ok
23:02:44.0292 5088  ================ Scan VBR ==================================
23:02:44.0292 5088  [ 557F5EC52BD17C94673BF37203277CBF ] \Device\Harddisk0\DR0\Partition1
23:02:44.0308 5088  \Device\Harddisk0\DR0\Partition1 - ok
23:02:44.0339 5088  [ E384C685613EB5760B240DA4B6FD4DB3 ] \Device\Harddisk0\DR0\Partition2
23:02:44.0355 5088  \Device\Harddisk0\DR0\Partition2 - ok
23:02:44.0386 5088  [ 7C941D31ECF9E2E64D1CC8D3E48C859A ] \Device\Harddisk0\DR0\Partition3
23:02:44.0402 5088  \Device\Harddisk0\DR0\Partition3 - ok
23:02:44.0417 5088  [ 048A1EEDDE24BDBAECB59E2D7AF3783C ] \Device\Harddisk0\DR0\Partition4
23:02:44.0417 5088  \Device\Harddisk0\DR0\Partition4 - ok
23:02:44.0433 5088  ============================================================
23:02:44.0433 5088  Scan finished
23:02:44.0433 5088  ============================================================
23:02:44.0464 0756  Detected object count: 3
23:02:44.0464 0756  Actual detected object count: 3
23:03:15.0586 0756  acedrv06 ( UnsignedFile.Multi.Generic ) - skipped by user
23:03:15.0586 0756  acedrv06 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:03:15.0602 0756  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
23:03:15.0602 0756  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:03:15.0602 0756  SearchAnonymizer ( UnsignedFile.Multi.Generic ) - skipped by user
23:03:15.0602 0756  SearchAnonymizer ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 05.01.2013, 00:13   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Virusverdacht (Computer auf einmal extrem langsam) - Standard

Virusverdacht (Computer auf einmal extrem langsam)



Alles ziemlich unauffällig

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 05.01.2013, 00:18   #11
mossi
 
Virusverdacht (Computer auf einmal extrem langsam) - Standard

Virusverdacht (Computer auf einmal extrem langsam)



Code:
ATTFilter
# AdwCleaner v2.104 - Datei am 05/01/2013 um 00:17:17 erstellt
# Aktualisiert am 29/12/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : mossi - MOSSI-HP
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\mossi\Downloads\adwcleaner(2).exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gefunden : C:\Program Files (x86)\adawaretb

***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v17.0.1 (de)

Datei : C:\Users\mossi\AppData\Roaming\Mozilla\Firefox\Profiles\vpihpbsd.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v23.0.1271.97

Datei : C:\Users\mossi\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gefunden [l.38] : icon_url = "hxxp://www.babylon.com/favicon.ico",
Gefunden [l.41] : keyword = "babylon.com",
Gefunden [l.44] : search_url = "hxxp://search.babylon.com/?q={searchTerms}&affID=109868&babsrc=SP_ss&mntrId=a8baa772000000000000e02a823a5521",

*************************

AdwCleaner[R1].txt - [1157 octets] - [05/01/2013 00:17:17]
AdwCleaner[S1].txt - [18384 octets] - [10/12/2012 19:17:53]
AdwCleaner[S2].txt - [1894 octets] - [01/01/2013 02:48:41]

########## EOF - C:\AdwCleaner[R1].txt - [1338 octets] ##########
         

Alt 05.01.2013, 00:19   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Virusverdacht (Computer auf einmal extrem langsam) - Standard

Virusverdacht (Computer auf einmal extrem langsam)



adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 05.01.2013, 00:21   #13
mossi
 
Virusverdacht (Computer auf einmal extrem langsam) - Standard

Virusverdacht (Computer auf einmal extrem langsam)



Code:
ATTFilter
# AdwCleaner v2.104 - Datei am 05/01/2013 um 00:17:17 erstellt
# Aktualisiert am 29/12/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : mossi - MOSSI-HP
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\mossi\Downloads\adwcleaner(2).exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gefunden : C:\Program Files (x86)\adawaretb

***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v17.0.1 (de)

Datei : C:\Users\mossi\AppData\Roaming\Mozilla\Firefox\Profiles\vpihpbsd.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v23.0.1271.97

Datei : C:\Users\mossi\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gefunden [l.38] : icon_url = "hxxp://www.babylon.com/favicon.ico",
Gefunden [l.41] : keyword = "babylon.com",
Gefunden [l.44] : search_url = "hxxp://search.babylon.com/?q={searchTerms}&affID=109868&babsrc=SP_ss&mntrId=a8baa772000000000000e02a823a5521",

*************************

AdwCleaner[R1].txt - [1157 octets] - [05/01/2013 00:17:17]
AdwCleaner[S1].txt - [18384 octets] - [10/12/2012 19:17:53]
AdwCleaner[S2].txt - [1894 octets] - [01/01/2013 02:48:41]

########## EOF - C:\AdwCleaner[R1].txt - [1338 octets] ##########
         

Alt 05.01.2013, 15:19   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Virusverdacht (Computer auf einmal extrem langsam) - Standard

Virusverdacht (Computer auf einmal extrem langsam)



Code:
ATTFilter
# Option [Suche]
         
Du solltest doch auf löschen und nicht nochmal auf suchen klicken
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 05.01.2013, 16:16   #15
mossi
 
Virusverdacht (Computer auf einmal extrem langsam) - Standard

Virusverdacht (Computer auf einmal extrem langsam)



Code:
ATTFilter
# AdwCleaner v2.104 - Datei am 05/01/2013 um 15:23:01 erstellt
# Aktualisiert am 29/12/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : mossi - MOSSI-HP
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\mossi\Downloads\adwcleaner(2).exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v17.0.1 (de)

Datei : C:\Users\mossi\AppData\Roaming\Mozilla\Firefox\Profiles\vpihpbsd.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v23.0.1271.97

Datei : C:\Users\mossi\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gelöscht [l.38] : icon_url = "hxxp://www.babylon.com/favicon.ico",
Gelöscht [l.41] : keyword = "babylon.com",
Gelöscht [l.44] : search_url = "hxxp://search.babylon.com/?q={searchTerms}&affID=109868&babsrc=SP_ss&mntrId=a8b[...]

*************************

AdwCleaner[R1].txt - [1407 octets] - [05/01/2013 00:17:17]
AdwCleaner[S1].txt - [18384 octets] - [10/12/2012 19:17:53]
AdwCleaner[S2].txt - [1894 octets] - [01/01/2013 02:48:41]
AdwCleaner[S3].txt - [1102 octets] - [05/01/2013 00:24:02]
AdwCleaner[S4].txt - [1322 octets] - [05/01/2013 15:23:01]

########## EOF - C:\AdwCleaner[S4].txt - [1382 octets] ##########
         
Sorry, ich hatte gerade die Seite aktualisiert um zu sehen ob du schon geantwortet hast.
Da dachte ich, dass meine Antwort ( Der Suchlauf) nicht gespeichert wurde. Desalb habe ich es nochmal gepostet. SORRY.

Antwort

Themen zu Virusverdacht (Computer auf einmal extrem langsam)
abnormal, anwendung, computer, escan, extrem, gefangen, geschlossen, immerwieder, informationen, interne, internet, konnte, lange, langsam, langsamer browserstart, langsamer laptop, langsames internet, langsames system, laptop, malwarebytes, meldung, schonmal, starte, troja, virusverdacht, wireless, worte, ziehen, zugreifen



Ähnliche Themen: Virusverdacht (Computer auf einmal extrem langsam)


  1. Windows 7: PC startet auf einmal extrem langsam
    Log-Analyse und Auswertung - 16.08.2014 (14)
  2. PC auf einmal extrem langsam
    Log-Analyse und Auswertung - 27.12.2013 (17)
  3. Virusverdacht: Computer schlagartig langsam, heute kein Passwort eingeben
    Plagegeister aller Art und deren Bekämpfung - 13.11.2013 (11)
  4. i havenet.com und Computer extrem langsam, Windows XP
    Plagegeister aller Art und deren Bekämpfung - 10.10.2013 (13)
  5. PC auf einmal extrem langsam beim Laden von Programmen
    Log-Analyse und Auswertung - 08.10.2013 (5)
  6. Computer EXTREM langsam
    Plagegeister aller Art und deren Bekämpfung - 18.05.2013 (2)
  7. Computer ist plötzlich extrem langsam
    Log-Analyse und Auswertung - 07.04.2013 (36)
  8. XP alle Browser auf einmal extrem langsam
    Alles rund um Windows - 05.11.2012 (5)
  9. PC auf einmal extrem langsam geworden
    Plagegeister aller Art und deren Bekämpfung - 17.05.2012 (1)
  10. Computer auf einmal extrem langsam, windows neuinstallation nicht möglich (vermutlich virus)
    Log-Analyse und Auswertung - 25.04.2011 (1)
  11. Computer extrem langsam, CPU hoch
    Log-Analyse und Auswertung - 16.10.2009 (1)
  12. Computer extrem langsam bitte um Logfileauswertung
    Log-Analyse und Auswertung - 17.05.2008 (13)
  13. Internet Verbindung auf einmal extrem langsam!!
    Log-Analyse und Auswertung - 01.10.2007 (8)
  14. computer extrem langsam und sound stockt.
    Log-Analyse und Auswertung - 27.08.2007 (4)
  15. Beide Computer langsam - einer nach 3 Minuten sogar extrem langsam
    Log-Analyse und Auswertung - 09.06.2006 (7)
  16. Computer ist extrem langsam
    Log-Analyse und Auswertung - 11.03.2006 (2)
  17. Computer extrem langsam
    Log-Analyse und Auswertung - 15.07.2005 (1)

Zum Thema Virusverdacht (Computer auf einmal extrem langsam) - Liebes Trojaner-Board-Team, Wenn ich meinen Computer starte kommt nach einer Weile eine Meldung, dass ich nicht auf die HP Wireless Infromationen zugreifen kann( genau: Wireless Informationen nicht verfügbar. Die Anwendung - Virusverdacht (Computer auf einmal extrem langsam)...
Archiv
Du betrachtest: Virusverdacht (Computer auf einmal extrem langsam) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.