Boo/TDss.D

lacrima25 · 25.10.2011, 20:21

Hallo Forum,

ich dreh hier bald durch

der Boo/TDss.D hat sich im Mastebootsektor HD0 eingenistet. Ich hatte die Anleitung befolgt und wollte den Report des Malewarebytes Anti-Maleware Scans hier posten. Aber der Virus ist so ein kleiner Depp, der startet den PC immer an der gleichen Stelle neu und ich komm nie bis zum Report. Kann mir bitte irgendjemand helfen? Ich bin so ratlos wie noch nie. Ich habe vor kurzem eine Firma gegründet und alle Daten sind auf dem Laptop und ich hab Angst dass ich das nicht mehr repariert bekomme.

Swisstreasure · 25.10.2011, 20:48

Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst.
Bitte kein Crossposting ( posten in mehreren Foren).
Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf. Erschwert mir nämlich das auswerten.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Vista und Win7 User
Alle Tools mit Rechtsklick "als Administrator ausführen" starten.

Schritt 1

Welches Betriebssytem hast Du?

Schritt 2

Dowloade Dir bitte TDSS Killer.exe und speichere die Datei am Desktop.

Schließe alle laufenden Programme.
Trenne dich von Internet.
Deaktiviere deine AntiViren Software.
Starte TDSSkiller.exe mit Doppelklick.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Drücke auf Start scan.
Mache während dem Scan nichts am Rechner
1. Sollte das Tool keine Funde aufweisen, klicke Close um es zu schließen.
2. Wurde etwas gefunden werden die Funde in Scan results - Select action for found objects angezeigt und geben 3 Auswahlmöglichkeiten.
  Gehe sicher das Cure ( default ) angehackt ist ! Drücke Continue --> Reboot.
Die Logfile ist nach dem Neustart auf deinem Systemlaufwerk ( meist C: ) unter TDSSKiller_version_date_time_log.txt zu finden.
Bitte poste mir den Inhalt hier in deinen Thread.

Bebilderte Anleitung zur Benutzung von TDSSKiller.

Schritt 3

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt in die Textbox.

Code:

ATTFilter

activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
explorer.exe
regedit.exe
winlogon.exe
wininit.exe
userinit.exe
/md5stop
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

Schritt 4

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe
Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
Klicke auf Scan
Warte bitte bis Scan finished successfully im DOS Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

lacrima25 · 25.10.2011, 20:50

Anbei mein Logfile. Bitte bitte helft mir, ich dreh hier bald durch

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 8018

Windows 6.1.7600
Internet Explorer 9.0.8112.16421

25.10.2011 20:41:19
mbam-log-2011-10-25 (20-41-19).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 197899
Laufzeit: 15 Minute(n), 59 Sekunde(n)

Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 3
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
c:\programdata\6dss92c31apgjk.exe (Rogue.FakeHDD) -> 5756 -> Unloaded process successfully.

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\programdata\6dss92c31apgjk.exe (Rogue.FakeHDD) -> Quarantined and deleted successfully.

Swisstreasure · 25.10.2011, 22:25

Ich habe Dir doch alles schön gepostet:
http://www.trojaner-board.de/104493-...tml#post713240

lacrima25 · 25.10.2011, 22:33

Danke für die schnell Antwort. Hatte mich hier noch nicht so zurecht gefunden, deshalb der Doppelpost, entschuldigung.

Ich mach mcih jetzt mal an die Schritte.

lacrima25 · 25.10.2011, 22:39

Schritt 1:

Windows 7

Schritt 2:

keine Funde - Report:

23:37:29.0368 2320 TDSS rootkit removing tool 2.6.13.0 Oct 25 2011 13:56:21
23:37:29.0380 2320 ============================================================
23:37:29.0380 2320 Current date / time: 2011/10/25 23:37:29.0380
23:37:29.0380 2320 SystemInfo:
23:37:29.0380 2320
23:37:29.0380 2320 OS Version: 6.1.7600 ServicePack: 0.0
23:37:29.0380 2320 Product type: Workstation
23:37:29.0381 2320 ComputerName: SONY-VAIO
23:37:29.0381 2320 UserName: Administrator
23:37:29.0381 2320 Windows directory: C:\Windows
23:37:29.0381 2320 System windows directory: C:\Windows
23:37:29.0381 2320 Running under WOW64
23:37:29.0381 2320 Processor architecture: Intel x64
23:37:29.0381 2320 Number of processors: 4
23:37:29.0381 2320 Page size: 0x1000
23:37:29.0381 2320 Boot type: Normal boot
23:37:29.0381 2320 ============================================================
23:37:29.0741 2320 Initialize success
23:37:31.0088 3968 ============================================================
23:37:31.0088 3968 Scan started
23:37:31.0088 3968 Mode: Manual;
23:37:31.0088 3968 ============================================================
23:37:31.0555 3968 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys
23:37:31.0556 3968 1394ohci - ok
23:37:31.0610 3968 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys
23:37:31.0612 3968 ACPI - ok
23:37:31.0712 3968 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys
23:37:31.0712 3968 AcpiPmi - ok
23:37:31.0778 3968 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
23:37:31.0780 3968 adp94xx - ok
23:37:31.0904 3968 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
23:37:31.0907 3968 adpahci - ok
23:37:31.0968 3968 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
23:37:31.0969 3968 adpu320 - ok
23:37:32.0096 3968 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
23:37:32.0099 3968 AFD - ok
23:37:32.0204 3968 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
23:37:32.0205 3968 agp440 - ok
23:37:32.0349 3968 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
23:37:32.0349 3968 aliide - ok
23:37:32.0480 3968 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
23:37:32.0481 3968 amdide - ok
23:37:32.0533 3968 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
23:37:32.0534 3968 AmdK8 - ok
23:37:32.0631 3968 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
23:37:32.0632 3968 AmdPPM - ok
23:37:32.0697 3968 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
23:37:32.0697 3968 amdsata - ok
23:37:32.0798 3968 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
23:37:32.0799 3968 amdsbs - ok
23:37:32.0866 3968 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
23:37:32.0867 3968 amdxata - ok
23:37:33.0004 3968 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\Windows\system32\drivers\Apfiltr.sys
23:37:33.0006 3968 ApfiltrService - ok
23:37:33.0044 3968 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
23:37:33.0045 3968 AppID - ok
23:37:33.0151 3968 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
23:37:33.0152 3968 arc - ok
23:37:33.0181 3968 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
23:37:33.0182 3968 arcsas - ok
23:37:33.0242 3968 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
23:37:33.0243 3968 ArcSoftKsUFilter - ok
23:37:33.0309 3968 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
23:37:33.0310 3968 AsyncMac - ok
23:37:33.0395 3968 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
23:37:33.0395 3968 atapi - ok
23:37:33.0503 3968 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
23:37:33.0512 3968 athr - ok
23:37:33.0736 3968 atikmdag (f3a362b683b6158cc47d7e8e58b7ddc9) C:\Windows\system32\DRIVERS\atikmdag.sys
23:37:33.0768 3968 atikmdag - ok
23:37:33.0896 3968 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
23:37:33.0897 3968 avgntflt - ok
23:37:33.0926 3968 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
23:37:33.0928 3968 avipbb - ok
23:37:34.0064 3968 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
23:37:34.0070 3968 b06bdrv - ok
23:37:34.0189 3968 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
23:37:34.0192 3968 b57nd60a - ok
23:37:34.0329 3968 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
23:37:34.0329 3968 Beep - ok
23:37:34.0446 3968 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
23:37:34.0447 3968 blbdrive - ok
23:37:34.0506 3968 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
23:37:34.0507 3968 bowser - ok
23:37:34.0593 3968 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
23:37:34.0594 3968 BrFiltLo - ok
23:37:34.0655 3968 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
23:37:34.0656 3968 BrFiltUp - ok
23:37:34.0723 3968 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
23:37:34.0727 3968 Brserid - ok
23:37:34.0793 3968 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
23:37:34.0794 3968 BrSerWdm - ok
23:37:34.0870 3968 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:37:34.0871 3968 BrUsbMdm - ok
23:37:34.0927 3968 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
23:37:34.0927 3968 BrUsbSer - ok
23:37:35.0031 3968 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
23:37:35.0032 3968 BthEnum - ok
23:37:35.0096 3968 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
23:37:35.0097 3968 BTHMODEM - ok
23:37:35.0186 3968 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
23:37:35.0187 3968 BthPan - ok
23:37:35.0284 3968 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
23:37:35.0291 3968 BTHPORT - ok
23:37:35.0426 3968 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
23:37:35.0427 3968 BTHUSB - ok
23:37:35.0480 3968 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
23:37:35.0481 3968 btusbflt - ok
23:37:35.0600 3968 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys
23:37:35.0602 3968 btwaudio - ok
23:37:35.0662 3968 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys
23:37:35.0664 3968 btwavdt - ok
23:37:35.0805 3968 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
23:37:35.0805 3968 btwl2cap - ok
23:37:35.0864 3968 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys
23:37:35.0865 3968 btwrchid - ok
23:37:35.0980 3968 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
23:37:35.0982 3968 cdfs - ok
23:37:36.0105 3968 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
23:37:36.0107 3968 cdrom - ok
23:37:36.0229 3968 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
23:37:36.0229 3968 circlass - ok
23:37:36.0267 3968 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
23:37:36.0271 3968 CLFS - ok
23:37:36.0414 3968 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
23:37:36.0415 3968 CmBatt - ok
23:37:36.0445 3968 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
23:37:36.0446 3968 cmdide - ok
23:37:36.0478 3968 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
23:37:36.0482 3968 CNG - ok
23:37:36.0590 3968 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
23:37:36.0591 3968 Compbatt - ok
23:37:36.0631 3968 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys
23:37:36.0632 3968 CompositeBus - ok
23:37:36.0750 3968 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
23:37:36.0750 3968 crcdisk - ok
23:37:36.0931 3968 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
23:37:36.0932 3968 DfsC - ok
23:37:36.0972 3968 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
23:37:36.0973 3968 discache - ok
23:37:37.0089 3968 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
23:37:37.0090 3968 Disk - ok
23:37:37.0225 3968 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
23:37:37.0225 3968 drmkaud - ok
23:37:37.0307 3968 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
23:37:37.0315 3968 DXGKrnl - ok
23:37:37.0496 3968 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
23:37:37.0514 3968 ebdrv - ok
23:37:37.0658 3968 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
23:37:37.0663 3968 elxstor - ok
23:37:37.0751 3968 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
23:37:37.0752 3968 ErrDev - ok
23:37:37.0805 3968 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
23:37:37.0807 3968 exfat - ok
23:37:37.0898 3968 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
23:37:37.0900 3968 fastfat - ok
23:37:38.0033 3968 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
23:37:38.0034 3968 fdc - ok
23:37:38.0063 3968 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
23:37:38.0064 3968 FileInfo - ok
23:37:38.0091 3968 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
23:37:38.0092 3968 Filetrace - ok
23:37:38.0200 3968 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
23:37:38.0201 3968 flpydisk - ok
23:37:38.0239 3968 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
23:37:38.0242 3968 FltMgr - ok
23:37:38.0268 3968 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
23:37:38.0268 3968 FsDepends - ok
23:37:38.0373 3968 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
23:37:38.0374 3968 fssfltr - ok
23:37:38.0416 3968 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
23:37:38.0417 3968 Fs_Rec - ok
23:37:38.0551 3968 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
23:37:38.0553 3968 fvevol - ok
23:37:38.0592 3968 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
23:37:38.0593 3968 gagp30kx - ok
23:37:38.0711 3968 ggflt (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys
23:37:38.0712 3968 ggflt - ok
23:37:38.0751 3968 ggsemc (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys
23:37:38.0751 3968 ggsemc - ok
23:37:38.0886 3968 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
23:37:38.0887 3968 hcw85cir - ok
23:37:38.0929 3968 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
23:37:38.0932 3968 HdAudAddService - ok
23:37:39.0032 3968 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys
23:37:39.0034 3968 HDAudBus - ok
23:37:39.0083 3968 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
23:37:39.0084 3968 HECIx64 - ok
23:37:39.0180 3968 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
23:37:39.0180 3968 HidBatt - ok
23:37:39.0210 3968 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
23:37:39.0212 3968 HidBth - ok
23:37:39.0250 3968 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
23:37:39.0250 3968 HidIr - ok
23:37:39.0360 3968 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
23:37:39.0361 3968 HidUsb - ok
23:37:39.0437 3968 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys
23:37:39.0438 3968 HpSAMD - ok
23:37:39.0528 3968 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
23:37:39.0537 3968 HTTP - ok
23:37:39.0631 3968 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
23:37:39.0632 3968 hwpolicy - ok
23:37:39.0678 3968 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
23:37:39.0679 3968 i8042prt - ok
23:37:39.0784 3968 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys
23:37:39.0789 3968 iaStor - ok
23:37:39.0910 3968 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
23:37:39.0915 3968 iaStorV - ok
23:37:40.0230 3968 igfx (31d1aff484d8a0906cf8d44251ec390f) C:\Windows\system32\DRIVERS\igdkmd64.sys
23:37:40.0270 3968 igfx - ok
23:37:40.0379 3968 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
23:37:40.0379 3968 iirsp - ok
23:37:40.0526 3968 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\drivers\Impcd.sys
23:37:40.0528 3968 Impcd - ok
23:37:40.0713 3968 IntcAzAudAddService (0f144e5f46cb9043004b5e84aa4bca6a) C:\Windows\system32\drivers\RTKVHD64.sys
23:37:40.0729 3968 IntcAzAudAddService - ok
23:37:40.0869 3968 IntcDAud (408b401cd7cdb075c7470b0ff7ba8d0b) C:\Windows\system32\DRIVERS\IntcDAud.sys
23:37:40.0872 3968 IntcDAud - ok
23:37:40.0899 3968 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
23:37:40.0900 3968 intelide - ok
23:37:41.0008 3968 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
23:37:41.0009 3968 intelppm - ok
23:37:41.0048 3968 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:37:41.0049 3968 IpFilterDriver - ok
23:37:41.0155 3968 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys
23:37:41.0156 3968 IPMIDRV - ok
23:37:41.0197 3968 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
23:37:41.0199 3968 IPNAT - ok
23:37:41.0303 3968 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
23:37:41.0304 3968 IRENUM - ok
23:37:41.0347 3968 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
23:37:41.0348 3968 isapnp - ok
23:37:41.0457 3968 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys
23:37:41.0460 3968 iScsiPrt - ok
23:37:41.0507 3968 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
23:37:41.0508 3968 kbdclass - ok
23:37:41.0626 3968 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\drivers\kbdhid.sys
23:37:41.0627 3968 kbdhid - ok
23:37:41.0708 3968 ksaud (0bc501f8889c59e332ba5b3765ceeb30) C:\Windows\system32\drivers\ksaud.sys
23:37:41.0717 3968 ksaud - ok
23:37:41.0794 3968 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
23:37:41.0795 3968 KSecDD - ok
23:37:41.0854 3968 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
23:37:41.0856 3968 KSecPkg - ok
23:37:41.0941 3968 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
23:37:41.0942 3968 ksthunk - ok
23:37:42.0078 3968 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
23:37:42.0079 3968 lltdio - ok
23:37:42.0164 3968 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
23:37:42.0166 3968 LSI_FC - ok
23:37:42.0278 3968 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
23:37:42.0279 3968 LSI_SAS - ok
23:37:42.0322 3968 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
23:37:42.0323 3968 LSI_SAS2 - ok
23:37:42.0417 3968 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
23:37:42.0419 3968 LSI_SCSI - ok
23:37:42.0453 3968 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
23:37:42.0455 3968 luafv - ok
23:37:42.0565 3968 MBAMProtector - ok
23:37:42.0613 3968 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
23:37:42.0614 3968 megasas - ok
23:37:42.0654 3968 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
23:37:42.0657 3968 MegaSR - ok
23:37:42.0761 3968 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
23:37:42.0762 3968 Modem - ok
23:37:42.0795 3968 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
23:37:42.0796 3968 monitor - ok
23:37:42.0908 3968 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
23:37:42.0909 3968 mouclass - ok
23:37:42.0944 3968 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
23:37:42.0944 3968 mouhid - ok
23:37:42.0970 3968 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
23:37:42.0971 3968 mountmgr - ok
23:37:43.0067 3968 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys
23:37:43.0069 3968 mpio - ok
23:37:43.0104 3968 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
23:37:43.0105 3968 mpsdrv - ok
23:37:43.0138 3968 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
23:37:43.0139 3968 MRxDAV - ok
23:37:43.0253 3968 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:37:43.0255 3968 mrxsmb - ok
23:37:43.0308 3968 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:37:43.0312 3968 mrxsmb10 - ok
23:37:43.0424 3968 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:37:43.0426 3968 mrxsmb20 - ok
23:37:43.0461 3968 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys
23:37:43.0462 3968 msahci - ok
23:37:43.0500 3968 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys
23:37:43.0502 3968 msdsm - ok
23:37:43.0589 3968 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
23:37:43.0590 3968 Msfs - ok
23:37:43.0634 3968 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
23:37:43.0635 3968 mshidkmdf - ok
23:37:43.0655 3968 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
23:37:43.0656 3968 msisadrv - ok
23:37:43.0738 3968 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
23:37:43.0738 3968 MSKSSRV - ok
23:37:43.0765 3968 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
23:37:43.0766 3968 MSPCLOCK - ok
23:37:43.0795 3968 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
23:37:43.0795 3968 MSPQM - ok
23:37:43.0833 3968 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
23:37:43.0836 3968 MsRPC - ok
23:37:43.0915 3968 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
23:37:43.0916 3968 mssmbios - ok
23:37:43.0969 3968 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
23:37:43.0970 3968 MSTEE - ok
23:37:44.0048 3968 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
23:37:44.0048 3968 MTConfig - ok
23:37:44.0092 3968 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
23:37:44.0093 3968 Mup - ok
23:37:44.0177 3968 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
23:37:44.0181 3968 NativeWifiP - ok
23:37:44.0259 3968 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
23:37:44.0268 3968 NDIS - ok
23:37:44.0378 3968 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
23:37:44.0378 3968 NdisCap - ok
23:37:44.0411 3968 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
23:37:44.0412 3968 NdisTapi - ok
23:37:44.0482 3968 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
23:37:44.0483 3968 Ndisuio - ok
23:37:44.0532 3968 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
23:37:44.0534 3968 NdisWan - ok
23:37:44.0555 3968 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
23:37:44.0556 3968 NDProxy - ok
23:37:44.0592 3968 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
23:37:44.0593 3968 NetBIOS - ok
23:37:44.0694 3968 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
23:37:44.0698 3968 NetBT - ok
23:37:44.0744 3968 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
23:37:44.0745 3968 nfrd960 - ok
23:37:44.0863 3968 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
23:37:44.0864 3968 Npfs - ok
23:37:44.0884 3968 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
23:37:44.0885 3968 nsiproxy - ok
23:37:44.0969 3968 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
23:37:44.0982 3968 Ntfs - ok
23:37:45.0067 3968 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
23:37:45.0068 3968 Null - ok
23:37:45.0127 3968 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
23:37:45.0129 3968 nvraid - ok
23:37:45.0237 3968 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
23:37:45.0239 3968 nvstor - ok
23:37:45.0291 3968 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
23:37:45.0293 3968 nv_agp - ok
23:37:45.0388 3968 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
23:37:45.0389 3968 ohci1394 - ok
23:37:45.0563 3968 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
23:37:45.0565 3968 Parport - ok
23:37:45.0594 3968 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
23:37:45.0595 3968 partmgr - ok
23:37:45.0633 3968 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys
23:37:45.0635 3968 pci - ok
23:37:45.0738 3968 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
23:37:45.0738 3968 pciide - ok
23:37:45.0774 3968 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
23:37:45.0776 3968 pcmcia - ok
23:37:45.0870 3968 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
23:37:45.0871 3968 pcw - ok
23:37:45.0924 3968 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
23:37:45.0930 3968 PEAUTH - ok
23:37:46.0066 3968 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
23:37:46.0068 3968 PptpMiniport - ok
23:37:46.0108 3968 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
23:37:46.0109 3968 Processor - ok
23:37:46.0231 3968 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
23:37:46.0233 3968 Psched - ok
23:37:46.0273 3968 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
23:37:46.0275 3968 PxHlpa64 - ok
23:37:46.0428 3968 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
23:37:46.0440 3968 ql2300 - ok
23:37:46.0558 3968 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
23:37:46.0559 3968 ql40xx - ok
23:37:46.0590 3968 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
23:37:46.0591 3968 QWAVEdrv - ok
23:37:46.0690 3968 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
23:37:46.0691 3968 RasAcd - ok
23:37:46.0736 3968 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:37:46.0736 3968 RasAgileVpn - ok
23:37:46.0832 3968 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:37:46.0833 3968 Rasl2tp - ok
23:37:46.0873 3968 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
23:37:46.0874 3968 RasPppoe - ok
23:37:46.0960 3968 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
23:37:46.0961 3968 RasSstp - ok
23:37:46.0995 3968 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
23:37:46.0998 3968 rdbss - ok
23:37:47.0033 3968 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
23:37:47.0034 3968 rdpbus - ok
23:37:47.0124 3968 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:37:47.0125 3968 RDPCDD - ok
23:37:47.0159 3968 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
23:37:47.0160 3968 RDPENCDD - ok
23:37:47.0187 3968 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
23:37:47.0188 3968 RDPREFMP - ok
23:37:47.0219 3968 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
23:37:47.0221 3968 RDPWD - ok
23:37:47.0328 3968 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
23:37:47.0331 3968 rdyboost - ok
23:37:47.0373 3968 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
23:37:47.0375 3968 RFCOMM - ok
23:37:47.0407 3968 rimspci (5ca4abd888b602551b59baa26941c167) C:\Windows\system32\drivers\rimssne64.sys
23:37:47.0409 3968 rimspci - ok
23:37:47.0517 3968 risdsnpe (bb6e138aeb351728959da5e2731d8140) C:\Windows\system32\drivers\risdsne64.sys
23:37:47.0518 3968 risdsnpe - ok
23:37:47.0650 3968 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
23:37:47.0652 3968 rspndr - ok
23:37:47.0709 3968 RTHDMIAzAudService (4e821c740a675f6d040be41d59a62b1d) C:\Windows\system32\drivers\RtHDMIVX.sys
23:37:47.0711 3968 RTHDMIAzAudService - ok
23:37:47.0829 3968 s1029bus (68f717bc57b0fe12011eb9517c97f78d) C:\Windows\system32\DRIVERS\s1029bus.sys
23:37:47.0831 3968 s1029bus - ok
23:37:47.0869 3968 s1029mdfl (fcfafa529f4fa27b02fce1e52a84922e) C:\Windows\system32\DRIVERS\s1029mdfl.sys
23:37:47.0870 3968 s1029mdfl - ok
23:37:47.0972 3968 s1029mdm (35bd0866eb422ab2d7c8f0ddcc67bf7c) C:\Windows\system32\DRIVERS\s1029mdm.sys
23:37:47.0974 3968 s1029mdm - ok
23:37:48.0019 3968 s1029mgmt (e0fd4f4f42b76e910cc4295c97aa30ba) C:\Windows\system32\DRIVERS\s1029mgmt.sys
23:37:48.0020 3968 s1029mgmt - ok
23:37:48.0147 3968 s1029nd5 (90276f1d842eb96f82510e73fdb792ad) C:\Windows\system32\DRIVERS\s1029nd5.sys
23:37:48.0148 3968 s1029nd5 - ok
23:37:48.0185 3968 s1029obex (128ed45223fab846e8436a2f2baebb55) C:\Windows\system32\DRIVERS\s1029obex.sys
23:37:48.0187 3968 s1029obex - ok
23:37:48.0217 3968 s1029unic (400fc5591586a1dfecf7a0cfaa6b0d68) C:\Windows\system32\DRIVERS\s1029unic.sys
23:37:48.0218 3968 s1029unic - ok
23:37:48.0351 3968 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys
23:37:48.0353 3968 sbp2port - ok
23:37:48.0381 3968 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
23:37:48.0382 3968 scfilter - ok
23:37:48.0497 3968 sdbus (4e54822ed2350eb1f31f95f0fd674ef3) C:\Windows\system32\DRIVERS\sdbus.sys
23:37:48.0499 3968 sdbus - ok
23:37:48.0533 3968 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
23:37:48.0534 3968 secdrv - ok
23:37:48.0665 3968 seehcri (ede7a1d2715aac2190d51dc07afd44e3) C:\Windows\system32\DRIVERS\seehcri.sys
23:37:48.0666 3968 seehcri - ok
23:37:48.0725 3968 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
23:37:48.0726 3968 Serenum - ok
23:37:48.0827 3968 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
23:37:48.0829 3968 Serial - ok
23:37:48.0879 3968 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
23:37:48.0880 3968 sermouse - ok
23:37:49.0003 3968 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\drivers\SFEP.sys
23:37:49.0004 3968 SFEP - ok
23:37:49.0035 3968 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
23:37:49.0035 3968 sffdisk - ok
23:37:49.0139 3968 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
23:37:49.0140 3968 sffp_mmc - ok
23:37:49.0162 3968 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\drivers\sffp_sd.sys
23:37:49.0163 3968 sffp_sd - ok
23:37:49.0278 3968 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
23:37:49.0279 3968 sfloppy - ok
23:37:49.0325 3968 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
23:37:49.0333 3968 Sftfs - ok
23:37:49.0446 3968 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
23:37:49.0449 3968 Sftplay - ok
23:37:49.0480 3968 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
23:37:49.0481 3968 Sftredir - ok
23:37:49.0540 3968 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
23:37:49.0541 3968 Sftvol - ok
23:37:49.0631 3968 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
23:37:49.0632 3968 SiSRaid2 - ok
23:37:49.0700 3968 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
23:37:49.0701 3968 SiSRaid4 - ok
23:37:49.0776 3968 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
23:37:49.0777 3968 Smb - ok
23:37:49.0924 3968 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
23:37:49.0925 3968 spldr - ok
23:37:49.0992 3968 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
23:37:49.0998 3968 srv - ok
23:37:50.0127 3968 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
23:37:50.0131 3968 srv2 - ok
23:37:50.0185 3968 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
23:37:50.0186 3968 srvnet - ok
23:37:50.0286 3968 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
23:37:50.0287 3968 stexstor - ok
23:37:50.0334 3968 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
23:37:50.0335 3968 swenum - ok
23:37:50.0520 3968 Tcpip (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\drivers\tcpip.sys
23:37:50.0540 3968 Tcpip - ok
23:37:50.0704 3968 TCPIP6 (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\DRIVERS\tcpip.sys
23:37:50.0719 3968 TCPIP6 - ok
23:37:50.0820 3968 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
23:37:50.0821 3968 tcpipreg - ok
23:37:50.0858 3968 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
23:37:50.0859 3968 TDPIPE - ok
23:37:50.0891 3968 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
23:37:50.0892 3968 TDTCP - ok
23:37:50.0987 3968 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
23:37:50.0989 3968 tdx - ok
23:37:51.0118 3968 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys
23:37:51.0119 3968 TermDD - ok
23:37:51.0242 3968 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:37:51.0243 3968 tssecsrv - ok
23:37:51.0279 3968 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
23:37:51.0280 3968 tunnel - ok
23:37:51.0370 3968 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
23:37:51.0372 3968 uagp35 - ok
23:37:51.0413 3968 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
23:37:51.0417 3968 udfs - ok
23:37:51.0549 3968 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
23:37:51.0550 3968 uliagpkx - ok
23:37:51.0591 3968 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
23:37:51.0592 3968 umbus - ok
23:37:51.0689 3968 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
23:37:51.0689 3968 UmPass - ok
23:37:51.0746 3968 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
23:37:51.0747 3968 usbaudio - ok
23:37:51.0859 3968 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
23:37:51.0860 3968 usbccgp - ok
23:37:51.0907 3968 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
23:37:51.0908 3968 usbcir - ok
23:37:52.0028 3968 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
23:37:52.0029 3968 usbehci - ok
23:37:52.0105 3968 usbet (3d879cdc1401d960e25250c6af854ff0) C:\Windows\system32\DRIVERS\ETdrv.sys
23:37:52.0108 3968 usbet - ok
23:37:52.0226 3968 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
23:37:52.0230 3968 usbhub - ok
23:37:52.0292 3968 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
23:37:52.0292 3968 usbohci - ok
23:37:52.0334 3968 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
23:37:52.0335 3968 usbprint - ok
23:37:52.0443 3968 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
23:37:52.0444 3968 usbscan - ok
23:37:52.0508 3968 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:37:52.0509 3968 USBSTOR - ok
23:37:52.0610 3968 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
23:37:52.0611 3968 usbuhci - ok
23:37:52.0674 3968 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys
23:37:52.0676 3968 usbvideo - ok
23:37:52.0761 3968 V0540Dev (8242985b0eb906c921075a8635069860) C:\Windows\system32\DRIVERS\V0540Vid.sys
23:37:52.0764 3968 V0540Dev - ok
23:37:52.0919 3968 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
23:37:52.0920 3968 vdrvroot - ok
23:37:52.0981 3968 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
23:37:52.0982 3968 vga - ok
23:37:53.0078 3968 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
23:37:53.0079 3968 VgaSave - ok
23:37:53.0116 3968 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys
23:37:53.0119 3968 vhdmp - ok
23:37:53.0220 3968 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
23:37:53.0221 3968 viaide - ok
23:37:53.0266 3968 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys
23:37:53.0267 3968 volmgr - ok
23:37:53.0371 3968 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
23:37:53.0375 3968 volmgrx - ok
23:37:53.0412 3968 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys
23:37:53.0415 3968 volsnap - ok
23:37:53.0516 3968 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
23:37:53.0518 3968 vsmraid - ok
23:37:53.0648 3968 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
23:37:53.0649 3968 vwifibus - ok
23:37:53.0685 3968 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
23:37:53.0686 3968 vwififlt - ok
23:37:53.0784 3968 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
23:37:53.0785 3968 WacomPen - ok
23:37:53.0854 3968 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
23:37:53.0856 3968 WANARP - ok
23:37:53.0863 3968 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
23:37:53.0866 3968 Wanarpv6 - ok
23:37:53.0972 3968 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
23:37:53.0973 3968 Wd - ok
23:37:54.0028 3968 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
23:37:54.0035 3968 Wdf01000 - ok
23:37:54.0191 3968 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
23:37:54.0192 3968 WfpLwf - ok
23:37:54.0215 3968 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
23:37:54.0216 3968 WIMMount - ok
23:37:54.0381 3968 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
23:37:54.0382 3968 WinUsb - ok
23:37:54.0431 3968 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
23:37:54.0431 3968 WmiAcpi - ok
23:37:54.0566 3968 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
23:37:54.0567 3968 ws2ifsl - ok
23:37:54.0600 3968 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
23:37:54.0601 3968 WudfPf - ok
23:37:54.0715 3968 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:37:54.0718 3968 WUDFRd - ok
23:37:54.0782 3968 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
23:37:54.0787 3968 yukonw7 - ok
23:37:54.0829 3968 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
23:37:54.0851 3968 \Device\Harddisk0\DR0 - ok
23:37:54.0855 3968 Boot (0x1200) (b6a7ad7727b25f7bc5dfc06ec8ad33dd) \Device\Harddisk0\DR0\Partition0
23:37:54.0856 3968 \Device\Harddisk0\DR0\Partition0 - ok
23:37:54.0869 3968 Boot (0x1200) (7328d962628a364139cee78fb8f6cb42) \Device\Harddisk0\DR0\Partition1
23:37:54.0870 3968 \Device\Harddisk0\DR0\Partition1 - ok
23:37:54.0872 3968 ============================================================
23:37:54.0872 3968 Scan finished
23:37:54.0872 3968 ============================================================
23:37:54.0881 5020 Detected object count: 0
23:37:54.0881 5020 Actual detected object count: 0

lacrima25 · 25.10.2011, 22:56

OTL Teil 1

OTL logfile created on: 25.10.2011 23:42:07 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Administrator\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,86 Gb Total Physical Memory | 2,25 Gb Available Physical Memory | 58,39% Memory free
7,71 Gb Paging File | 5,89 Gb Available in Paging File | 76,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287,07 Gb Total Space | 191,08 Gb Free Space | 66,56% Space Free | Partition Type: NTFS
Drive E: | 229,06 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: SONY-VAIO | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.10.25 23:39:58 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Downloads\OTL.exe
PRC - [2011.10.25 20:43:33 | 000,328,592 | -H-- | M] () -- C:\ProgramData\1kAlMiG2Kb7FzP.exe
PRC - [2011.10.25 15:20:04 | 000,400,784 | -H-- | M] () -- C:\ProgramData\qJaYXNTmAyeownB.exe
PRC - [2011.09.07 12:55:40 | 000,221,256 | -H-- | M] (Geek Software GmbH) -- C:\Program Files (x86)\PDF24\pdf24.exe
PRC - [2011.07.01 16:03:31 | 000,269,480 | -H-- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.01 14:44:54 | 002,337,144 | -H-- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.04.28 03:33:23 | 000,136,360 | -H-- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.04.08 12:59:52 | 000,507,624 | -H-- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2011.03.21 20:56:16 | 001,230,704 | -H-- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011.02.14 13:23:50 | 000,044,736 | -H-- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCService.exe
PRC - [2011.01.29 05:36:18 | 000,081,016 | -H-- | M] (Sony of America Corporation) -- C:\Programme\Sony\VAIO Care\listener.exe
PRC - [2010.11.03 09:59:37 | 000,281,768 | -H-- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.09.14 05:45:56 | 000,219,496 | -H-- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010.09.14 05:45:44 | 000,508,264 | -H-- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010.05.28 12:14:24 | 000,205,168 | -H-- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
PRC - [2009.12.14 22:06:24 | 002,320,920 | -H-- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.12.14 22:06:08 | 000,268,824 | -H-- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.12.01 22:03:52 | 000,112,488 | -H-- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
PRC - [2009.11.21 00:25:24 | 000,013,336 | -H-- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009.11.21 00:25:22 | 000,284,696 | -H-- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009.10.24 03:18:54 | 000,360,224 | -H-- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2009.10.24 03:18:52 | 000,597,792 | -H-- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe
PRC - [2009.10.15 16:34:36 | 000,427,304 | -H-- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
PRC - [2009.10.15 16:34:36 | 000,091,432 | -H-- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
PRC - [2009.10.15 16:34:36 | 000,075,048 | -H-- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
PRC - [2009.10.15 16:34:34 | 000,120,104 | -H-- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
PRC - [2009.10.15 16:34:34 | 000,070,952 | -H-- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
PRC - [2009.09.16 13:27:12 | 000,480,624 | -H-- | M] (Sony Corporation) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
PRC - [2009.09.14 19:24:08 | 000,206,336 | -H-- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2009.09.14 18:53:48 | 000,642,416 | -H-- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2009.04.30 11:23:26 | 000,090,112 | -H-- | M] () -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
PRC - [2009.02.23 11:43:54 | 000,307,200 | -H-- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2008.09.18 10:59:10 | 000,104,960 | -H-- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

========== Modules (No Company Name) ==========

MOD - [2011.10.25 20:43:33 | 000,328,592 | -H-- | M] () -- C:\ProgramData\1kAlMiG2Kb7FzP.exe
MOD - [2011.10.25 15:20:04 | 000,400,784 | -H-- | M] () -- C:\ProgramData\qJaYXNTmAyeownB.exe
MOD - [2011.10.13 03:34:21 | 000,771,584 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\018d2569cf208acbe8ad73908705f607\System.Runtime.Remoting.ni.dll
MOD - [2011.10.13 03:33:54 | 012,431,360 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d76221993c2fdfb991b8c12ae50a30eb\System.Windows.Forms.ni.dll
MOD - [2011.10.13 03:33:47 | 001,586,688 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll
MOD - [2011.10.13 03:33:33 | 003,325,952 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3136e12cfb8809d39813e76c766c782c\WindowsBase.ni.dll
MOD - [2011.10.13 03:33:27 | 005,452,800 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\275680f2b9db0501d53c50ea7d7a43f0\System.Xml.ni.dll
MOD - [2011.10.13 03:33:24 | 000,971,264 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e9ebeb7959f1c916ebf6fca8f7077d6c\System.Configuration.ni.dll
MOD - [2011.10.13 03:33:23 | 007,949,312 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll
MOD - [2011.10.13 03:33:12 | 011,490,304 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2011.03.21 20:57:34 | 000,096,112 | -H-- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.03.21 20:56:16 | 001,230,704 | -H-- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2010.05.20 21:13:17 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.09.23 15:37:08 | 001,429,608 | -H-- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent)
SRV:64bit: - [2011.02.14 13:23:50 | 000,044,736 | -H-- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Care\VCService.exe -- (VCService)
SRV:64bit: - [2011.01.29 05:36:18 | 000,259,192 | -H-- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2010.01.27 22:10:56 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.11.30 19:51:18 | 000,571,248 | -H-- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2009.11.25 19:06:06 | 000,821,760 | -H-- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV:64bit: - [2009.09.16 13:27:12 | 000,480,624 | -H-- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2009.09.08 18:09:20 | 000,110,960 | -H-- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2009.09.01 21:42:00 | 000,361,840 | -H-- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV - [2011.10.17 23:26:39 | 003,552,856 | -H-- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai\netsession_win_807ba95.dll -- (Akamai)
SRV - [2011.08.31 17:00:48 | 000,366,152 | -H-- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.07.01 16:03:31 | 000,269,480 | -H-- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.06.01 14:44:54 | 002,337,144 | -H-- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.04.28 03:33:23 | 000,136,360 | -H-- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.12.21 07:38:22 | 000,350,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010.10.14 11:50:53 | 000,079,360 | -H-- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010.10.14 11:50:22 | 000,079,360 | -H-- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010.09.14 05:45:56 | 000,219,496 | -H-- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010.09.14 05:45:44 | 000,508,264 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010.05.28 12:14:24 | 000,205,168 | -H-- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2010.03.18 14:16:28 | 000,130,384 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 11:19:26 | 000,113,152 | -H-- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.12.14 22:06:24 | 002,320,920 | -H-- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.12.14 22:06:08 | 000,268,824 | -H-- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.11.21 00:25:24 | 000,013,336 | -H-- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2009.10.24 03:18:54 | 000,360,224 | -H-- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009.10.15 16:34:36 | 000,427,304 | -H-- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2009.10.15 16:34:36 | 000,091,432 | -H-- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr)
SRV - [2009.10.15 16:34:36 | 000,075,048 | -H-- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2009.10.15 16:34:34 | 000,120,104 | -H-- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2009.10.15 16:34:34 | 000,070,952 | -H-- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr)
SRV - [2009.09.14 19:24:08 | 000,206,336 | -H-- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2009.09.14 19:24:08 | 000,069,632 | -H-- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2009.09.14 18:53:48 | 000,642,416 | -H-- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2009.09.04 22:35:12 | 000,873,248 | -H-- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009.08.31 01:59:30 | 000,362,992 | -H-- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2009.08.31 01:59:18 | 000,313,840 | -H-- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.04.30 11:23:26 | 000,090,112 | -H-- | M] () [Auto | Running] -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2009.02.23 11:43:54 | 000,307,200 | -H-- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008.09.18 10:59:10 | 000,104,960 | -H-- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.07.01 16:03:32 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.07.01 16:03:32 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.22 18:05:24 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri)
DRV:64bit: - [2010.12.22 18:04:59 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2010.12.22 18:04:59 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2010.10.01 17:22:26 | 000,183,040 | ---- | M] (Etron) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ETdrv.sys -- (usbet)
DRV:64bit: - [2010.09.23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.09.14 05:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010.09.14 05:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010.09.14 05:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010.09.14 05:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010.07.12 20:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010.01.27 22:10:59 | 006,106,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.12.16 22:03:59 | 000,244,736 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2009.12.16 22:03:04 | 007,778,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.12.16 04:49:48 | 000,213,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.12.14 22:06:07 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.11.21 00:09:48 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.11.18 06:30:44 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.11.18 06:30:32 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009.11.18 06:30:32 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009.11.18 06:30:21 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2009.11.18 06:23:46 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009.11.13 22:08:21 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009.11.12 22:16:19 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.11.12 22:06:44 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.11.06 22:27:30 | 000,093,696 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)
DRV:64bit: - [2009.11.04 11:59:59 | 000,253,488 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009.10.09 04:47:00 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.09.15 22:09:08 | 000,075,776 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe)
DRV:64bit: - [2009.08.19 22:09:21 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.15 17:01:00 | 000,321,376 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\V0540Vid.sys -- (V0540Dev)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.04 17:52:54 | 000,983,936 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ksaud.sys -- (ksaud)
DRV:64bit: - [2009.05.26 14:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2009.05.25 13:34:54 | 000,151,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1029unic.sys -- (s1029unic) Sony Ericsson Device 1029 USB Ethernet Emulation (WDM)
DRV:64bit: - [2009.05.25 13:34:54 | 000,139,304 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1029mgmt.sys -- (s1029mgmt) Sony Ericsson Device 1029 USB WMC Device Management Drivers (WDM)
DRV:64bit: - [2009.05.25 13:34:54 | 000,135,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1029obex.sys -- (s1029obex)
DRV:64bit: - [2009.05.25 13:34:52 | 000,158,760 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1029mdm.sys -- (s1029mdm)
DRV:64bit: - [2009.05.25 13:34:52 | 000,034,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1029nd5.sys -- (s1029nd5) Sony Ericsson Device 1029 USB Ethernet Emulation (NDIS)
DRV:64bit: - [2009.05.25 13:34:50 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1029mdfl.sys -- (s1029mdfl)
DRV:64bit: - [2009.05.25 13:34:48 | 000,116,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1029bus.sys -- (s1029bus) Sony Ericsson Device 1029 driver (WDM)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Schnell-Startseite - COMPUTER BILD
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.6

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Administrator\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.05.29 17:50:57 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.05.29 17:50:57 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.10.06 21:42:34 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.10.22 15:30:50 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.08.27 14:28:29 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2010.10.14 09:41:31 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions
[2011.10.22 15:34:30 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\7ctl0156.default\extensions
[2011.07.09 17:50:06 | 000,000,000 | -H-D | M] (WOT) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\7ctl0156.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011.10.22 15:36:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\7ctl0156.default\extensions\toolbar@ask.com
[2011.08.27 12:12:56 | 000,000,000 | -H-D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.10.04 22:01:29 | 000,000,000 | -H-D | M] (Click to call with Skype) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010.12.12 11:40:30 | 000,000,000 | -H-D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.05.30 11:50:35 | 000,000,000 | -H-D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011.06.14 09:58:58 | 000,000,000 | -H-D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7CTL0156.DEFAULT\EXTENSIONS\{EF4E370E-D9F0-4E00-B93E-A4F274CFDD5A}.XPI
[2011.10.06 21:42:34 | 000,134,104 | -H-- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.05.04 04:52:23 | 000,476,904 | -H-- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009.10.23 16:01:34 | 000,102,400 | -H-- | M] (Zylom) -- C:\Program Files (x86)\mozilla firefox\plugins\npzylomgamesplayer.dll
[2011.10.06 21:42:31 | 000,001,392 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.10.06 21:42:31 | 000,002,252 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.10.06 21:42:31 | 000,001,153 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.06 21:42:31 | 000,006,805 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.06 21:42:31 | 000,001,178 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.06 21:42:31 | 000,001,105 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [C:\Windows\system32\V0540Ext.ax] C:\Windows\SysNative\V0540Ext.ax (Creative Technology Ltd.)
O4:64bit: - HKLM..\Run: [Creative SB Monitoring Utility] C:\Windows\SysNative\SBAVMon.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [C:\Windows\SysWOW64\V0540Ext.ax] C:\Windows\SysWOW64\V0540Ext.ax (Creative Technology Ltd.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [qJaYXNTmAyeownB.exe] C:\ProgramData\qJaYXNTmAyeownB.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKCU..\Run: [Alamandi tray notifier] C:\Program Files (x86)\DEUTSCHLAND SPIELT\Alamandi\TaskBarNotifier.exe File not found
O4 - HKCU..\Run: [EPSON SX100 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEDE.EXE /FU "C:\Windows\TEMP\E_S1F62.tmp" /EF "HKCU" File not found
O4 - HKCU..\Run: [Facebook Update] C:\Users\Administrator\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Administrator\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Administrator\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Administrator\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1EFB8A60-ADE3-4852-AA62-C8616E1EABDA}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{927587AB-1894-493E-8E72-6063314BF69A}: DhcpNameServer = 83.169.184.161 83.169.184.225
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - VESWinlogon.dll (Sony Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) -credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) -credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.04.19 13:37:34 | 000,000,029 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{35521bfc-af9d-11df-a178-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{35521bfc-af9d-11df-a178-806e6f6e6963}\Shell\AutoRun\command - "" = E:\EPSetup.exe -- [2008.01.29 00:43:00 | 000,636,848 | R--- | M] (SEIKO EPSON CORPORATION)
O33 - MountPoints2\{ef4943f0-1e22-11e0-a991-f07bcbe8ece3}\Shell - "" = AutoRun
O33 - MountPoints2\{ef4943f0-1e22-11e0-a991-f07bcbe8ece3}\Shell\AutoRun\command - "" = G:\Startme.exe
O33 - MountPoints2\{f7b047e9-f53a-11e0-b625-f07bcbe8ece3}\Shell - "" = AutoRun
O33 - MountPoints2\{f7b047e9-f53a-11e0-b625-f07bcbe8ece3}\Shell\AutoRun\command - "" = G:\MI.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.10.25 20:09:54 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Roaming\Malwarebytes
[2011.10.25 20:09:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.10.25 20:09:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\Malwarebytes
[2011.10.25 20:09:37 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.10.25 20:07:53 | 009,852,544 | -H-- | C] (Malwarebytes Corporation ) -- C:\Users\Administrator\Desktop\mbam-setup-1.51.2.1300.exe
[2011.10.25 15:22:46 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Restore
[2011.10.21 22:10:36 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Local\{CE7FD73F-BD98-490F-8C69-CDD0B0A32EA3}
[2011.10.21 22:10:25 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Local\{C529E7C1-CDB2-4A93-AAB7-774611F69779}
[2011.10.21 21:34:12 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Local\{C491B926-1C69-4425-80A9-507AA7FDBA44}
[2011.10.21 21:34:01 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Local\{9FAC7A14-21EC-42AD-AB22-DB2833BBD91D}
[2011.10.21 21:15:48 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Local\{5431F765-52C4-4C5C-BF83-7EEA85B10B36}
[2011.10.21 21:15:37 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Local\{F4B9EFE6-2A66-4E92-A2C3-85AD9930607B}
[2011.10.20 20:26:48 | 000,000,000 | -H-D | C] -- C:\ProgramData\UDL
[2011.10.20 20:25:54 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint
[2011.10.20 20:25:17 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\ABBYY FineReader 6.0 Sprint
[2011.10.20 20:16:27 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Roaming\InstallShield
[2011.10.20 20:14:11 | 000,000,000 | -H-D | C] -- C:\ProgramData\EPSON
[2011.10.20 20:13:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
[2011.10.20 20:13:54 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\epson
[2011.10.14 17:28:40 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Local\{10DD200F-2A35-4D78-B22E-99AE40168302}
[2011.10.14 17:28:29 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Local\{6DAD2B1A-6991-41C9-A68D-1C5F35FF9637}
[2011.10.13 22:21:07 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Local\{991EA1A2-BEB5-444D-8564-9F5B6985E927}
[2011.10.13 22:20:55 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Local\{DE97865B-8165-48FB-A8FD-043784798D13}
[2011.10.13 22:07:41 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Local\{8E12B81E-4EBF-46A1-94A9-C6D78AA48D14}
[2011.10.13 22:07:30 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Local\{F3C42825-ACB7-42AA-873A-45D1F59838E8}
[2011.10.13 21:47:33 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Local\{59A396B7-A569-451F-A341-C461068568B1}
[2011.10.13 21:47:22 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Local\{869FD8A5-03DC-4658-9EA8-9F4B0B1F4163}
[2011.10.13 21:00:23 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Roaming\FileZilla
[2011.10.13 21:00:14 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2011.10.13 21:00:12 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\FileZilla FTP Client
[2011.10.13 20:44:05 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Local\{8E7FBDBC-D715-4942-9DC4-9F2B812968E3}
[2011.10.13 20:43:53 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Local\{B04584E3-C50D-4C8C-9C25-92FC44DCE5B1}
[2011.10.13 20:13:25 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Local\{9F0B1A0B-9E71-4F50-B743-BDABD277CF5E}
[2011.10.13 20:13:13 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Local\{205D0BE8-5958-403C-8D94-CE7FC1286253}
[2011.10.09 15:40:07 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
[2011.10.04 16:37:50 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\Documents\Tanz AB
[2011.10.02 09:50:26 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Local\{0BBFD164-B8C2-4021-B8FA-5BE1410740D7}
[2011.10.02 09:50:15 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Local\{79F327FA-738A-4C1D-9AC0-EFE8BBDBBD2A}
[2011.09.29 12:57:44 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Local\{0DA06ACF-5351-43AB-9B70-F81E82B1639D}
[2011.09.29 12:57:33 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Local\{B555BDEB-EE47-4059-B2D1-5333C670A077}
[2011.09.26 11:11:28 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Roaming\Frau-Mann BT
[2011.09.26 11:11:13 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FM-PDF.com Software
[2011.09.26 11:11:12 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\FM-PDF.com Software
[2011.09.26 11:11:10 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\GSLite
[2011.05.04 17:18:25 | 000,148,736 | -H-- | C] (Avanquest Software) -- C:\ProgramData\hpeB8C3.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.10.25 23:04:01 | 000,001,124 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.10.25 23:00:03 | 000,000,960 | -H-- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2390065145-2537758831-1163397620-500UA.job
[2011.10.25 22:46:25 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.25 22:46:25 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.25 22:32:09 | 000,001,120 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.10.25 22:30:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.10.25 22:30:10 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.25 20:44:08 | 000,000,232 | -H-- | M] () -- C:\ProgramData\~1kAlMiG2Kb7FzP
[2011.10.25 20:44:08 | 000,000,112 | -H-- | M] () -- C:\ProgramData\~1kAlMiG2Kb7FzPr
[2011.10.25 20:43:53 | 000,000,408 | -H-- | M] () -- C:\ProgramData\1kAlMiG2Kb7FzP
[2011.10.25 20:43:33 | 000,328,592 | -H-- | M] () -- C:\ProgramData\1kAlMiG2Kb7FzP.exe
[2011.10.25 20:09:42 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.10.25 20:06:44 | 009,852,544 | -H-- | M] (Malwarebytes Corporation ) -- C:\Users\Administrator\Desktop\mbam-setup-1.51.2.1300.exe
[2011.10.25 20:00:02 | 000,000,938 | -H-- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2390065145-2537758831-1163397620-500Core.job
[2011.10.25 19:54:22 | 000,000,657 | -H-- | M] () -- C:\Users\Administrator\Desktop\System Restore.lnk
[2011.10.25 15:25:05 | 000,000,432 | -H-- | M] () -- C:\ProgramData\6DSS92c31Apgjk
[2011.10.25 15:22:46 | 000,000,232 | -H-- | M] () -- C:\ProgramData\~6DSS92c31Apgjk
[2011.10.25 15:22:46 | 000,000,112 | -H-- | M] () -- C:\ProgramData\~6DSS92c31Apgjkr
[2011.10.25 15:20:04 | 000,400,784 | -H-- | M] () -- C:\ProgramData\qJaYXNTmAyeownB.exe
[2011.10.25 10:22:23 | 000,232,914 | -H-- | M] () -- C:\Users\Administrator\Desktop\Logo Chris Voith Photography Tshirt Druck white.pdf
[2011.10.25 10:22:23 | 000,230,840 | -H-- | M] () -- C:\Users\Administrator\Desktop\Logo Chris Voith Photography Tshirt Druck white ohne HP.pdf
[2011.10.25 10:22:23 | 000,107,061 | -H-- | M] () -- C:\Users\Administrator\Desktop\Logo TanzAB Tshirt Druck black ohne HP.pdf
[2011.10.25 10:22:23 | 000,106,099 | -H-- | M] () -- C:\Users\Administrator\Desktop\Logo TanzAB Tshirt Druck black.pdf
[2011.10.25 10:22:23 | 000,087,081 | -H-- | M] () -- C:\Users\Administrator\Desktop\Logo TanzAB Tshirt Druck white ohne HP.pdf
[2011.10.25 10:22:22 | 000,260,933 | -H-- | M] () -- C:\Users\Administrator\Desktop\Logo Chris Voith Photography Tshirt Druck black.pdf
[2011.10.25 10:22:22 | 000,254,367 | -H-- | M] () -- C:\Users\Administrator\Desktop\Logo Chris Voith Photography Tshirt Druck black ohne HP.pdf
[2011.10.25 10:22:22 | 000,088,859 | -H-- | M] () -- C:\Users\Administrator\Desktop\Logo TanzAB Tshirt Druck white.pdf
[2011.10.24 18:50:40 | 000,031,398 | -H-- | M] () -- C:\Users\Administrator\Desktop\Logo Tanz ab Silhouette olitral_verpackt2klein.jpg
[2011.10.24 15:11:23 | 000,008,742 | -H-- | M] () -- C:\Users\Administrator\Desktop\Tanz AB - Verknüpfung.lnk
[2011.10.24 10:03:04 | 000,059,625 | -H-- | M] () -- C:\Users\Administrator\.recently-used.xbel
[2011.10.24 08:57:36 | 000,958,083 | -H-- | M] () -- C:\Users\Administrator\Desktop\TanzAB.zip
[2011.10.24 08:56:18 | 001,621,057 | -H-- | M] () -- C:\Users\Administrator\Desktop\Chris Voith Photography.zip
[2011.10.24 08:56:01 | 000,958,083 | -H-- | M] () -- C:\Users\Administrator\Desktop\Tanz AB.zip
[2011.10.24 08:54:26 | 001,005,594 | -H-- | M] () -- C:\Users\Administrator\Desktop\Logo TanzAB Tshirt Druck black.eps
[2011.10.24 08:54:26 | 000,440,798 | -H-- | M] () -- C:\Users\Administrator\Desktop\Logo TanzAB Tshirt Druck black ohne HP.eps
[2011.10.24 08:54:26 | 000,428,726 | -H-- | M] () -- C:\Users\Administrator\Desktop\Logo TanzAB Tshirt Druck white ohne HP.eps
[2011.10.24 08:54:25 | 001,129,554 | -H-- | M] () -- C:\Users\Administrator\Desktop\Logo Chris Voith Photography Tshirt Druck black.eps
[2011.10.24 08:54:25 | 001,111,830 | -H-- | M] () -- C:\Users\Administrator\Desktop\Logo Chris Voith Photography Tshirt Druck white.eps
[2011.10.24 08:54:25 | 000,959,434 | -H-- | M] () -- C:\Users\Administrator\Desktop\Logo Chris Voith Photography Tshirt Druck black ohne HP.eps
[2011.10.24 08:54:25 | 000,933,534 | -H-- | M] () -- C:\Users\Administrator\Desktop\Logo Chris Voith Photography Tshirt Druck white ohne HP.eps
[2011.10.24 08:54:24 | 000,966,370 | -H-- | M] () -- C:\Users\Administrator\Desktop\Logo TanzAB Tshirt Druck white.eps
[2011.10.22 15:13:42 | 000,058,163 | -H-- | M] () -- C:\Users\Administrator\Desktop\hg.jpg
[2011.10.20 20:13:29 | 000,000,025 | -H-- | M] () -- C:\Windows\CDESX100DEFGIPS.ini
[2011.10.16 17:49:23 | 001,500,018 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.10.16 17:49:23 | 000,654,610 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.10.16 17:49:23 | 000,616,452 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.10.16 17:49:23 | 000,130,192 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.10.16 17:49:23 | 000,106,574 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.10.13 03:31:34 | 000,393,544 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.09.30 17:26:33 | 000,008,192 | -H-- | M] () -- C:\Users\Administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.09.28 23:35:41 | 000,160,494 | -H-- | M] () -- C:\Users\Administrator\Desktop\Flashmob Aschaffenburg Facebook Logo.xcf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.10.25 20:44:08 | 000,000,112 | -H-- | C] () -- C:\ProgramData\~1kAlMiG2Kb7FzPr
[2011.10.25 20:44:07 | 000,000,232 | -H-- | C] () -- C:\ProgramData\~1kAlMiG2Kb7FzP
[2011.10.25 20:43:42 | 000,000,408 | -H-- | C] () -- C:\ProgramData\1kAlMiG2Kb7FzP
[2011.10.25 20:43:33 | 000,328,592 | -H-- | C] () -- C:\ProgramData\1kAlMiG2Kb7FzP.exe
[2011.10.25 20:09:42 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.10.25 19:54:22 | 000,000,657 | -H-- | C] () -- C:\Users\Administrator\Desktop\System Restore.lnk
[2011.10.25 15:22:46 | 000,000,232 | -H-- | C] () -- C:\ProgramData\~6DSS92c31Apgjk
[2011.10.25 15:22:46 | 000,000,112 | -H-- | C] () -- C:\ProgramData\~6DSS92c31Apgjkr
[2011.10.25 15:22:43 | 000,000,432 | -H-- | C] () -- C:\ProgramData\6DSS92c31Apgjk
[2011.10.25 15:20:06 | 000,400,784 | -H-- | C] () -- C:\ProgramData\qJaYXNTmAyeownB.exe
[2011.10.25 10:22:23 | 000,232,914 | -H-- | C] () -- C:\Users\Administrator\Desktop\Logo Chris Voith Photography Tshirt Druck white.pdf
[2011.10.25 10:22:23 | 000,230,840 | -H-- | C] () -- C:\Users\Administrator\Desktop\Logo Chris Voith Photography Tshirt Druck white ohne HP.pdf
[2011.10.25 10:22:23 | 000,107,061 | -H-- | C] () -- C:\Users\Administrator\Desktop\Logo TanzAB Tshirt Druck black ohne HP.pdf
[2011.10.25 10:22:23 | 000,106,099 | -H-- | C] () -- C:\Users\Administrator\Desktop\Logo TanzAB Tshirt Druck black.pdf
[2011.10.25 10:22:23 | 000,087,081 | -H-- | C] () -- C:\Users\Administrator\Desktop\Logo TanzAB Tshirt Druck white ohne HP.pdf
[2011.10.25 10:22:22 | 000,260,933 | -H-- | C] () -- C:\Users\Administrator\Desktop\Logo Chris Voith Photography Tshirt Druck black.pdf
[2011.10.25 10:22:22 | 000,254,367 | -H-- | C] () -- C:\Users\Administrator\Desktop\Logo Chris Voith Photography Tshirt Druck black ohne HP.pdf
[2011.10.25 10:22:22 | 000,088,859 | -H-- | C] () -- C:\Users\Administrator\Desktop\Logo TanzAB Tshirt Druck white.pdf
[2011.10.24 18:50:40 | 000,031,398 | -H-- | C] () -- C:\Users\Administrator\Desktop\Logo Tanz ab Silhouette olitral_verpackt2klein.jpg
[2011.10.24 10:03:04 | 000,059,625 | -H-- | C] () -- C:\Users\Administrator\.recently-used.xbel
[2011.10.24 08:57:36 | 000,958,083 | -H-- | C] () -- C:\Users\Administrator\Desktop\TanzAB.zip
[2011.10.24 08:56:17 | 001,621,057 | -H-- | C] () -- C:\Users\Administrator\Desktop\Chris Voith Photography.zip
[2011.10.24 08:56:01 | 000,958,083 | -H-- | C] () -- C:\Users\Administrator\Desktop\Tanz AB.zip
[2011.10.24 08:54:26 | 001,005,594 | -H-- | C] () -- C:\Users\Administrator\Desktop\Logo TanzAB Tshirt Druck black.eps
[2011.10.24 08:54:26 | 000,440,798 | -H-- | C] () -- C:\Users\Administrator\Desktop\Logo TanzAB Tshirt Druck black ohne HP.eps
[2011.10.24 08:54:26 | 000,428,726 | -H-- | C] () -- C:\Users\Administrator\Desktop\Logo TanzAB Tshirt Druck white ohne HP.eps
[2011.10.24 08:54:25 | 001,129,554 | -H-- | C] () -- C:\Users\Administrator\Desktop\Logo Chris Voith Photography Tshirt Druck black.eps
[2011.10.24 08:54:25 | 001,111,830 | -H-- | C] () -- C:\Users\Administrator\Desktop\Logo Chris Voith Photography Tshirt Druck white.eps
[2011.10.24 08:54:25 | 000,933,534 | -H-- | C] () -- C:\Users\Administrator\Desktop\Logo Chris Voith Photography Tshirt Druck white ohne HP.eps
[2011.10.24 08:54:24 | 000,966,370 | -H-- | C] () -- C:\Users\Administrator\Desktop\Logo TanzAB Tshirt Druck white.eps
[2011.10.24 08:54:24 | 000,959,434 | -H-- | C] () -- C:\Users\Administrator\Desktop\Logo Chris Voith Photography Tshirt Druck black ohne HP.eps
[2011.10.22 15:39:39 | 000,008,742 | -H-- | C] () -- C:\Users\Administrator\Desktop\Tanz AB - Verknüpfung.lnk
[2011.10.22 15:01:00 | 000,058,163 | -H-- | C] () -- C:\Users\Administrator\Desktop\hg.jpg
[2011.10.20 20:16:29 | 000,111,932 | -H-- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2011.10.20 20:16:29 | 000,031,053 | -H-- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2011.10.20 20:16:29 | 000,027,417 | -H-- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2011.10.20 20:16:29 | 000,026,154 | -H-- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2011.10.20 20:16:29 | 000,024,903 | -H-- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2011.10.20 20:16:29 | 000,021,390 | -H-- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2011.10.20 20:16:29 | 000,020,148 | -H-- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2011.10.20 20:16:29 | 000,013,732 | -H-- | C] () -- C:\Windows\SysWow64\EPPICLocal_EN.cfg
[2011.10.20 20:16:29 | 000,011,811 | -H-- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2011.10.20 20:16:29 | 000,006,442 | -H-- | C] () -- C:\Windows\SysWow64\EPPICLocal_IT.cfg
[2011.10.20 20:16:29 | 000,006,335 | -H-- | C] () -- C:\Windows\SysWow64\EPPICLocal_GE.cfg
[2011.10.20 20:16:29 | 000,006,195 | -H-- | C] () -- C:\Windows\SysWow64\EPPICLocal_FR.cfg
[2011.10.20 20:16:29 | 000,006,195 | -H-- | C] () -- C:\Windows\SysWow64\EPPICLocal_CF.cfg
[2011.10.20 20:16:29 | 000,006,122 | -H-- | C] () -- C:\Windows\SysWow64\EPPICLocal_DU.cfg
[2011.10.20 20:16:29 | 000,006,103 | -H-- | C] () -- C:\Windows\SysWow64\EPPICLocal_ES.cfg
[2011.10.20 20:16:29 | 000,005,817 | -H-- | C] () -- C:\Windows\SysWow64\EPPICLocal_KO.cfg
[2011.10.20 20:16:29 | 000,005,436 | -H-- | C] () -- C:\Windows\SysWow64\EPPICLocal_SC.cfg
[2011.10.20 20:16:29 | 000,004,943 | -H-- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2011.10.20 20:16:29 | 000,002,889 | -H-- | C] () -- C:\Windows\SysWow64\EPPICLocal_RU.cfg
[2011.10.20 20:16:29 | 000,002,426 | -H-- | C] () -- C:\Windows\SysWow64\EPPICLocal_TC.cfg
[2011.10.20 20:16:29 | 000,001,146 | -H-- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat
[2011.10.20 20:16:29 | 000,001,139 | -H-- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2011.10.20 20:16:29 | 000,001,139 | -H-- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2011.10.20 20:16:29 | 000,001,136 | -H-- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2011.10.20 20:16:29 | 000,001,129 | -H-- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2011.10.20 20:16:29 | 000,001,129 | -H-- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2011.10.20 20:16:29 | 000,001,120 | -H-- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat
[2011.10.20 20:16:29 | 000,001,107 | -H-- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat
[2011.10.20 20:16:29 | 000,001,104 | -H-- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2011.10.20 20:16:29 | 000,000,097 | -H-- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2011.10.20 20:16:28 | 000,006,347 | -H-- | C] () -- C:\Windows\SysWow64\EPPICLocal_PT.cfg
[2011.10.20 20:16:28 | 000,006,347 | -H-- | C] () -- C:\Windows\SysWow64\EPPICLocal_BP.cfg
[2011.10.20 20:13:29 | 000,000,025 | -H-- | C] () -- C:\Windows\CDESX100DEFGIPS.ini
[2011.09.28 23:35:41 | 000,160,494 | -H-- | C] () -- C:\Users\Administrator\Desktop\Flashmob Aschaffenburg Facebook Logo.xcf
[2011.09.13 11:39:17 | 000,007,103 | -H-- | C] () -- C:\Windows\mgxoschk.ini
[2011.09.13 10:11:58 | 000,120,200 | -H-- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2011.08.27 13:02:47 | 000,032,256 | -H-- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2011.07.16 11:23:46 | 000,080,896 | -H-- | C] () -- C:\Windows\cadkasdeinst01.exe
[2011.05.24 09:26:48 | 000,484,352 | -H-- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2011.05.24 08:08:03 | 000,000,034 | -H-- | C] () -- C:\Windows\cdplayer.ini
[2011.04.12 08:44:05 | 000,098,304 | -H-- | C] () -- C:\Windows\SysWow64\redmonnt.dll
[2010.12.09 15:03:25 | 001,526,948 | -H-- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.11.22 12:40:23 | 000,032,608 | -H-- | C] () -- C:\Windows\king-uninstall.exe
[2010.11.09 19:57:40 | 000,008,192 | -H-- | C] () -- C:\Users\Administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.21 14:48:42 | 000,165,376 | -H-- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010.10.21 14:48:42 | 000,000,038 | -H-- | C] () -- C:\Windows\avisplitter.ini
[2010.10.21 14:48:41 | 000,790,528 | -H-- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.10.21 14:48:41 | 000,134,144 | -H-- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010.10.21 14:48:40 | 000,074,752 | -H-- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010.10.14 14:38:26 | 000,148,480 | -H-- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010.10.14 14:38:26 | 000,073,728 | -H-- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2010.10.14 11:51:02 | 000,001,352 | -H-- | C] () -- C:\ProgramData\cfSB1090.ini
[2010.10.14 11:51:02 | 000,001,352 | -H-- | C] () -- C:\ProgramData\cfSB0910.ini
[2010.10.14 11:51:02 | 000,001,346 | -H-- | C] () -- C:\ProgramData\cfSB1100.ini
[2010.10.14 11:51:02 | 000,001,302 | -H-- | C] () -- C:\ProgramData\cfSB0300.ini
[2010.10.14 11:51:02 | 000,001,282 | -H-- | C] () -- C:\ProgramData\cfSB0471.ini
[2010.10.14 11:51:02 | 000,001,208 | -H-- | C] () -- C:\ProgramData\cfSB0490.ini
[2010.10.14 11:51:02 | 000,001,027 | -H-- | C] () -- C:\ProgramData\cfSB0560.ini
[2010.10.14 11:51:02 | 000,001,026 | -H-- | C] () -- C:\ProgramData\cfSB0271.ini
[2010.10.14 11:51:02 | 000,001,026 | -H-- | C] () -- C:\ProgramData\cfSB0270.ini
[2010.10.14 11:51:02 | 000,000,590 | -H-- | C] () -- C:\ProgramData\cfSB0950.ini
[2010.10.14 11:02:40 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.10.14 09:41:25 | 000,000,000 | -H-- | C] () -- C:\Windows\nsreg.dat
[2010.05.25 20:43:14 | 003,099,136 | -H-- | C] () -- C:\Program Files\openofficeorg32.msi
[2010.05.25 20:41:42 | 000,460,088 | -H-- | C] () -- C:\Program Files\setup.exe
[2010.05.25 20:40:04 | 145,988,770 | -H-- | C] () -- C:\Program Files\openofficeorg1.cab
[2010.05.25 19:46:20 | 000,000,290 | -H-- | C] () -- C:\Program Files\setup.ini
[2010.05.20 11:45:52 | 000,000,221 | -H-- | C] () -- C:\ProgramData\MusicStation.xml
[2010.05.20 11:30:05 | 000,002,119 | -H-- | C] () -- C:\Windows\SysWow64\McOEMAppRules.dat
[2010.05.20 00:08:54 | 000,000,000 | -H-- | C] () -- C:\Windows\ativpsrm.bin
[2010.05.19 23:45:17 | 000,870,544 | -H-- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2010.05.19 23:45:17 | 000,208,896 | -H-- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010.05.19 23:45:17 | 000,143,360 | -H-- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010.05.19 23:45:15 | 000,050,036 | -H-- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010.05.19 23:45:14 | 000,127,896 | -H-- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010.05.19 23:45:08 | 000,028,732 | -H-- | C] () -- C:\Windows\SysWow64\ativvsny.dat
[2010.05.19 23:45:08 | 000,026,936 | -H-- | C] () -- C:\Windows\SysWow64\ativvsnl.dat
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | -H-- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | -H-- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011.03.23 19:41:55 | 000,000,000 | -HSD | M] -- C:\Users\Administrator\AppData\Roaming\.#
[2011.07.29 15:47:48 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\Amazon
[2011.10.23 13:30:07 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\Audacity
[2011.02.17 09:45:44 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\Auslogics
[2011.06.21 12:27:09 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\Azuaz Games
[2011.06.22 12:51:23 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\AzuazGames
[2011.07.16 11:23:56 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\CAD-KAS
[2010.11.17 16:09:22 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\Canneverbe Limited
[2011.10.21 19:05:01 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\Dropbox
[2011.07.12 23:20:20 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\DVDVideoSoft
[2011.01.22 20:34:04 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.05.24 08:44:03 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\EAC
[2011.10.19 21:56:38 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\FileZilla
[2011.09.26 11:11:28 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\Frau-Mann BT
[2011.05.24 09:26:53 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\FreeAudioPack
[2010.12.07 11:20:28 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\Friday's games
[2011.06.20 16:38:32 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\Gogii Games
[2011.10.24 10:03:04 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\gtk-2.0
[2010.10.15 21:26:25 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\IrfanView
[2011.09.23 17:52:49 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\MAGIX
[2011.08.16 14:54:34 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\ManyCam
[2011.08.27 12:56:10 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\OpenCandy
[2010.12.09 14:18:30 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\OpenOffice.org
[2011.10.25 15:59:36 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\SoftGrid Client
[2011.05.18 12:48:44 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\Sony
[2011.09.09 00:19:14 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\TeamViewer
[2011.07.25 16:59:41 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\Thunderbird
[2010.12.09 15:04:33 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\TP
[2011.08.17 19:10:43 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\WordToPDF
[2011.08.27 14:00:46 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\XMedia Recode
[2011.10.25 20:00:02 | 000,000,938 | -H-- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2390065145-2537758831-1163397620-500Core.job
[2011.10.25 23:00:03 | 000,000,960 | -H-- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2390065145-2537758831-1163397620-500UA.job
[2011.10.13 03:32:31 | 000,032,640 | -H-- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< 23:37:29.0368 2320 TDSS rootkit removing tool 2.6.13.0 Oct 25 2011 13:56:21 >

< 23:37:29.0380 2320 ============================================================ >

< 23:37:29.0380 2320 Current date / time: 2011/10/25 23:37:29.0380 >
Invalid Switch: 25 23:37:29.0380

< 23:37:29.0380 2320 SystemInfo: >

< 23:37:29.0380 2320 >

< 23:37:29.0380 2320 OS Version: 6.1.7600 ServicePack: 0.0 >

< 23:37:29.0380 2320 Product type: Workstation >

< 23:37:29.0381 2320 ComputerName: SONY-VAIO >

< 23:37:29.0381 2320 UserName: Administrator >

< 23:37:29.0381 2320 Windows directory: C:\Windows >

< 23:37:29.0381 2320 System windows directory: C:\Windows >

< 23:37:29.0381 2320 Running under WOW64 >

< 23:37:29.0381 2320 Processor architecture: Intel x64 >

< 23:37:29.0381 2320 Number of processors: 4 >

< 23:37:29.0381 2320 Page size: 0x1000 >

< 23:37:29.0381 2320 Boot type: Normal boot >

< 23:37:29.0381 2320 ============================================================ >

< 23:37:29.0741 2320 Initialize success >

< 23:37:31.0088 3968 ============================================================ >

< 23:37:31.0088 3968 Scan started >

< 23:37:31.0088 3968 Mode: Manual; >

< 23:37:31.0088 3968 ============================================================ >

< 23:37:31.0555 3968 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys >

< 23:37:31.0556 3968 1394ohci - ok >

< 23:37:31.0610 3968 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys >

< 23:37:31.0612 3968 ACPI - ok >

< 23:37:31.0712 3968 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys >

< 23:37:31.0712 3968 AcpiPmi - ok >

< 23:37:31.0778 3968 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys >

< 23:37:31.0780 3968 adp94xx - ok >

< 23:37:31.0904 3968 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys >

< 23:37:31.0907 3968 adpahci - ok >

< 23:37:31.0968 3968 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys >

< 23:37:31.0969 3968 adpu320 - ok >

< 23:37:32.0096 3968 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys >

< 23:37:32.0099 3968 AFD - ok >

< 23:37:32.0204 3968 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys >

< 23:37:32.0205 3968 agp440 - ok >

< 23:37:32.0349 3968 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys >

< 23:37:32.0349 3968 aliide - ok >

< 23:37:32.0480 3968 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys >

< 23:37:32.0481 3968 amdide - ok >

< 23:37:32.0533 3968 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys >

< 23:37:32.0534 3968 AmdK8 - ok >

< 23:37:32.0631 3968 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys >

< 23:37:32.0632 3968 AmdPPM - ok >

< 23:37:32.0697 3968 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys >

< 23:37:32.0697 3968 amdsata - ok >

< 23:37:32.0798 3968 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys >

< 23:37:32.0799 3968 amdsbs - ok >

< 23:37:32.0866 3968 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys >

< 23:37:32.0867 3968 amdxata - ok >

< 23:37:33.0004 3968 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\Windows\system32\drivers\Apfiltr.sys >

< 23:37:33.0006 3968 ApfiltrService - ok >

< 23:37:33.0044 3968 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys >

< 23:37:33.0045 3968 AppID - ok >

< 23:37:33.0151 3968 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys >

< 23:37:33.0152 3968 arc - ok >

< 23:37:33.0181 3968 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys >

< 23:37:33.0182 3968 arcsas - ok >

< 23:37:33.0242 3968 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys >

< 23:37:33.0243 3968 ArcSoftKsUFilter - ok >

< 23:37:33.0309 3968 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys >

< 23:37:33.0310 3968 AsyncMac - ok >

< 23:37:33.0395 3968 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys >

< 23:37:33.0395 3968 atapi - ok >

< 23:37:33.0503 3968 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys >

< 23:37:33.0512 3968 athr - ok >

< 23:37:33.0736 3968 atikmdag (f3a362b683b6158cc47d7e8e58b7ddc9) C:\Windows\system32\DRIVERS\atikmdag.sys >

< 23:37:33.0768 3968 atikmdag - ok >

< 23:37:33.0896 3968 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys >

< 23:37:33.0897 3968 avgntflt - ok >

< 23:37:33.0926 3968 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys >

< 23:37:33.0928 3968 avipbb - ok >

< 23:37:34.0064 3968 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys >

< 23:37:34.0070 3968 b06bdrv - ok >

< 23:37:34.0189 3968 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys >

< 23:37:34.0192 3968 b57nd60a - ok >

< 23:37:34.0329 3968 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys >

< 23:37:34.0329 3968 Beep - ok >

< 23:37:34.0446 3968 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys >

< 23:37:34.0447 3968 blbdrive - ok >

< 23:37:34.0506 3968 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys >

< 23:37:34.0507 3968 bowser - ok >

< 23:37:34.0593 3968 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys >

< 23:37:34.0594 3968 BrFiltLo - ok >

< 23:37:34.0655 3968 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys >

< 23:37:34.0656 3968 BrFiltUp - ok >

< 23:37:34.0723 3968 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys >

< 23:37:34.0727 3968 Brserid - ok >

< 23:37:34.0793 3968 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys >

< 23:37:34.0794 3968 BrSerWdm - ok >

< 23:37:34.0870 3968 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys >

< 23:37:34.0871 3968 BrUsbMdm - ok >

< 23:37:34.0927 3968 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys >

< 23:37:34.0927 3968 BrUsbSer - ok >

< 23:37:35.0031 3968 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys >

< 23:37:35.0032 3968 BthEnum - ok >

< 23:37:35.0096 3968 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys >

< 23:37:35.0097 3968 BTHMODEM - ok >

< 23:37:35.0186 3968 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys >

< 23:37:35.0187 3968 BthPan - ok >

< 23:37:35.0284 3968 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys >

< 23:37:35.0291 3968 BTHPORT - ok >

< 23:37:35.0426 3968 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys >

< 23:37:35.0427 3968 BTHUSB - ok >

< 23:37:35.0480 3968 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys >

< 23:37:35.0481 3968 btusbflt - ok >

< 23:37:35.0600 3968 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys >

< 23:37:35.0602 3968 btwaudio - ok >

< 23:37:35.0662 3968 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys >

< 23:37:35.0664 3968 btwavdt - ok >

< 23:37:35.0805 3968 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys >

< 23:37:35.0805 3968 btwl2cap - ok >

< 23:37:35.0864 3968 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys >

< 23:37:35.0865 3968 btwrchid - ok >

< 23:37:35.0980 3968 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys >

< 23:37:35.0982 3968 cdfs - ok >

< 23:37:36.0105 3968 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys >

< 23:37:36.0107 3968 cdrom - ok >

< 23:37:36.0229 3968 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys >

< 23:37:36.0229 3968 circlass - ok >

< 23:37:36.0267 3968 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys >

< 23:37:36.0271 3968 CLFS - ok >

< 23:37:36.0414 3968 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys >

< 23:37:36.0415 3968 CmBatt - ok >

< 23:37:36.0445 3968 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys >

< 23:37:36.0446 3968 cmdide - ok >

< 23:37:36.0478 3968 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys >

< 23:37:36.0482 3968 CNG - ok >

< 23:37:36.0590 3968 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys >

< 23:37:36.0591 3968 Compbatt - ok >

< 23:37:36.0631 3968 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys >

< 23:37:36.0632 3968 CompositeBus - ok >

< 23:37:36.0750 3968 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys >

< 23:37:36.0750 3968 crcdisk - ok >

< 23:37:36.0931 3968 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys >

< 23:37:36.0932 3968 DfsC - ok >

< 23:37:36.0972 3968 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys >

< 23:37:36.0973 3968 discache - ok >

< 23:37:37.0089 3968 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys >

< 23:37:37.0090 3968 Disk - ok >

< 23:37:37.0225 3968 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys >

< 23:37:37.0225 3968 drmkaud - ok >

< 23:37:37.0307 3968 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys >

< 23:37:37.0315 3968 DXGKrnl - ok >

< 23:37:37.0496 3968 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys >

< 23:37:37.0514 3968 ebdrv - ok >

< 23:37:37.0658 3968 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys >

< 23:37:37.0663 3968 elxstor - ok >

< 23:37:37.0751 3968 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys >

< 23:37:37.0752 3968 ErrDev - ok >

< 23:37:37.0805 3968 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys >

< 23:37:37.0807 3968 exfat - ok >

< 23:37:37.0898 3968 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys >

< 23:37:37.0900 3968 fastfat - ok >

< 23:37:38.0033 3968 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys >

< 23:37:38.0034 3968 fdc - ok >

lacrima25 · 25.10.2011, 22:59

OTL Teil 2

< 23:37:38.0063 3968 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys >

< 23:37:38.0064 3968 FileInfo - ok >

< 23:37:38.0091 3968 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys >

< 23:37:38.0092 3968 Filetrace - ok >

< 23:37:38.0200 3968 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys >

< 23:37:38.0201 3968 flpydisk - ok >

< 23:37:38.0239 3968 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys >

< 23:37:38.0242 3968 FltMgr - ok >

< 23:37:38.0268 3968 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys >

< 23:37:38.0268 3968 FsDepends - ok >

< 23:37:38.0373 3968 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys >

< 23:37:38.0374 3968 fssfltr - ok >

< 23:37:38.0416 3968 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys >

< 23:37:38.0417 3968 Fs_Rec - ok >

< 23:37:38.0551 3968 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys >

< 23:37:38.0553 3968 fvevol - ok >

< 23:37:38.0592 3968 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys >

< 23:37:38.0593 3968 gagp30kx - ok >

< 23:37:38.0711 3968 ggflt (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys >

< 23:37:38.0712 3968 ggflt - ok >

< 23:37:38.0751 3968 ggsemc (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys >

< 23:37:38.0751 3968 ggsemc - ok >

< 23:37:38.0886 3968 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys >

< 23:37:38.0887 3968 hcw85cir - ok >

< 23:37:38.0929 3968 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys >

< 23:37:38.0932 3968 HdAudAddService - ok >

< 23:37:39.0032 3968 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys >

< 23:37:39.0034 3968 HDAudBus - ok >

< 23:37:39.0083 3968 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys >

< 23:37:39.0084 3968 HECIx64 - ok >

< 23:37:39.0180 3968 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys >

< 23:37:39.0180 3968 HidBatt - ok >

< 23:37:39.0210 3968 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys >

< 23:37:39.0212 3968 HidBth - ok >

< 23:37:39.0250 3968 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys >

< 23:37:39.0250 3968 HidIr - ok >

< 23:37:39.0360 3968 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys >

< 23:37:39.0361 3968 HidUsb - ok >

< 23:37:39.0437 3968 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys >

< 23:37:39.0438 3968 HpSAMD - ok >

< 23:37:39.0528 3968 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys >

< 23:37:39.0537 3968 HTTP - ok >

< 23:37:39.0631 3968 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys >

< 23:37:39.0632 3968 hwpolicy - ok >

< 23:37:39.0678 3968 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys >

< 23:37:39.0679 3968 i8042prt - ok >

< 23:37:39.0784 3968 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys >

< 23:37:39.0789 3968 iaStor - ok >

< 23:37:39.0910 3968 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys >

< 23:37:39.0915 3968 iaStorV - ok >

< 23:37:40.0230 3968 igfx (31d1aff484d8a0906cf8d44251ec390f) C:\Windows\system32\DRIVERS\igdkmd64.sys >

< 23:37:40.0270 3968 igfx - ok >

< 23:37:40.0379 3968 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys >

< 23:37:40.0379 3968 iirsp - ok >

< 23:37:40.0526 3968 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\drivers\Impcd.sys >

< 23:37:40.0528 3968 Impcd - ok >

< 23:37:40.0713 3968 IntcAzAudAddService (0f144e5f46cb9043004b5e84aa4bca6a) C:\Windows\system32\drivers\RTKVHD64.sys >

< 23:37:40.0729 3968 IntcAzAudAddService - ok >

< 23:37:40.0869 3968 IntcDAud (408b401cd7cdb075c7470b0ff7ba8d0b) C:\Windows\system32\DRIVERS\IntcDAud.sys >

< 23:37:40.0872 3968 IntcDAud - ok >

< 23:37:40.0899 3968 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys >

< 23:37:40.0900 3968 intelide - ok >

< 23:37:41.0008 3968 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys >

< 23:37:41.0009 3968 intelppm - ok >

< 23:37:41.0048 3968 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys >

< 23:37:41.0049 3968 IpFilterDriver - ok >

< 23:37:41.0155 3968 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys >

< 23:37:41.0156 3968 IPMIDRV - ok >

< 23:37:41.0197 3968 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys >

< 23:37:41.0199 3968 IPNAT - ok >

< 23:37:41.0303 3968 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys >

< 23:37:41.0304 3968 IRENUM - ok >

< 23:37:41.0347 3968 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys >

< 23:37:41.0348 3968 isapnp - ok >

< 23:37:41.0457 3968 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys >

< 23:37:41.0460 3968 iScsiPrt - ok >

< 23:37:41.0507 3968 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys >

< 23:37:41.0508 3968 kbdclass - ok >

< 23:37:41.0626 3968 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\drivers\kbdhid.sys >

< 23:37:41.0627 3968 kbdhid - ok >

< 23:37:41.0708 3968 ksaud (0bc501f8889c59e332ba5b3765ceeb30) C:\Windows\system32\drivers\ksaud.sys >

< 23:37:41.0717 3968 ksaud - ok >

< 23:37:41.0794 3968 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys >

< 23:37:41.0795 3968 KSecDD - ok >

< 23:37:41.0854 3968 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys >

< 23:37:41.0856 3968 KSecPkg - ok >

< 23:37:41.0941 3968 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys >

< 23:37:41.0942 3968 ksthunk - ok >

< 23:37:42.0078 3968 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys >

< 23:37:42.0079 3968 lltdio - ok >

< 23:37:42.0164 3968 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys >

< 23:37:42.0166 3968 LSI_FC - ok >

< 23:37:42.0278 3968 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys >

< 23:37:42.0279 3968 LSI_SAS - ok >

< 23:37:42.0322 3968 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys >

< 23:37:42.0323 3968 LSI_SAS2 - ok >

< 23:37:42.0417 3968 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys >

< 23:37:42.0419 3968 LSI_SCSI - ok >

< 23:37:42.0453 3968 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys >

< 23:37:42.0455 3968 luafv - ok >

< 23:37:42.0565 3968 MBAMProtector - ok >

< 23:37:42.0613 3968 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys >

< 23:37:42.0614 3968 megasas - ok >

< 23:37:42.0654 3968 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys >

< 23:37:42.0657 3968 MegaSR - ok >

< 23:37:42.0761 3968 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys >

< 23:37:42.0762 3968 Modem - ok >

< 23:37:42.0795 3968 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys >

< 23:37:42.0796 3968 monitor - ok >

< 23:37:42.0908 3968 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys >

< 23:37:42.0909 3968 mouclass - ok >

< 23:37:42.0944 3968 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys >

< 23:37:42.0944 3968 mouhid - ok >

< 23:37:42.0970 3968 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys >

< 23:37:42.0971 3968 mountmgr - ok >

< 23:37:43.0067 3968 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys >

< 23:37:43.0069 3968 mpio - ok >

< 23:37:43.0104 3968 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys >

< 23:37:43.0105 3968 mpsdrv - ok >

< 23:37:43.0138 3968 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys >

< 23:37:43.0139 3968 MRxDAV - ok >

< 23:37:43.0253 3968 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys >

< 23:37:43.0255 3968 mrxsmb - ok >

< 23:37:43.0308 3968 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys >

< 23:37:43.0312 3968 mrxsmb10 - ok >

< 23:37:43.0424 3968 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys >

< 23:37:43.0426 3968 mrxsmb20 - ok >

< 23:37:43.0461 3968 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys >

< 23:37:43.0462 3968 msahci - ok >

< 23:37:43.0500 3968 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys >

< 23:37:43.0502 3968 msdsm - ok >

< 23:37:43.0589 3968 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys >

< 23:37:43.0590 3968 Msfs - ok >

< 23:37:43.0634 3968 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys >

< 23:37:43.0635 3968 mshidkmdf - ok >

< 23:37:43.0655 3968 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys >

< 23:37:43.0656 3968 msisadrv - ok >

< 23:37:43.0738 3968 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys >

< 23:37:43.0738 3968 MSKSSRV - ok >

< 23:37:43.0765 3968 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys >

< 23:37:43.0766 3968 MSPCLOCK - ok >

< 23:37:43.0795 3968 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys >

< 23:37:43.0795 3968 MSPQM - ok >

< 23:37:43.0833 3968 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys >

< 23:37:43.0836 3968 MsRPC - ok >

< 23:37:43.0915 3968 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys >

< 23:37:43.0916 3968 mssmbios - ok >

< 23:37:43.0969 3968 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys >

< 23:37:43.0970 3968 MSTEE - ok >

< 23:37:44.0048 3968 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys >

< 23:37:44.0048 3968 MTConfig - ok >

< 23:37:44.0092 3968 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys >

< 23:37:44.0093 3968 Mup - ok >

< 23:37:44.0177 3968 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys >

< 23:37:44.0181 3968 NativeWifiP - ok >

< 23:37:44.0259 3968 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys >

< 23:37:44.0268 3968 NDIS - ok >

< 23:37:44.0378 3968 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys >

< 23:37:44.0378 3968 NdisCap - ok >

< 23:37:44.0411 3968 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys >

< 23:37:44.0412 3968 NdisTapi - ok >

< 23:37:44.0482 3968 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys >

< 23:37:44.0483 3968 Ndisuio - ok >

< 23:37:44.0532 3968 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys >

< 23:37:44.0534 3968 NdisWan - ok >

< 23:37:44.0555 3968 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys >

< 23:37:44.0556 3968 NDProxy - ok >

< 23:37:44.0592 3968 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys >

< 23:37:44.0593 3968 NetBIOS - ok >

< 23:37:44.0694 3968 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys >

< 23:37:44.0698 3968 NetBT - ok >

< 23:37:44.0744 3968 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys >

< 23:37:44.0745 3968 nfrd960 - ok >

< 23:37:44.0863 3968 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys >

< 23:37:44.0864 3968 Npfs - ok >

< 23:37:44.0884 3968 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys >

< 23:37:44.0885 3968 nsiproxy - ok >

< 23:37:44.0969 3968 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys >

< 23:37:44.0982 3968 Ntfs - ok >

< 23:37:45.0067 3968 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys >

< 23:37:45.0068 3968 Null - ok >

< 23:37:45.0127 3968 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys >

< 23:37:45.0129 3968 nvraid - ok >

< 23:37:45.0237 3968 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys >

< 23:37:45.0239 3968 nvstor - ok >

< 23:37:45.0291 3968 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys >

< 23:37:45.0293 3968 nv_agp - ok >

< 23:37:45.0388 3968 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys >

< 23:37:45.0389 3968 ohci1394 - ok >

< 23:37:45.0563 3968 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys >

< 23:37:45.0565 3968 Parport - ok >

< 23:37:45.0594 3968 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys >

< 23:37:45.0595 3968 partmgr - ok >

< 23:37:45.0633 3968 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys >

< 23:37:45.0635 3968 pci - ok >

< 23:37:45.0738 3968 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys >

< 23:37:45.0738 3968 pciide - ok >

< 23:37:45.0774 3968 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys >

< 23:37:45.0776 3968 pcmcia - ok >

< 23:37:45.0870 3968 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys >

< 23:37:45.0871 3968 pcw - ok >

< 23:37:45.0924 3968 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys >

< 23:37:45.0930 3968 PEAUTH - ok >

< 23:37:46.0066 3968 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys >

< 23:37:46.0068 3968 PptpMiniport - ok >

< 23:37:46.0108 3968 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys >

< 23:37:46.0109 3968 Processor - ok >

< 23:37:46.0231 3968 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys >

< 23:37:46.0233 3968 Psched - ok >

< 23:37:46.0273 3968 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys >

< 23:37:46.0275 3968 PxHlpa64 - ok >

< 23:37:46.0428 3968 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys >

< 23:37:46.0440 3968 ql2300 - ok >

< 23:37:46.0558 3968 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys >

< 23:37:46.0559 3968 ql40xx - ok >

< 23:37:46.0590 3968 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys >

< 23:37:46.0591 3968 QWAVEdrv - ok >

< 23:37:46.0690 3968 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys >

< 23:37:46.0691 3968 RasAcd - ok >

< 23:37:46.0736 3968 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys >

< 23:37:46.0736 3968 RasAgileVpn - ok >

< 23:37:46.0832 3968 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys >

< 23:37:46.0833 3968 Rasl2tp - ok >

< 23:37:46.0873 3968 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys >

< 23:37:46.0874 3968 RasPppoe - ok >

< 23:37:46.0960 3968 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys >

< 23:37:46.0961 3968 RasSstp - ok >

< 23:37:46.0995 3968 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys >

< 23:37:46.0998 3968 rdbss - ok >

< 23:37:47.0033 3968 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys >

< 23:37:47.0034 3968 rdpbus - ok >

< 23:37:47.0124 3968 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys >

< 23:37:47.0125 3968 RDPCDD - ok >

< 23:37:47.0159 3968 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys >

< 23:37:47.0160 3968 RDPENCDD - ok >

< 23:37:47.0187 3968 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys >

< 23:37:47.0188 3968 RDPREFMP - ok >

< 23:37:47.0219 3968 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys >

< 23:37:47.0221 3968 RDPWD - ok >

< 23:37:47.0328 3968 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys >

< 23:37:47.0331 3968 rdyboost - ok >

< 23:37:47.0373 3968 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys >

< 23:37:47.0375 3968 RFCOMM - ok >

< 23:37:47.0407 3968 rimspci (5ca4abd888b602551b59baa26941c167) C:\Windows\system32\drivers\rimssne64.sys >

< 23:37:47.0409 3968 rimspci - ok >

< 23:37:47.0517 3968 risdsnpe (bb6e138aeb351728959da5e2731d8140) C:\Windows\system32\drivers\risdsne64.sys >

< 23:37:47.0518 3968 risdsnpe - ok >

< 23:37:47.0650 3968 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys >

< 23:37:47.0652 3968 rspndr - ok >

< 23:37:47.0709 3968 RTHDMIAzAudService (4e821c740a675f6d040be41d59a62b1d) C:\Windows\system32\drivers\RtHDMIVX.sys >

< 23:37:47.0711 3968 RTHDMIAzAudService - ok >

< 23:37:47.0829 3968 s1029bus (68f717bc57b0fe12011eb9517c97f78d) C:\Windows\system32\DRIVERS\s1029bus.sys >

< 23:37:47.0831 3968 s1029bus - ok >

< 23:37:47.0869 3968 s1029mdfl (fcfafa529f4fa27b02fce1e52a84922e) C:\Windows\system32\DRIVERS\s1029mdfl.sys >

< 23:37:47.0870 3968 s1029mdfl - ok >

< 23:37:47.0972 3968 s1029mdm (35bd0866eb422ab2d7c8f0ddcc67bf7c) C:\Windows\system32\DRIVERS\s1029mdm.sys >

< 23:37:47.0974 3968 s1029mdm - ok >

< 23:37:48.0019 3968 s1029mgmt (e0fd4f4f42b76e910cc4295c97aa30ba) C:\Windows\system32\DRIVERS\s1029mgmt.sys >

< 23:37:48.0020 3968 s1029mgmt - ok >

< 23:37:48.0147 3968 s1029nd5 (90276f1d842eb96f82510e73fdb792ad) C:\Windows\system32\DRIVERS\s1029nd5.sys >

< 23:37:48.0148 3968 s1029nd5 - ok >

< 23:37:48.0185 3968 s1029obex (128ed45223fab846e8436a2f2baebb55) C:\Windows\system32\DRIVERS\s1029obex.sys >

< 23:37:48.0187 3968 s1029obex - ok >

< 23:37:48.0217 3968 s1029unic (400fc5591586a1dfecf7a0cfaa6b0d68) C:\Windows\system32\DRIVERS\s1029unic.sys >

< 23:37:48.0218 3968 s1029unic - ok >

< 23:37:48.0351 3968 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys >

< 23:37:48.0353 3968 sbp2port - ok >

< 23:37:48.0381 3968 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys >

< 23:37:48.0382 3968 scfilter - ok >

< 23:37:48.0497 3968 sdbus (4e54822ed2350eb1f31f95f0fd674ef3) C:\Windows\system32\DRIVERS\sdbus.sys >

< 23:37:48.0499 3968 sdbus - ok >

< 23:37:48.0533 3968 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys >

< 23:37:48.0534 3968 secdrv - ok >

< 23:37:48.0665 3968 seehcri (ede7a1d2715aac2190d51dc07afd44e3) C:\Windows\system32\DRIVERS\seehcri.sys >

< 23:37:48.0666 3968 seehcri - ok >

< 23:37:48.0725 3968 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys >

< 23:37:48.0726 3968 Serenum - ok >

< 23:37:48.0827 3968 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys >

< 23:37:48.0829 3968 Serial - ok >

< 23:37:48.0879 3968 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys >

< 23:37:48.0880 3968 sermouse - ok >

< 23:37:49.0003 3968 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\drivers\SFEP.sys >

< 23:37:49.0004 3968 SFEP - ok >

< 23:37:49.0035 3968 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys >

< 23:37:49.0035 3968 sffdisk - ok >

< 23:37:49.0139 3968 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys >

< 23:37:49.0140 3968 sffp_mmc - ok >

< 23:37:49.0162 3968 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\drivers\sffp_sd.sys >

< 23:37:49.0163 3968 sffp_sd - ok >

< 23:37:49.0278 3968 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys >

< 23:37:49.0279 3968 sfloppy - ok >

< 23:37:49.0325 3968 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys >

< 23:37:49.0333 3968 Sftfs - ok >

< 23:37:49.0446 3968 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys >

< 23:37:49.0449 3968 Sftplay - ok >

< 23:37:49.0480 3968 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys >

< 23:37:49.0481 3968 Sftredir - ok >

< 23:37:49.0540 3968 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys >

< 23:37:49.0541 3968 Sftvol - ok >

< 23:37:49.0631 3968 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys >

< 23:37:49.0632 3968 SiSRaid2 - ok >

< 23:37:49.0700 3968 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys >

< 23:37:49.0701 3968 SiSRaid4 - ok >

< 23:37:49.0776 3968 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys >

< 23:37:49.0777 3968 Smb - ok >

< 23:37:49.0924 3968 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys >

< 23:37:49.0925 3968 spldr - ok >

< 23:37:49.0992 3968 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys >

< 23:37:49.0998 3968 srv - ok >

< 23:37:50.0127 3968 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys >

< 23:37:50.0131 3968 srv2 - ok >

< 23:37:50.0185 3968 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys >

< 23:37:50.0186 3968 srvnet - ok >

< 23:37:50.0286 3968 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys >

< 23:37:50.0287 3968 stexstor - ok >

< 23:37:50.0334 3968 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys >

< 23:37:50.0335 3968 swenum - ok >

< 23:37:50.0520 3968 Tcpip (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\drivers\tcpip.sys >

< 23:37:50.0540 3968 Tcpip - ok >

< 23:37:50.0704 3968 TCPIP6 (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\DRIVERS\tcpip.sys >

< 23:37:50.0719 3968 TCPIP6 - ok >

< 23:37:50.0820 3968 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys >

< 23:37:50.0821 3968 tcpipreg - ok >

< 23:37:50.0858 3968 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys >

< 23:37:50.0859 3968 TDPIPE - ok >

< 23:37:50.0891 3968 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys >

< 23:37:50.0892 3968 TDTCP - ok >

< 23:37:50.0987 3968 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys >

< 23:37:50.0989 3968 tdx - ok >

< 23:37:51.0118 3968 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys >

< 23:37:51.0119 3968 TermDD - ok >

< 23:37:51.0242 3968 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys >

< 23:37:51.0243 3968 tssecsrv - ok >

< 23:37:51.0279 3968 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys >

< 23:37:51.0280 3968 tunnel - ok >

< 23:37:51.0370 3968 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys >

< 23:37:51.0372 3968 uagp35 - ok >

< 23:37:51.0413 3968 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys >

< 23:37:51.0417 3968 udfs - ok >

< 23:37:51.0549 3968 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys >

< 23:37:51.0550 3968 uliagpkx - ok >

< 23:37:51.0591 3968 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys >

< 23:37:51.0592 3968 umbus - ok >

< 23:37:51.0689 3968 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys >

< 23:37:51.0689 3968 UmPass - ok >

< 23:37:51.0746 3968 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys >

< 23:37:51.0747 3968 usbaudio - ok >

< 23:37:51.0859 3968 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys >

< 23:37:51.0860 3968 usbccgp - ok >

< 23:37:51.0907 3968 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys >

< 23:37:51.0908 3968 usbcir - ok >

< 23:37:52.0028 3968 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys >

< 23:37:52.0029 3968 usbehci - ok >

< 23:37:52.0105 3968 usbet (3d879cdc1401d960e25250c6af854ff0) C:\Windows\system32\DRIVERS\ETdrv.sys >

< 23:37:52.0108 3968 usbet - ok >

< 23:37:52.0226 3968 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys >

< 23:37:52.0230 3968 usbhub - ok >

< 23:37:52.0292 3968 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys >

< 23:37:52.0292 3968 usbohci - ok >

< 23:37:52.0334 3968 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys >

< 23:37:52.0335 3968 usbprint - ok >

< 23:37:52.0443 3968 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys >

< 23:37:52.0444 3968 usbscan - ok >

< 23:37:52.0508 3968 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS >

< 23:37:52.0509 3968 USBSTOR - ok >

< 23:37:52.0610 3968 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys >

< 23:37:52.0611 3968 usbuhci - ok >

< 23:37:52.0674 3968 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys >

< 23:37:52.0676 3968 usbvideo - ok >

< 23:37:52.0761 3968 V0540Dev (8242985b0eb906c921075a8635069860) C:\Windows\system32\DRIVERS\V0540Vid.sys >

< 23:37:52.0764 3968 V0540Dev - ok >

< 23:37:52.0919 3968 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys >

< 23:37:52.0920 3968 vdrvroot - ok >

< 23:37:52.0981 3968 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys >

< 23:37:52.0982 3968 vga - ok >

< 23:37:53.0078 3968 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys >

< 23:37:53.0079 3968 VgaSave - ok >

< 23:37:53.0116 3968 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys >

< 23:37:53.0119 3968 vhdmp - ok >

< 23:37:53.0220 3968 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys >

< 23:37:53.0221 3968 viaide - ok >

< 23:37:53.0266 3968 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys >

< 23:37:53.0267 3968 volmgr - ok >

< 23:37:53.0371 3968 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys >

< 23:37:53.0375 3968 volmgrx - ok >

< 23:37:53.0412 3968 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys >

< 23:37:53.0415 3968 volsnap - ok >

< 23:37:53.0516 3968 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys >

< 23:37:53.0518 3968 vsmraid - ok >

< 23:37:53.0648 3968 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys >

< 23:37:53.0649 3968 vwifibus - ok >

< 23:37:53.0685 3968 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys >

< 23:37:53.0686 3968 vwififlt - ok >

< 23:37:53.0784 3968 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys >

< 23:37:53.0785 3968 WacomPen - ok >

< 23:37:53.0854 3968 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys >

< 23:37:53.0856 3968 WANARP - ok >

< 23:37:53.0863 3968 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys >

< 23:37:53.0866 3968 Wanarpv6 - ok >

< 23:37:53.0972 3968 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys >

< 23:37:53.0973 3968 Wd - ok >

< 23:37:54.0028 3968 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys >

< 23:37:54.0035 3968 Wdf01000 - ok >

< 23:37:54.0191 3968 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys >

< 23:37:54.0192 3968 WfpLwf - ok >

< 23:37:54.0215 3968 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys >

< 23:37:54.0216 3968 WIMMount - ok >

< 23:37:54.0381 3968 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys >

< 23:37:54.0382 3968 WinUsb - ok >

< 23:37:54.0431 3968 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys >

< 23:37:54.0431 3968 WmiAcpi - ok >

< 23:37:54.0566 3968 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys >

< 23:37:54.0567 3968 ws2ifsl - ok >

< 23:37:54.0600 3968 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys >

< 23:37:54.0601 3968 WudfPf - ok >

< 23:37:54.0715 3968 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys >

< 23:37:54.0718 3968 WUDFRd - ok >

< 23:37:54.0782 3968 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys >

< 23:37:54.0787 3968 yukonw7 - ok >

< 23:37:54.0829 3968 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 >

< 23:37:54.0851 3968 \Device\Harddisk0\DR0 - ok >

< 23:37:54.0855 3968 Boot (0x1200) (b6a7ad7727b25f7bc5dfc06ec8ad33dd) \Device\Harddisk0\DR0\Partition0 >

< 23:37:54.0856 3968 \Device\Harddisk0\DR0\Partition0 - ok >

< 23:37:54.0869 3968 Boot (0x1200) (7328d962628a364139cee78fb8f6cb42) \Device\Harddisk0\DR0\Partition1 >

< 23:37:54.0870 3968 \Device\Harddisk0\DR0\Partition1 - ok >

< 23:37:54.0872 3968 ============================================================ >

< 23:37:54.0872 3968 Scan finished >

< 23:37:54.0872 3968 ============================================================ >

< 23:37:54.0881 5020 Detected object count: 0 >

< 23:37:54.0881 5020 Actual detected object count: 0 >

========== Alternate Data Streams ==========

@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:FDDD8917
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:F63A059B

< End of report >

lacrima25 · 25.10.2011, 23:00

Extra TxtOTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 25.10.2011 23:42:07 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Administrator\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 2,25 Gb Available Physical Memory | 58,39% Memory free
7,71 Gb Paging File | 5,89 Gb Available in Paging File | 76,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287,07 Gb Total Space | 191,08 Gb Free Space | 66,56% Space Free | Partition Type: NTFS
Drive E: | 229,06 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: SONY-VAIO | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{11D25EF7-85FC-4B58-8278-485939C8637F}" = VAIO Update Merge Module x64
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{26A24AE4-039D-4CA4-87B4-2F86416016FF}" = Java(TM) 6 Update 16 (64-bit)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8D1163BE-5ECD-0303-87F7-35ED38BBB2E1}" = ATI Catalyst Install Manager
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BF456ADA-407C-BFA2-52DA-08ECE9E18549}" = ccc-utility64
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)
"930E4792BDAEAFB62A9514EE7578775658A5D07C" = Windows Driver Package - Broadcom Bluetooth  (09/09/2009 6.2.0.9405)
"Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit
"CCleaner" = CCleaner
"Creative VF0540" = Creative Live! Cam Video IM/Video Chat (VF0540) (1.01.03.00)
"EPSON SX100 Series" = EPSON SX100 Series Printer Uninstall
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08096C0A-B9B2-7F42-3760-BD9A1CBA9A6E}" = Catalyst Control Center Graphics Full Existing
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{0F895695-33CC-4203-9C47-25EF2AC9441C}" = Media Go
"{10014C6B-F482-991B-8865-32BFEA347CE1}" = CCC Help Hungarian
"{12D0BE8D-538C-4AB1-86DE-C540308F50DA}" = VAIO Content Metadata Manager Settings
"{1404E04F-C98C-5195-251E-9CED867E37D7}" = CCC Help French
"{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"{1AA0193C-398B-D400-A156-C060CFDDF132}" = Catalyst Control Center Core Implementation
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1E450972-E996-4EC1-A4C3-1518A46928D0}" = VAIO Content Metadata Intelligent Network Service Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FD416D0-CC16-41D1-A25C-C9986CD8BBAB}" = VAIO Content Metadata Intelligent Analyzing Manager
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{208345BE-27BB-4367-B245-A5B6E764FDD0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{2110ECBD-BF15-4673-8852-8C68DDEB26AC}" = Media Gallery
"{233C14B1-D05F-96A7-1509-C87417F899F8}" = CCC Help Turkish
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = Einstellungen für VAIO-Inhaltsüberwachung
"{2637552C-A1EE-D6C9-3D9E-716BCB76081D}" = ccc-core-static
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 26
"{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}" = VAIO Content Metadata XML Interface Library
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.011.00
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34DC654E-6E43-4BFA-9E00-6C16CFA7B9F0}" = VAIO Data Restore Tool
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{37531547-B1F4-45E6-98FC-8AF5F2F0EAA4}" = VAIO Content Metadata Manager Settings
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4427F384-B5BE-4769-B7D0-C784FC321EB1}" = VAIO Content Metadata Intelligent Network Service Manager
"{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{49939C5A-7835-120D-1195-7374E1AE1CAB}" = CCC Help Spanish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5810367F-CB89-1257-0283-EC37270741E7}" = CCC Help Russian
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data
"{5A4C0B1D-2379-AAE0-4907-56E83D6D8A8C}" = CCC Help Italian
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{650CF18F-629C-3CF1-307D-5C93321B41CD}" = Catalyst Control Center Graphics Full New
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69131367-6458-6271-8277-25E408572433}" = CCC Help German
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D8ED20E-E792-4DAC-BB66-009836CBD80B}" = VAIO Content Monitoring Settings
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{70991E0A-1108-437E-BA7D-085702C670C0}" = 
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72A6B2E5-3286-4D77-8AAC-A4BE2A8FCB90}" = CCC Help Finnish
"{7392AA60-133D-4761-94DB-8FBC9B6CD5EA}" = VAIO Content Metadata Intelligent Network Service Manager
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = VAIO Energie Verwaltung
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 3.5.3
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{87A29380-9FFF-6D32-BBF1-61569DFD5BEA}" = CCC Help Portuguese
"{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D047BB8-0D97-4163-27CE-351BDF225D00}" = Catalyst Control Center Localization All
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8F862B8C-D3F7-74F5-6C08-F0F70F744FF7}" = CCC Help Japanese
"{90120000-00B2-0407-0000-0000000FF1CE}" = Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931FE23C-BB40-4C7A-A594-DB35908D8E83}" = VAIO Quick Web Access
"{935B5086-C002-0FBC-0723-5741D2478EE7}" = Catalyst Control Center InstallProxy
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = 
"{96D8E26D-70CB-44DE-AE50-43095A39E5B2}" = VAIO Entertainment Platform
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B163B82-3B46-4CE5-BF01-A53E550A8E58}" = Sony Home Network Library
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA53D22-D922-494C-B1D7-51CD9BCB9E4A}" = VAIO Hardware Diagnostics
"{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack
"{9EAC0E21-510E-4259-A9C6-F5D5B8969036}" = Catalyst Control Center - Branding
"{A0F4F993-C4A7-F093-CF8D-5F03B39252F2}" = CCC Help Thai
"{A3563827-B0DB-44DC-B037-15CC4E5E692F}" = VAIO Content Metadata XML Interface Library
"{A477F82B-F291-5BB0-74FF-6654A27B311A}" = CCC Help Dutch
"{A4EFAC49-5605-E9FA-5C1B-75D8AACF6139}" = Catalyst Control Center Graphics Light
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Funktion Einstellungen
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A95187EF-BCF4-4468-B501-C0BAB976ADD1}" = VAIO Personalization Manager
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AA5B1F20-3E6C-49C5-B7D2-B1F623C61EF4}" = Sound Blaster X-Fi Go!
"{AA668097-C081-B41E-DEDA-83BB12B7E85F}" = CCC Help Korean
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB259D46-F851-41B0-9AFA-AED8998AD68A}" = MusicStation
"{AC050677-EAFC-4B57-8F83-8205F65134D2}" = VAIO Content Metadata XML Interface Library
"{AC76BA86-7AD7-1031-7B44-A92000000001}" = Adobe Reader 9.2 - Deutsch
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B1DADBEB-7F82-4B29-84D6-5F14A020F0A0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{B2F0AAB1-8C1C-1EFE-6594-417BBB023D6B}" = CCC Help Czech
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{BCA907B6-5A0F-473E-8C63-0FF0CFAEB7B7}" = VAIO Personalization Manager
"{C0618520-5C63-1583-B78A-CEE1139EF1E6}" = CCC Help Polish
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C84E8865-5E2B-5A46-99F2-B8A35917B8BF}" = Catalyst Control Center Graphics Previews Common
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}" = Sony Home Network Library
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D36B6249-71E7-9E85-A9D6-E2239783301E}" = CCC Help Norwegian
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D531F5A4-18F6-4130-B9A4-9179D6E349FC}" = VAIO Care
"{D5DC1775-F67A-6399-BE1D-960FC2254F91}" = CCC Help Chinese Standard
"{D604D3C7-337D-FE67-09DE-A641D3B4D886}" = CCC Help Danish
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{DD23714B-A2C6-A6D2-9309-75AFAFF1F8E6}" = CCC Help English
"{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = Media Gallery
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3DC1111-5D32-40F9-BB81-64E31294C1A4}" = VAIO Personalization Manager
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E7D5D189-E71D-EA01-419F-699F57B1ED65}" = Catalyst Control Center Graphics Previews Vista
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED1674F5-5165-49BF-B546-AE5343111540}" = WebCam
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{ED721ABC-423D-4F7D-AEBB-E1E39C388E84}" = Facebook Video Calling 1.0.0.8714
"{EE3A0915-E8E5-4F1C-A048-592B7BD374D7}" = MAGIX Video deluxe 17 Download-Version
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1432614-6183-49E6-98E8-674485463CFE}" = VAIO Original Function Settings
"{F2894826-BF35-CE79-5EA6-7BAD1DF6F8BF}" = CCC Help Greek
"{F392063E-8736-7812-47E7-7598F0B56D9D}" = CCC Help Swedish
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" = 
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"{FF4EB4E5-55BB-D9AF-B5A2-3D6F359E7472}" = CCC Help Chinese Traditional
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"Audiograbber" = Audiograbber 1.83 SE 
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Bass Audio Decoder" = Bass Audio Decoder (remove only)
"CamStudio" = CamStudio
"CDex" = CDex - Open Source Digital Audio CD Extractor
"Das Buch der Legenden" = Das Buch der Legenden
"DebugMode Wax 2.0" = DebugMode Wax 2.0
"DivX Setup.divx.com" = DivX-Setup
"DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER
"EPSON Scanner" = EPSON Scan
"Escape from Lost Island" = Escape from Lost Island
"ffdshow_is1" = ffdshow v1.1.3966 [2011-08-09]
"FileZilla Client" = FileZilla Client 3.5.1
"FM PDF To JPG Converter Free 1.01_is1" = FM PDF To JPG Converter Free 1.01
"FoxTab PDF Converter" = FoxTab PDF Converter
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.93
"Free Video to iPhone Converter_is1" = Free Video to iPhone Converter version 3.2.19.602
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 4.2.20.426
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.32
"Google Chrome" = Google Chrome
"GPL Ghostscript 8.71 Lite_is1" = GPL Ghostscript 8.71 Lite
"InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide
"InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.5.0 (Full)
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"ManyCam" = ManyCam 2.6.43 (remove only)
"MarketingTools" = VAIO Marketing Tools
"Mozilla Firefox 7.0.1 (x86 de)" = Mozilla Firefox 7.0.1 (x86 de)
"Mozilla Thunderbird (7.0.1)" = Mozilla Thunderbird (7.0.1)
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"PDF Editor 3" = PDF Editor 3
"splashtop" = VAIO Quick Web Access
"TeamViewer 6" = TeamViewer 6
"Uninstall_is1" = Uninstall 1.0.0.1
"Update Service" = Sony Ericsson Update Service
"VAIO Help and Support" = 
"VAIO Premium Partners" = VAIO Premium Partners
"VAIO screensaver" = VAIO screensaver
"VLC media player" = VLC media player 1.1.8
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"WordToPDF_is1" = WordToPDF 2.4
"Yahtzee Deluxe" = Yahtzee Deluxe
"Zylom Games Player Plugin" = Zylom Games Player Plugin
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >

--- --- ---

lacrima25 · 25.10.2011, 23:01

Den OTL Txt wollte das Forum nicht annehmen weil er länger als 100000 Zeichen ist, deshalb musste ich ihn splitten :-/

lacrima25 · 25.10.2011, 23:04

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-10-26 00:02:08
-----------------------------
00:02:08.311 OS Version: Windows x64 6.1.7600
00:02:08.311 Number of processors: 4 586 0x2502
00:02:08.311 ComputerName: SONY-VAIO UserName:
00:02:09.808 Initialize success
00:02:47.794 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
00:02:47.794 Disk 0 Vendor: Hitachi_ PB3O Size: 305245MB BusType: 3
00:02:47.810 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000066
00:02:47.810 Disk 1 Vendor: RICOH 02 Size: 305245MB BusType: 0
00:02:47.810 Disk 2 \Device\Harddisk2\DR2 -> \Device\00000067
00:02:47.825 Disk 2 Vendor: RICOH 02 Size: 305245MB BusType: 0
00:02:47.841 Disk 0 MBR read successfully
00:02:47.841 Disk 0 MBR scan
00:02:47.857 Disk 0 TDL4@MBR code has been found
00:02:47.857 Disk 0 Windows 7 default MBR code found via API
00:02:47.857 Disk 0 MBR hidden
00:02:47.857 Disk 0 MBR [TDL4] **ROOTKIT**
00:02:47.872 Disk 0 trace - called modules:
00:02:47.872 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80061ef254]<<
00:02:48.387 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80061ce060]
00:02:48.387 3 CLASSPNP.SYS[fffff8800104d43f] -> nt!IofCallDriver -> [0xfffffa8003571e40]
00:02:48.403 5 ACPI.sys[fffff88000f06781] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004320050]
00:02:48.403 \Driver\iaStor[0xfffffa80042e2060] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0xfffffa80061ef254
00:02:48.418 Scan finished successfully
00:03:14.439 Disk 0 MBR has been saved successfully to "C:\Users\Public\Documents\MBR.dat"
00:03:14.439 The log file has been saved successfully to "C:\Users\Public\Documents\aswMBR.txt"

lacrima25 · 25.10.2011, 23:05

So ich hoffe dass ich das jetzt alles richtig gemacht habe und vor allem dass es normal ist dass die reports so unendlich lang sind :-/

Bin gespannt ob "wir" das Problem lösen können. Danke schonmal!

Swisstreasure · 26.10.2011, 14:25

Schritt 1

Downloade Dir bitte rKill ( by Grinler ) von einem dieser Downloadspiegel.

Dies sind umbenannte Kopien

und speichere die Datei auf dem Desktop.

Nun sollte ein schwarzes Fenster aufpoppen und dir zeigen das es läuft.
Wenn das nicht der Fall ist, lösche die vorhandene Version und benutz einen anderen Downloadlink.
Lass das Tool in Ruhe laufen

Sollte es bei keinem der aufgeführten Downloadlinks laufen, teile mir das bitte mit.

Schritt 2

MBR mit aswMBR von Avast wiederherstellen

Lade (falls noch nicht vorhanden) aswMBR.exe von Avast herunter und speichere das Tool auf deinem Desktop (nicht woanders hin).
XP Benutzer: Doppelklick auf die aswMBR.exe, um das Tool zu starten.
Vista und Windows 7 Benutzer: Rechtsklick auf die aswMBR.exe und Als Administrator starten wählen.
Es wird sich ein Eingabe-Fenster mit einigen Angaben öffnen.

Klicke Scan, um den Suchlauf zu starten.

Wenn der Scan beendet ist, was mit Scan finished sucessfull! angezeigt und eine MBR-Infektion gemeldet wird, klicke Fix (bei TLD) oder FixMBR (bei Whistler), um den MBR wiederherzustellen.

Info: Was ist eigentlich ein MBR?

Schritt 3

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt in die Textbox.

Code:

ATTFilter

:OTL
PRC - [2011.10.25 20:43:33 | 000,328,592 | -H-- | M] () -- C:\ProgramData\1kAlMiG2Kb7FzP.exe
PRC - [2011.10.25 15:20:04 | 000,400,784 | -H-- | M] () -- C:\ProgramData\qJaYXNTmAyeownB.exe
MOD - [2011.10.25 20:43:33 | 000,328,592 | -H-- | M] () -- C:\ProgramData\1kAlMiG2Kb7FzP.exe
MOD - [2011.10.25 15:20:04 | 000,400,784 | -H-- | M] () -- C:\ProgramData\qJaYXNTmAyeownB.exe
O4 - HKLM..\Run: [qJaYXNTmAyeownB.exe] C:\ProgramData\qJaYXNTmAyeownB.exe ()
[2011.10.25 15:25:05 | 000,000,432 | -H-- | M] () -- C:\ProgramData\6DSS92c31Apgjk
[2011.10.25 15:22:46 | 000,000,232 | -H-- | M] () -- C:\ProgramData\~6DSS92c31Apgjk
[2011.10.25 15:22:46 | 000,000,112 | -H-- | M] () -- C:\ProgramData\~6DSS92c31Apgjkr
[2011.10.25 15:20:04 | 000,400,784 | -H-- | M] () -- C:\ProgramData\qJaYXNTmAyeownB.exe
[2011.10.25 20:44:08 | 000,000,232 | -H-- | M] () -- C:\ProgramData\~1kAlMiG2Kb7FzP
[2011.10.25 20:44:08 | 000,000,112 | -H-- | M] () -- C:\ProgramData\~1kAlMiG2Kb7FzPr
[2011.10.25 20:43:53 | 000,000,408 | -H-- | M] () -- C:\ProgramData\1kAlMiG2Kb7FzP
[2011.10.25 20:43:33 | 000,328,592 | -H-- | M] () -- C:\ProgramData\1kAlMiG2Kb7FzP.exe
[2011.10.25 15:22:46 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Restore
[2011.10.25 19:54:22 | 000,000,657 | -H-- | M] () -- C:\Users\Administrator\Desktop\System Restore.lnk
[2011.10.25 15:22:46 | 000,000,232 | -H-- | C] () -- C:\ProgramData\~6DSS92c31Apgjk
[2011.10.25 15:22:46 | 000,000,112 | -H-- | C] () -- C:\ProgramData\~6DSS92c31Apgjkr
[2011.10.25 15:22:43 | 000,000,432 | -H-- | C] () -- C:\ProgramData\6DSS92c31Apgjk
[2011.10.25 15:20:06 | 000,400,784 | -H-- | C] () -- C:\ProgramData\qJaYXNTmAyeownB.exe
[2011.10.25 20:44:08 | 000,000,112 | -H-- | C] () -- C:\ProgramData\~1kAlMiG2Kb7FzPr
[2011.10.25 20:44:07 | 000,000,232 | -H-- | C] () -- C:\ProgramData\~1kAlMiG2Kb7FzP
[2011.10.25 20:43:42 | 000,000,408 | -H-- | C] () -- C:\ProgramData\1kAlMiG2Kb7FzP
[2011.10.25 20:43:33 | 000,328,592 | -H-- | C] () -- C:\ProgramData\1kAlMiG2Kb7FzP.exe
[2011.10.25 19:54:22 | 000,000,657 | -H-- | C] () -- C:\Users\Administrator\Desktop\System Restore.lnk
:Commands
[purity]
[emptytemp]

Schliesse bitte nun alle Programme.
Klicke nun bitte auf den Fix Button.
OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
( Auch zu finden unter C:\_OTL\MovedFiles\<time_date>.txt)
Kopiere nun den Inhalt hier in Deinen Thread

lacrima25 · 29.10.2011, 14:44

Entschuldigung dass ich mich jetzt erst zurück melde. Mein Laptop war bis heute bei einem IT-Fachmann. Der hat ihn komplett platt gemacht und Windows neu aufgespielt. Er läuft jetzt wieder. ABER avira finget immer noch den Boo/Tdss.D im Masterbootsektor und auf der Festplatte. Das Ding hat also den kompletten Vorgang "überlebt"... was kann man denn noch machen?

Swisstreasure · 30.10.2011, 20:26

Dann bring ihn nochmals zu diesem IT Fachmann!

25.10.2011, 22:25	#4
Swisstreasure /// Malwareteam	Boo/TDss.D Ich habe Dir doch alles schön gepostet: http://www.trojaner-board.de/104493-...tml#post713240

30.10.2011, 20:26	#15
Swisstreasure /// Malwareteam	Boo/TDss.D Dann bring ihn nochmals zu diesem IT Fachmann!

Boo/TDss.D

Log-Analyse und Auswertung: Boo/TDss.D

Boo/TDss.D

Boo/TDss.D

logfile Boo/TDss.D Auswertung, Festplatte "weg"

Boo/TDss.D

Boo/TDss.D

Boo/TDss.D

Boo/TDss.D

Boo/TDss.D

Boo/TDss.D

Boo/TDss.D

Boo/TDss.D

Boo/TDss.D

Boo/TDss.D

Boo/TDss.D

Boo/TDss.D

Ähnliche Themen: Boo/TDss.D

25.10.2011, 22:33	#5
lacrima25	Boo/TDss.D Danke für die schnell Antwort. Hatte mich hier noch nicht so zurecht gefunden, deshalb der Doppelpost, entschuldigung. Ich mach mcih jetzt mal an die Schritte.

25.10.2011, 23:01	#10
lacrima25	Boo/TDss.D Den OTL Txt wollte das Forum nicht annehmen weil er länger als 100000 Zeichen ist, deshalb musste ich ihn splitten :-/

25.10.2011, 23:05	#12
lacrima25	Boo/TDss.D So ich hoffe dass ich das jetzt alles richtig gemacht habe und vor allem dass es normal ist dass die reports so unendlich lang sind :-/ Bin gespannt ob "wir" das Problem lösen können. Danke schonmal!

29.10.2011, 14:44	#14
lacrima25	Boo/TDss.D Entschuldigung dass ich mich jetzt erst zurück melde. Mein Laptop war bis heute bei einem IT-Fachmann. Der hat ihn komplett platt gemacht und Windows neu aufgespielt. Er läuft jetzt wieder. ABER avira finget immer noch den Boo/Tdss.D im Masterbootsektor und auf der Festplatte. Das Ding hat also den kompletten Vorgang "überlebt"... was kann man denn noch machen?