Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
SystemFix auf meinem Laptop

SystemFix auf meinem Laptop


Plagegeister aller Art und deren Bekämpfung: SystemFix auf meinem Laptop

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 4 1 23 Letzte »
Alt 26.11.2011, 23:43   #1
charli8
 
SystemFix auf meinem Laptop - Standard

SystemFix auf meinem Laptop


Hallo Helfer vom Trojaner-Board.

Ich habe mir vor einigen Tagen den Virus "System Fix" eingefangen . Die Folgen waren folgende :
- jegliche Verknüpfungen auf dem Desktop waren verschwunden
- das Startmenü war komplett leer
- ich konnte auf keine Ordner mehr zugreifen
- wenn ich bei Google auf Links klicke , öffnet sich erst bei nach dem 3.-4. Versuche das gewünschte Fenster
- Mein Pc fing an mit mir zu "reden" , ich hörte jegliche Werbeanzeigen aus dem Internet , jedoch war kein Fenster geöffnet

Da ich zur Zeit nicht zu Hause bin konnte ich auch nicht einfach mal zu meinem Freund gehen , der mir normalerweise alles wieder gerade biegt in Sachen PC's. Ich habe dann also auf eigene Faust versuchst , dass Problem wieder in den Griff zu bekommen . Durch google bin ich dann auf dieses Forum gekommen und habe mir mehrere ähnlich klingende Probleme durchgelesen.
Um den Virus zu beseitigen habe ich öfters "Malwarebytes" drüber laufen lassen & "Spybot - Search and Destroy" - diese hatte mir mein Freund empfohlen . In eurem Forum bin ich dann auch auf die Datei "unhide.exe" gestoßen und habe sie runtergeladen , damit ich meine ordner wieder sichtbar wurden. Ich hoffe das war kein Fehler.
Mein System ist Windows 7 64bit und der Grund warum ich schreibe ist , dass ich mit Sicherheit sagen kann , dass mein Laptop immernoch nicht sauber ist.

Denn :
- das Problem mit google ist immernoch vorhanden
- auf der rechten Seite des Startmenüs steht nur "Computer"
- ich habe den Adobe Flashplayer nicht mehr ( keine Ahnung warum er gelöscht wurde ) aufjedenfall kann ich keine Videos mehr abspielen und wenn ich ihn wieder installieren möchte , sagt es mir an , dass ich doch bitte "internet explorer" schließen soll , obwohl alle Fenster geschlossen sind. Zudem kann ich IE nicht deinstallieren oder löschen.

Ich habe mir natürlich die Anleitung durchgelesen und habe die "defogger" Datei ausgeführt - jedoch hat diese mich nicht dazu aufgefordert den PC neu zu starten.

OTL habe ich auch ausgeführt , die beiden Textdateien die dabei herauskamen sind hier :

OTL.txt
Zitat:
OTL logfile created on: 26.11.2011 16:30:07 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\CHARLI8\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,67 Gb Total Physical Memory | 1,31 Gb Available Physical Memory | 35,61% Memory free
7,34 Gb Paging File | 4,42 Gb Available in Paging File | 60,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284,86 Gb Total Space | 204,01 Gb Free Space | 71,62% Space Free | Partition Type: NTFS

Computer Name: CHARLI8| User Name: CHARLI8 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.11.26 16:26:47 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\CHARLI8\Desktop\OTL.exe
PRC - [2011.07.25 10:41:48 | 000,433,360 | ---- | M] (Sony Ericsson) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
PRC - [2011.07.08 03:32:20 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.05.02 10:51:20 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.02.14 06:23:50 | 000,044,736 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCService.exe
PRC - [2011.01.28 22:36:18 | 000,081,016 | ---- | M] (Sony of America Corporation) -- C:\Programme\Sony\VAIO Care\listener.exe
PRC - [2011.01.10 08:22:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.12.13 13:52:46 | 000,074,960 | ---- | M] () -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe
PRC - [2010.10.27 13:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010.09.14 04:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010.09.14 04:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010.06.22 09:49:06 | 000,965,248 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\Magic-i Visual Effects.exe
PRC - [2010.06.22 02:39:28 | 000,183,152 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe
PRC - [2010.06.22 02:39:28 | 000,081,264 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
PRC - [2010.06.20 14:47:18 | 000,108,400 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
PRC - [2010.06.20 14:47:16 | 000,099,696 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
PRC - [2010.06.20 14:47:16 | 000,067,952 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
PRC - [2010.06.18 00:07:12 | 000,423,280 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
PRC - [2010.06.17 05:44:10 | 000,851,824 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2010.06.09 08:56:02 | 000,384,880 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
PRC - [2010.06.09 08:55:00 | 000,537,456 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
PRC - [2010.06.08 16:55:16 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2010.05.31 20:01:56 | 000,367,456 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2010.05.31 20:01:54 | 000,600,928 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2010.05.31 12:18:32 | 000,217,968 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2010.05.31 12:18:32 | 000,120,176 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2010.05.31 10:01:52 | 000,673,136 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2010.05.28 15:02:57 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.05.28 15:02:38 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.03.18 05:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010.03.03 22:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.03.03 22:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.01.20 07:24:12 | 000,087,408 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Personalization Manager\VpmIfPav.exe
PRC - [2009.10.08 22:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009.01.26 08:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe


========== Modules (No Company Name) ==========

MOD - [2011.10.14 07:55:46 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\3c8f9ba115087754b5b1d8394fc818ba\IAStorUtil.ni.dll
MOD - [2011.10.14 07:51:24 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8e7909ef6b5f953d49244c6b9f5f5100\System.Web.ni.dll
MOD - [2011.10.14 07:51:16 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll
MOD - [2011.10.14 07:50:43 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011.10.14 07:50:35 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011.10.14 07:50:21 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011.10.14 07:50:15 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011.10.14 07:50:11 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011.10.14 07:50:10 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011.10.14 07:50:00 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011.10.05 11:57:36 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\MExplorer.dll
MOD - [2011.07.22 13:41:26 | 000,508,928 | ---- | M] () -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PhoneUpdate.dll
MOD - [2010.12.13 13:52:46 | 000,074,960 | ---- | M] () -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe
MOD - [2010.12.13 09:58:50 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\TMonitorAPI.dll
MOD - [2010.11.12 19:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.07.28 06:22:30 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.03.18 08:55:52 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\Report.dll
MOD - [2010.01.20 06:57:56 | 000,495,616 | ---- | M] () -- C:\Programme\Sony\VAIO Personalization Manager\sqlite3.dll
MOD - [2010.01.11 15:44:54 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\VObject.dll
MOD - [2007.12.12 09:19:14 | 000,129,536 | ---- | M] () -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\faceexp.dll
MOD - [2006.11.13 07:01:40 | 000,252,672 | ---- | M] () -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\kgl.dll
MOD - [2006.11.13 07:01:38 | 000,436,992 | ---- | M] () -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\fpxlib.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.09.23 14:37:08 | 001,429,608 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent)
SRV:64bit: - [2011.02.14 06:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Care\VCService.exe -- (VCService)
SRV:64bit: - [2011.01.28 22:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2010.06.21 11:00:52 | 000,575,856 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2010.06.09 08:57:16 | 000,101,232 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2010.06.09 08:56:02 | 000,384,880 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV:64bit: - [2010.06.09 08:55:00 | 000,537,456 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2010.06.08 10:00:04 | 000,836,608 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV:64bit: - [2010.06.06 15:13:46 | 000,304,496 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV - [2011.07.08 03:32:20 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.06.29 14:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2011.05.02 10:51:20 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.09.14 04:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010.09.14 04:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010.07.27 20:42:43 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.06.20 14:47:18 | 000,108,400 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2010.06.20 14:47:16 | 000,067,952 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2010.06.18 00:07:12 | 000,423,280 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2010.06.17 05:44:10 | 000,851,824 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2010.06.08 16:55:14 | 000,952,096 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2010.06.01 08:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010.05.31 20:01:56 | 000,367,456 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2010.05.31 12:18:32 | 000,217,968 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2010.05.28 15:02:57 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010.05.28 15:02:38 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.03.18 07:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 05:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.03.05 03:26:38 | 001,425,168 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2010.03.05 03:06:22 | 000,831,760 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2010.03.03 22:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.10.08 22:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009.06.10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.01.26 08:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008.09.18 03:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.07.08 03:32:22 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.07.08 03:32:22 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.06.01 02:39:22 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2011.06.01 02:39:22 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2011.03.11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 04:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.09.14 04:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010.09.14 04:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010.09.14 04:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010.09.14 04:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010.08.26 04:19:38 | 000,287,232 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010.08.26 04:16:50 | 010,603,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010.06.24 15:06:24 | 006,107,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010.06.23 15:04:45 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.06.23 15:04:43 | 000,342,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010.06.23 15:04:43 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.06.23 15:04:43 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.06.23 15:04:09 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.06.23 15:03:07 | 000,078,848 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe)
DRV:64bit: - [2010.06.23 15:02:59 | 000,094,208 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)
DRV:64bit: - [2010.05.31 16:36:54 | 000,299,568 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2010.05.31 16:36:48 | 000,402,720 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2010.05.31 16:36:41 | 001,573,888 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.05.31 05:05:06 | 007,689,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel(R)
DRV:64bit: - [2010.05.28 15:03:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010.05.28 15:02:36 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2010.04.26 15:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2010.03.03 21:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.07.13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.26 07:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2008.06.15 20:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV - [2009.07.13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\CHARLI8\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)



========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

O1 HOSTS File: ([2010.02.13 11:07:19 | 000,000,833 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll (Google Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [SHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [CAHeadless] C:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Elbserver] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe (Sony Corporation)
O4 - HKCU..\Run: [Facebook Update] C:\Users\CHARLI8\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [Sony Ericsson PC Companion] C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [VRLPHelper] C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe (Sony Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} Reg Error: Value error. (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.250.0.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{87E15578-3EE9-4A61-9E84-F7C6D0BF69FD}: DhcpNameServer = 192.168.1.1 71.250.0.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC863AAA-54E2-4F05-A57B-5B003D0368DB}: DhcpNameServer = 172.16.16.19
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{e64212c5-85ed-11e0-896d-c0cb38e511a6}\Shell - "" = AutoRun
O33 - MountPoints2\{e64212c5-85ed-11e0-896d-c0cb38e511a6}\Shell\AutoRun\command - "" = E:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} -
ActiveX:64bit: >{F65A5BD6-CBD5-44BB-92EE-7CD500DC5948} - RunDLL32 IEDKCS32.DLL,BrandIE4 CUSTOM
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A0BF0257-8190-6222-AEB5-A093EE33E09B} - Browser Customizations
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F24FE3DC-FFFB-FE62-1234-3CFC48FB5B92} - Browser Customizations
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP



CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011.11.26 16:26:47 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\CHARLI8\Desktop\OTL.exe
[2011.11.25 23:29:49 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2011.11.25 23:29:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager
[2011.11.25 23:29:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Task Manager
[2011.11.21 09:00:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011.11.20 17:42:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ViewNX 2
[2011.11.20 17:40:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2011.11.20 10:33:19 | 000,000,000 | ---D | C] -- C:\Users\CHARLI8\Desktop\Bilderchen
[2011.11.20 01:50:41 | 000,000,000 | ---D | C] -- C:\Users\CHARLI8\AppData\Roaming\TrojanHunter
[2011.11.19 22:35:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TrojanHunter 5.5
[2011.11.19 15:58:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011.11.19 10:48:21 | 000,000,000 | ---D | C] -- C:\Users\CHARLI8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Fix
[2011.11.17 08:41:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Nikon
[2011.11.16 20:43:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011.11.16 16:14:46 | 000,000,000 | ---D | C] -- C:\Users\CHARLI8\AppData\Roaming\Nikon
[2011.11.16 16:14:45 | 000,000,000 | ---D | C] -- C:\Users\CHARLI8\AppData\Local\Nikon
[2011.11.16 16:06:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nikon Message Center 2
[2011.11.16 16:05:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nikon
[2011.11.16 16:05:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Ultima_T15
[2011.11.16 16:05:17 | 000,000,000 | ---D | C] -- C:\ProgramData\EnterNHelp
[2011.11.16 16:04:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nikon
[2011.11.16 16:04:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011.11.16 16:04:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011.11.16 16:04:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011.11.16 16:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011.11.16 15:58:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link to Nikon
[2011.11.14 22:16:14 | 000,000,000 | ---D | C] -- C:\Users\CHARLI8\Documents\Adobe Scripts
[2011.11.07 09:20:23 | 000,000,000 | ---D | C] -- C:\Users\CHARLI8\Desktop\Adobe
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.11.26 16:27:01 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.11.26 16:26:47 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Mara Bangert\Desktop\OTL.exe
[2011.11.26 16:23:19 | 000,000,000 | ---- | M] () -- C:\Users\CHARLI8\defogger_reenable
[2011.11.26 16:21:51 | 000,050,477 | ---- | M] () -- C:\Users\CHARLI8\Desktop\Defogger.exe
[2011.11.26 16:18:02 | 000,000,956 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2659469812-1657583075-3705183488-1001UA.job
[2011.11.26 11:05:00 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.26 11:05:00 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.26 11:01:58 | 000,654,844 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.11.26 11:01:58 | 000,616,686 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.11.26 11:01:58 | 000,130,426 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.11.26 11:01:58 | 000,106,808 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.11.26 11:01:57 | 001,500,254 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.11.26 10:57:59 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.11.26 10:57:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.11.26 10:57:20 | 2955,485,184 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.25 22:18:01 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2659469812-1657583075-3705183488-1001Core.job
[2011.11.20 10:36:26 | 000,000,000 | ---- | M] () -- C:\ProgramData\PKP_DLev.DAT
[2011.11.20 10:36:22 | 000,000,000 | ---- | M] () -- C:\ProgramData\PKP_DLes.DAT
[2011.11.20 10:36:18 | 000,000,000 | ---- | M] () -- C:\ProgramData\PKP_DLet.DAT
[2011.11.19 22:35:35 | 000,059,392 | R--- | M] () -- C:\Windows\SysWow64\streamhlp.dll
[2011.11.19 15:58:23 | 000,001,262 | ---- | M] () -- C:\Users\CHARLI8\Desktop\Spybot - Search & Destroy.lnk
[2011.11.19 10:50:04 | 000,000,456 | ---- | M] () -- C:\ProgramData\DhVjm1wHicVwx2
[2011.11.19 10:48:22 | 000,000,288 | ---- | M] () -- C:\ProgramData\~DhVjm1wHicVwx2
[2011.11.19 10:48:22 | 000,000,216 | ---- | M] () -- C:\ProgramData\~DhVjm1wHicVwx2r
[2011.11.16 16:05:18 | 000,000,268 | R--- | M] () -- C:\ProgramData\Chiller
[2011.11.16 16:05:18 | 000,000,268 | R--- | M] () -- C:\Users\CHARLI8\AppData\Roaming\Caches
[2011.11.16 16:05:18 | 000,000,012 | R--- | M] () -- C:\ProgramData\Compressor
[2011.11.16 16:05:17 | 000,000,268 | R--- | M] () -- C:\Users\CHARLI8\AppData\Roaming\CMMs
[2011.11.16 16:05:17 | 000,000,268 | R--- | M] () -- C:\Users\CHARLI8\AppData\Roaming\CIOSupport
[2011.11.16 16:05:17 | 000,000,268 | R--- | M] () -- C:\ProgramData\Channel
[2011.11.16 16:05:17 | 000,000,012 | R--- | M] () -- C:\ProgramData\Common
[2011.11.16 16:05:17 | 000,000,012 | R--- | M] () -- C:\ProgramData\Command Line Utility
[2011.11.09 07:31:23 | 004,858,080 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.11.07 10:17:30 | 000,002,072 | ---- | M] () -- C:\Users\Public\Desktop\Lightroom 3.5 64-Bit.lnk
[2011.11.05 07:30:07 | 000,348,543 | ---- | M] () -- C:\test.xml
[2011.11.02 20:42:35 | 458,987,730 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.10.29 12:29:16 | 000,045,953 | ---- | M] () -- C:\Users\CHARLI8\Desktop\wetter.jpg
[2011.10.28 08:02:03 | 000,002,268 | ---- | M] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 2.0.lnk
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.11.26 16:23:19 | 000,000,000 | ---- | C] () -- C:\Users\CHARLI8\defogger_reenable
[2011.11.26 16:21:51 | 000,050,477 | ---- | C] () -- C:\Users\CHARLI8 \Desktop\Defogger.exe
[2011.11.20 17:42:50 | 000,002,268 | ---- | C] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 2.0.lnk
[2011.11.20 17:42:50 | 000,002,072 | ---- | C] () -- C:\Users\Public\Desktop\Lightroom 3.5 64-Bit.lnk
[2011.11.20 17:42:46 | 000,000,834 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2011.11.20 17:42:44 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011.11.20 17:42:44 | 000,001,352 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
[2011.11.20 17:42:44 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011.11.20 17:42:44 | 000,001,246 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
[2011.11.20 17:42:44 | 000,001,210 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[2011.11.20 17:42:44 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
[2011.11.20 17:42:43 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2011.11.20 17:42:43 | 000,002,435 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
[2011.11.20 17:42:43 | 000,002,177 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Elements 8.0.lnk
[2011.11.20 17:42:43 | 000,002,080 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 3.5 64-Bit.lnk
[2011.11.20 17:42:43 | 000,002,076 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Gate.lnk
[2011.11.20 17:42:43 | 000,002,017 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care.lnk
[2011.11.20 17:42:43 | 000,001,995 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk
[2011.11.20 17:42:43 | 000,001,965 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music Unlimited powered by Qriocity.lnk
[2011.11.20 17:42:43 | 000,001,533 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Control Center.lnk
[2011.11.20 17:42:43 | 000,001,523 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk
[2011.11.20 17:42:43 | 000,001,430 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iGoogle.lnk
[2011.11.20 17:42:43 | 000,001,357 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk
[2011.11.20 17:42:43 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011.11.20 17:42:43 | 000,001,330 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[2011.11.20 17:42:43 | 000,001,303 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Gallery.lnk
[2011.11.20 17:42:43 | 000,001,275 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Transfer.lnk
[2011.11.20 17:42:43 | 000,001,270 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Media plus.lnk
[2011.11.20 17:42:43 | 000,001,266 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk
[2011.11.20 17:42:43 | 000,001,225 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 8.0.lnk
[2011.11.20 17:42:43 | 000,001,211 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk
[2011.11.20 17:42:43 | 000,001,173 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk
[2011.11.20 17:42:43 | 000,001,075 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk
[2011.11.20 17:42:43 | 000,001,043 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
[2011.11.20 17:42:43 | 000,001,025 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMB.lnk
[2011.11.20 17:42:43 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2011.11.20 17:42:43 | 000,000,988 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Data Restore Tool.lnk
[2011.11.19 22:35:14 | 000,059,392 | R--- | C] () -- C:\Windows\SysWow64\streamhlp.dll
[2011.11.19 15:58:23 | 000,001,262 | ---- | C] () -- C:\Users\CHARLI8\Desktop\Spybot - Search & Destroy.lnk
[2011.11.19 10:48:22 | 000,000,216 | ---- | C] () -- C:\ProgramData\~DhVjm1wHicVwx2r
[2011.11.19 10:48:21 | 000,000,288 | ---- | C] () -- C:\ProgramData\~DhVjm1wHicVwx2
[2011.11.19 10:48:13 | 000,000,456 | ---- | C] () -- C:\ProgramData\DhVjm1wHicVwx2
[2011.11.16 16:05:18 | 000,000,268 | R--- | C] () -- C:\ProgramData\Chiller
[2011.11.16 16:05:18 | 000,000,268 | R--- | C] () -- C:\Users\CHARLI8\AppData\Roaming\Caches
[2011.11.16 16:05:18 | 000,000,012 | R--- | C] () -- C:\ProgramData\Compressor
[2011.11.16 16:05:18 | 000,000,000 | ---- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2011.11.16 16:05:17 | 000,000,268 | R--- | C] () -- C:\Users\CHARLI8\AppData\Roaming\CMMs
[2011.11.16 16:05:17 | 000,000,268 | R--- | C] () -- C:\Users\CHARLI8\AppData\Roaming\CIOSupport
[2011.11.16 16:05:17 | 000,000,268 | R--- | C] () -- C:\ProgramData\Channel
[2011.11.16 16:05:17 | 000,000,012 | R--- | C] () -- C:\ProgramData\Common
[2011.11.16 16:05:17 | 000,000,012 | R--- | C] () -- C:\ProgramData\Command Line Utility
[2011.11.16 16:05:17 | 000,000,000 | ---- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2011.11.16 16:05:17 | 000,000,000 | ---- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2011.11.02 20:42:35 | 458,987,730 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.10.29 12:29:15 | 000,045,953 | ---- | C] () -- C:\Users\CHARLI8\Desktop\wetter.jpg
[2011.10.10 08:50:44 | 000,000,132 | ---- | C] () -- C:\Users\CHARLI8\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2011.04.22 05:20:29 | 000,009,382 | -HS- | C] () -- C:\Users\CHARLI8\AppData\Local\jp8e5854mn48f1yy0i6agortg4uiavt
[2011.04.22 05:20:29 | 000,009,382 | -HS- | C] () -- C:\ProgramData\jp8e5854mn48f1yy0i6agortg4uiavt
[2010.12.25 11:35:14 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.12.24 20:52:37 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.08.26 04:17:08 | 000,104,796 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010.08.26 04:16:26 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010.07.12 17:11:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.07.12 15:27:34 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2010.07.12 15:27:34 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010.07.12 15:27:34 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010.07.12 15:27:25 | 000,028,732 | ---- | C] () -- C:\Windows\SysWow64\ativvsny.dat
[2010.07.12 15:27:25 | 000,026,936 | ---- | C] () -- C:\Windows\SysWow64\ativvsnl.dat
[2009.07.14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011.10.14 12:20:00 | 000,000,000 | -HSD | M] -- C:\Users\CHARLI8\AppData\Roaming\.#
[2011.02.22 11:59:07 | 000,000,000 | ---D | M] -- C:\Users\CHARLI8\AppData\Roaming\Auslogics
[2011.09.23 10:39:32 | 000,000,000 | ---D | M] -- C:\Users\CHARLI8\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011.11.26 16:03:54 | 000,000,000 | ---D | M] -- C:\Users\CHARLI8\AppData\Roaming\go
[2011.11.26 16:29:40 | 000,000,000 | ---D | M] -- C:\Users\CHARLI8\AppData\Roaming\ICQ
[2011.11.16 16:14:46 | 000,000,000 | ---D | M] -- C:\Users\CHARLI8\AppData\Roaming\Nikon
[2011.08.27 13:32:41 | 000,000,000 | ---D | M] -- C:\Users\CHARLI8\AppData\Roaming\Sammsoft
[2011.11.17 00:39:42 | 000,000,000 | ---D | M] -- C:\Users\CHARLI8\AppData\Roaming\SoftGrid Client
[2011.09.24 15:17:30 | 000,000,000 | ---D | M] -- C:\Users\CHARLI8\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010.12.24 20:53:31 | 000,000,000 | ---D | M] -- C:\Users\CHARLI8\AppData\Roaming\TP
[2011.11.20 01:50:41 | 000,000,000 | ---D | M] -- C:\Users\CHARLI8\AppData\Roaming\TrojanHunter
[2011.11.25 22:18:01 | 000,000,934 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2659469812-1657583075-3705183488-1001Core.job
[2011.11.26 16:18:02 | 000,000,956 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2659469812-1657583075-3705183488-1001UA.job
[2011.11.19 13:22:54 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*. >
[2011.02.20 09:41:55 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2010.07.27 20:39:25 | 000,000,000 | ---D | M] -- C:\Documentation
[2009.07.14 00:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2010.12.24 14:59:32 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2010.07.12 15:49:45 | 000,000,000 | ---D | M] -- C:\Intel
[2010.12.29 17:00:10 | 000,000,000 | R--D | M] -- C:\MSOCache
[2009.07.13 22:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.09.23 13:21:13 | 000,000,000 | R--D | M] -- C:\Program Files
[2011.11.25 23:29:44 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2011.11.25 23:29:49 | 000,000,000 | ---D | M] -- C:\ProgramData
[2010.12.24 14:59:32 | 000,000,000 | -HSD | M] -- C:\Programme
[2010.07.27 21:05:27 | 000,000,000 | ---D | M] -- C:\SPLASH.000
[2010.07.27 21:05:14 | 000,000,000 | ---D | M] -- C:\SPLASH.SYS
[2011.11.26 16:33:29 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2010.07.27 21:11:27 | 000,000,000 | ---D | M] -- C:\Temp
[2011.10.07 06:29:25 | 000,000,000 | ---D | M] -- C:\Update
[2010.12.24 14:59:45 | 000,000,000 | R--D | M] -- C:\Users
[2010.12.24 15:06:34 | 000,000,000 | ---D | M] -- C:\VAIO Entertainment
[2010.07.27 21:13:02 | 000,000,000 | ---D | M] -- C:\VAIO Sample Contents
[2011.11.21 01:01:13 | 000,000,000 | ---D | M] -- C:\Windows
[2010.07.27 20:39:26 | 000,000,000 | ---D | M] -- C:\_FS_SWRINFO

< %PROGRAMFILES%\*.exe >

< %LOCALAPPDATA%\*.exe >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.manifest /3 >


< MD5 for: EXPLORER.EXE >
[2011.02.26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.04.22 07:07:02 | 001,006,778 | ---- | M] () MD5=1429FFF7A09B103E43613273C24B7781 -- C:\Users\Mara Bangert\Documents\ICQ\626861809\ReceivedFiles\159274527 Marc-Philipp Buseck\eXplorer.exe
[2009.07.13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 00:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 01:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 07:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 01:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 01:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 00:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 08:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 01:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 00:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.13 20:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 01:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 01:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 01:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: REGEDIT.EXE >
[2009.07.13 20:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[2009.07.13 20:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.13 20:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe
[2009.07.13 20:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe

< MD5 for: USERINIT.EXE >
[2010.11.20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 08:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 08:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WININIT.EXE >
[2009.07.13 20:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.13 20:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.13 20:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.13 20:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 08:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 08:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.13 20:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 02:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 01:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMPFC5A2B2

< End of report >
Extras.txt
Zitat:
OTL Extras logfile created on: 26.11.2011 16:30:07 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\CHARLI8\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,67 Gb Total Physical Memory | 1,31 Gb Available Physical Memory | 35,61% Memory free
7,34 Gb Paging File | 4,42 Gb Available in Paging File | 60,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284,86 Gb Total Space | 204,01 Gb Free Space | 71,62% Space Free | Partition Type: NTFS

Computer Name: CHARLI8 | User Name: CHARLI8 | Logged in as Administrat
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{10E14C74-0638-4996-ABAD-BBF7A6CF1FAA}" = PMB VAIO Edition plug-in (Click to Disc)
"{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery
"{11D25EF7-85FC-4B58-8278-485939C8637F}" = VAIO Update Merge Module x64
"{1E37FC84-799E-481B-9462-3489861E36C9}" = PMB VAIO Edition plug-in (Click to Disc)
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{202B76AB-1B21-434E-A289-788D767D3A7C}" = Media Gallery
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java(TM) 6 Update 20 (64-bit)
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{44713725-8CC8-4710-B727-DC13A3665F9C}" = Adobe Photoshop Lightroom 3.5 64-bit
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4DABD2B3-B67A-41B0-86FE-C11AAF5D158A}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{5AC18E2C-7EAB-4F9E-BEEC-07FD722B28E3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{5AFD1F5C-8FDA-413C-AF38-F1E7BD10D72F}" = VAIO Media plus
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A3D964A6-411A-4817-9D58-5CB8808F494E}" = VAIO Media plus
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D16A2127-B927-4379-B153-3DEC091E4EEB}" = Intel(R) PROSet/Wireless WiFi-Software
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"ProInst" = Intel PROSet Wireless
"WinRAR archiver" = WinRAR 4.01 (64-Bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{07441A52-E208-478A-92B7-5C337CA8C131}" = Remote Play mit PlayStation®3
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{177AF091-7854-4615-8327-AC7518F62782}" = VAIO Media plus
"{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1D7CE340-70C3-4848-BCCF-215950328A4C}" = Facebook Video Calling 1.0.0.8953
"{20536917-E2DF-45D9-B41F-9AC0CAFFE48A}" = Media Gallery
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 29
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2F9D63BE-A891-4E39-AFB3-7402D486800C}" = VAIO Hardware Diagnostics
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{3DB5EA77-4A14-4EC9-8BFC-73BC848BDE73}" = Media Gallery
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{4685A344-6718-4923-AA9D-158A0A2E1CFB}" = SmartSound Quicktracks for Premiere Elements 8.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B9DA746-5AE1-4BA0-9087-BDB162242890}" = VAIO Media plus
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{52F9CDDA-26F6-4499-90E0-6DDDE6D2259C}" = VAIO Media plus
"{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data
"{5A92468F-3ED8-4F96-A9E1-4F176C80EC29}" = VAIO Quick Web Access
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65B138AE-F636-4D4C-BA5D-A06E21E47C53}" = Remote-Tastatur mit PlayStation 3
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{734B6C6C-4740-476F-BB0C-F7AF469EDBB2}" = Remote Play with PlayStation 3
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" =
"{8211C280-5B02-4E7E-B55F-845A207249BA}" = VAIO Data Restore Tool
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84C176F9-1DAE-803C-5993-CF8703AE5841}" = Adobe Download Assistant
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0E583D1-23F7-4C35-9620-B169D7715E4B}" = Adobe Premiere Elements 8.0
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" =
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.5 - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B941F34C-F36A-4A6F-A97C-50B5948E451F}" = VAIO Media plus
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" =
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CFB66DB0-00AC-4CBC-B99D-99EFEB03743C}" = PMB VAIO Edition plug-in (Click to Disc)
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D531F5A4-18F6-4130-B9A4-9179D6E349FC}" = VAIO Care
"{D8FF4505-5977-4116-8DE4-2AF7174E70AC}" = Media Gallery
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = VAIO - Media Gallery
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.01.231
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FBB4411F-1328-4E36-A5B3-16AA8CFA8F9C}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Google Chrome" = Google Chrome
"InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer)
"InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}" = SmartSound Quicktracks for Premiere Elements 8.0
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = VAIO - PMB VAIO Edition plug-in (Click to Disc)
"InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = VAIO - PMB VAIO Edition Guide
"InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO - PMB VAIO Edition plug-in (VAIO Movie Story)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"PremElem80" = Adobe Premiere Elements 8.0
"Security Task Manager" = Security Task Manager 1.8d
"splashtop" = VAIO Quick Web Access
"Update Engine" = Sony Ericsson Update Engine
"VAIO Help and Support" =
"VAIO screensaver" = VAIO screensaver
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = EasyBits GO

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 06.09.2011 13:58:34 | Computer Name = CHARLI8 | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error - 08.09.2011 13:26:37 | Computer Name = CHARLI8 | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error - 09.09.2011 13:29:32 | Computer Name = CHARLI8 | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error - 09.09.2011 20:53:39 | Computer Name = CHARLI8 | Source = Application Hang | ID = 1002
Description = Programm Photoshop.exe, Version 8.0.1.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 564 Startzeit:
01cc6f3f8a4781e2 Endzeit: 21 Anwendungspfad: C:\Program Files (x86)\Adobe\Photoshop
CS\Photoshop.exe Berichts-ID: 4b159108-db47-11e0-9f79-c0cb38e511a6

Error - 10.09.2011 20:36:12 | Computer Name = CHARLI8 | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error - 10.09.2011 22:35:01 | Computer Name = CHARLI8 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Alarm.exe, Version: 2.0.5.5, Zeitstempel:
0x2a425e19 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7600.16850,
Zeitstempel: 0x4e211485 Ausnahmecode: 0x0eedfade Fehleroffset: 0x0000b9bc ID des fehlerhaften
Prozesses: 0xd48 Startzeit der fehlerhaften Anwendung: 0x01cc702b66b12c94 Pfad der
fehlerhaften Anwendung: C:\Users\CHARLI8\Documents\kalender[1]\Alarm.exe Pfad
des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: a5c2c5dd-dc1e-11e0-99c8-c0cb38e511a6

Error - 11.09.2011 10:16:02 | Computer Name = CHARLI8 | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error - 13.09.2011 20:04:48 | Computer Name = CHARLI8 | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error - 14.09.2011 17:10:03 | Computer Name = CHARLI8 | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error - 15.09.2011 03:50:48 | Computer Name = CHARLI8 | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.

[ Media Center Events ]
Error - 28.06.2011 04:20:20 | Computer Name = CHARLI8 | Source = MCUpdate | ID = 0
Description = 10:20:20 - Fehler beim Herstellen der Internetverbindung. 10:20:20
- Serververbindung konnte nicht hergestellt werden..

Error - 28.06.2011 04:20:58 | Computer Name = CHARLI8 | Source = MCUpdate | ID = 0
Description = 10:20:50 - Fehler beim Herstellen der Internetverbindung. 10:20:50
- Serververbindung konnte nicht hergestellt werden..

Error - 12.07.2011 21:05:15 | Computer Name = CHARLI8 | Source = MCUpdate | ID = 0
Description = 03:05:15 - Fehler beim Herstellen der Internetverbindung. 03:05:15
- Serververbindung konnte nicht hergestellt werden..

Error - 12.07.2011 21:05:49 | Computer Name = CHARLI8 | Source = MCUpdate | ID = 0
Description = 03:05:45 - Fehler beim Herstellen der Internetverbindung. 03:05:45
- Serververbindung konnte nicht hergestellt werden..

Error - 12.07.2011 22:06:20 | Computer Name = CHARLI8 | Source = MCUpdate | ID = 0
Description = 04:06:20 - Fehler beim Herstellen der Internetverbindung. 04:06:20
- Serververbindung konnte nicht hergestellt werden..

Error - 12.07.2011 22:06:49 | Computer Name = CHARLI8 | Source = MCUpdate | ID = 0
Description = 04:06:49 - Fehler beim Herstellen der Internetverbindung. 04:06:49
- Serververbindung konnte nicht hergestellt werden..

Error - 12.07.2011 23:07:30 | Computer Name = CHARLI8 | Source = MCUpdate | ID = 0
Description = 05:07:30 - Fehler beim Herstellen der Internetverbindung. 05:07:30
- Serververbindung konnte nicht hergestellt werden..

Error - 12.07.2011 23:08:04 | Computer Name = CHARLI8 | Source = MCUpdate | ID = 0
Description = 05:07:59 - Fehler beim Herstellen der Internetverbindung. 05:07:59
- Serververbindung konnte nicht hergestellt werden..

Error - 13.07.2011 00:08:36 | Computer Name = CHARLI8 | Source = MCUpdate | ID = 0
Description = 06:08:36 - Fehler beim Herstellen der Internetverbindung. 06:08:36
- Serververbindung konnte nicht hergestellt werden..

Error - 13.07.2011 00:09:07 | Computer Name = CHARLI8 | Source = MCUpdate | ID = 0
Description = 06:09:05 - Fehler beim Herstellen der Internetverbindung. 06:09:05
- Serververbindung konnte nicht hergestellt werden..

[ System Events ]
Error - 22.11.2011 23:42:25 | Computer Name = CHARLI8 | Source = DCOM | ID = 10010
Description =

Error - 23.11.2011 13:01:23 | Computer Name = CHARLI8 | Source = DCOM | ID = 10010
Description =

Error - 23.11.2011 13:03:15 | Computer Name = CHARLI8 | Source = DCOM | ID = 10010
Description =

Error - 24.11.2011 02:53:23 | Computer Name = CHARLI8 | Source = DCOM | ID = 10010
Description =

Error - 24.11.2011 14:29:58 | Computer Name = CHARLI8 | Source = DCOM | ID = 10010
Description =

Error - 24.11.2011 20:12:12 | Computer Name = CHARLI8 | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Windows Media Player-Netzwerkfreigabedienst erreicht.

Error - 24.11.2011 20:12:12 | Computer Name = CHARLI8 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund
folgenden Fehlers nicht gestartet: %%1053

Error - 25.11.2011 00:23:10 | Computer Name = CHARLI8 | Source = DCOM | ID = 10010
Description =

Error - 26.11.2011 00:45:10 | Computer Name = CHARLI8 | Source = DCOM | ID = 10010
Description =

Error - 26.11.2011 11:56:36 | Computer Name = CHARLI8 | Source = DCOM | ID = 10010
Description =


< End of report >
Ich hoffe ihr könnt mir helfen und bedanke mich schonmal für jegliche Hilfe.
Mit freundlichen Grüßen ,
Charli8

Alt 26.11.2011, 23:48   #2
Larusso
/// Selecta Jahrusso
 
SystemFix auf meinem Laptop - Standard

SystemFix auf meinem Laptop




Mein Name ist Daniel und ich werde dir mit deinem Malware Relvanten Problemen helfen.

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen erst einmal durch. Sollte irgendetwas unklar sein, Frage bevor du beginnst.
  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden
  • Sollte ich innerhalb der nächsten 3 Tage keine Antwort von dir erhalten, werde ich das Thema aus meinen Abonnements löschen.
  • Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst und Installiere / Deinstalliere keine Software ohne Aufforderung.
  • Poste die Logfiles direkt in deinen Thread und nicht als Anhang, ausser du wurdest dazu aufgefordert. Erschwert mir das Auswerten.


Vista und Win7 User
Alle Tools mit Rechtsklick "als Administrator ausführen" starten.


Schritt 1

Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen.

Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und speichere das Logfile.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ )
    Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt
Poste den Inhalt bitte hier in deinen Thread.


Bitte poste in deiner nächsten Antwort
TDSSKIller Log
__________________

__________________
Alt 27.11.2011, 00:32   #3
charli8
 
SystemFix auf meinem Laptop - Standard

SystemFix auf meinem Laptop


danke für die schnell Antwort. Habe deine Anweisung befolgt , es hat mir keine infizierten Objekte angezeigt. Hier ist der Bericht :

TDSSKiller
Zitat:
18:24:54.0238 1112 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
18:24:54.0752 1112 ============================================================
18:24:54.0752 1112 Current date / time: 2011/11/26 18:24:54.0752
18:24:54.0752 1112 SystemInfo:
18:24:54.0752 1112
18:24:54.0752 1112 OS Version: 6.1.7601 ServicePack: 1.0
18:24:54.0752 1112 Product type: Workstation
18:24:54.0752 1112 ComputerName: CHARLI8
18:24:54.0752 1112 UserName: CHARLI8
18:24:54.0753 1112 Windows directory: C:\Windows
18:24:54.0753 1112 System windows directory: C:\Windows
18:24:54.0753 1112 Running under WOW64
18:24:54.0753 1112 Processor architecture: Intel x64
18:24:54.0753 1112 Number of processors: 4
18:24:54.0753 1112 Page size: 0x1000
18:24:54.0753 1112 Boot type: Normal boot
18:24:54.0753 1112 ============================================================
18:24:55.0401 1112 Initialize success
18:24:58.0455 0860 ============================================================
18:24:58.0455 0860 Scan started
18:24:58.0455 0860 Mode: Manual;
18:24:58.0455 0860 ============================================================
18:25:02.0981 0860 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
18:25:03.0000 0860 1394ohci - ok
18:25:03.0090 0860 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
18:25:03.0150 0860 ACPI - ok
18:25:03.0372 0860 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
18:25:03.0381 0860 AcpiPmi - ok
18:25:03.0588 0860 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
18:25:03.0617 0860 adp94xx - ok
18:25:03.0731 0860 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
18:25:03.0751 0860 adpahci - ok
18:25:03.0905 0860 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
18:25:03.0920 0860 adpu320 - ok
18:25:04.0017 0860 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
18:25:04.0064 0860 AFD - ok
18:25:04.0134 0860 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
18:25:04.0148 0860 agp440 - ok
18:25:04.0303 0860 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
18:25:04.0312 0860 aliide - ok
18:25:04.0355 0860 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
18:25:04.0362 0860 amdide - ok
18:25:04.0411 0860 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
18:25:04.0423 0860 AmdK8 - ok
18:25:04.0545 0860 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
18:25:04.0557 0860 AmdPPM - ok
18:25:04.0601 0860 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
18:25:04.0611 0860 amdsata - ok
18:25:04.0646 0860 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
18:25:04.0660 0860 amdsbs - ok
18:25:04.0698 0860 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
18:25:04.0732 0860 amdxata - ok
18:25:04.0865 0860 ApfiltrService (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\DRIVERS\Apfiltr.sys
18:25:04.0923 0860 ApfiltrService - ok
18:25:05.0008 0860 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
18:25:05.0022 0860 AppID - ok
18:25:05.0089 0860 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
18:25:05.0101 0860 arc - ok
18:25:05.0140 0860 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
18:25:05.0152 0860 arcsas - ok
18:25:05.0185 0860 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
18:25:05.0191 0860 ArcSoftKsUFilter - ok
18:25:05.0232 0860 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:25:05.0240 0860 AsyncMac - ok
18:25:05.0288 0860 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
18:25:05.0296 0860 atapi - ok
18:25:05.0376 0860 athr (cca705cdf038d5bc243203ce4416b345) C:\Windows\system32\DRIVERS\athrx.sys
18:25:05.0467 0860 athr - ok
18:25:05.0674 0860 atikmdag (eaea2ce49de0cca80beb9134107e5dd7) C:\Windows\system32\DRIVERS\atikmdag.sys
18:25:05.0905 0860 atikmdag - ok
18:25:06.0014 0860 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
18:25:06.0029 0860 avgntflt - ok
18:25:06.0063 0860 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
18:25:06.0078 0860 avipbb - ok
18:25:06.0131 0860 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
18:25:06.0156 0860 b06bdrv - ok
18:25:06.0207 0860 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:25:06.0225 0860 b57nd60a - ok
18:25:06.0275 0860 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:25:06.0279 0860 Beep - ok
18:25:06.0323 0860 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
18:25:06.0331 0860 blbdrive - ok
18:25:06.0406 0860 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
18:25:06.0416 0860 bowser - ok
18:25:06.0454 0860 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
18:25:06.0459 0860 BrFiltLo - ok
18:25:06.0484 0860 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
18:25:06.0488 0860 BrFiltUp - ok
18:25:06.0529 0860 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:25:06.0550 0860 Brserid - ok
18:25:06.0590 0860 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:25:06.0598 0860 BrSerWdm - ok
18:25:06.0630 0860 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:25:06.0640 0860 BrUsbMdm - ok
18:25:06.0703 0860 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:25:06.0708 0860 BrUsbSer - ok
18:25:06.0867 0860 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
18:25:06.0876 0860 BthEnum - ok
18:25:06.0947 0860 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
18:25:06.0957 0860 BTHMODEM - ok
18:25:06.0997 0860 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
18:25:07.0008 0860 BthPan - ok
18:25:07.0069 0860 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
18:25:07.0105 0860 BTHPORT - ok
18:25:07.0197 0860 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
18:25:07.0199 0860 BTHUSB - ok
18:25:07.0366 0860 btwampfl (59e3510784548c6939c1b3b985c232e3) C:\Windows\system32\drivers\btwampfl.sys
18:25:07.0432 0860 btwampfl - ok
18:25:07.0462 0860 btwaudio (1872074ed0a3fb22e3f1e3197b984bfa) C:\Windows\system32\drivers\btwaudio.sys
18:25:07.0473 0860 btwaudio - ok
18:25:07.0503 0860 btwavdt (691cf076c33ab1c3a5b2fd5450300733) C:\Windows\system32\drivers\btwavdt.sys
18:25:07.0514 0860 btwavdt - ok
18:25:07.0542 0860 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
18:25:07.0551 0860 btwl2cap - ok
18:25:07.0599 0860 btwrchid (c9273b20dec8ce38dbce5d29de63c907) C:\Windows\system32\DRIVERS\btwrchid.sys
18:25:07.0606 0860 btwrchid - ok
18:25:07.0635 0860 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:25:07.0645 0860 cdfs - ok
18:25:07.0699 0860 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
18:25:07.0716 0860 cdrom - ok
18:25:07.0758 0860 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
18:25:07.0772 0860 circlass - ok
18:25:07.0826 0860 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:25:07.0846 0860 CLFS - ok
18:25:07.0905 0860 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
18:25:07.0910 0860 CmBatt - ok
18:25:07.0951 0860 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
18:25:07.0962 0860 cmdide - ok
18:25:08.0022 0860 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
18:25:08.0108 0860 CNG - ok
18:25:08.0143 0860 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
18:25:08.0150 0860 Compbatt - ok
18:25:08.0203 0860 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
18:25:08.0214 0860 CompositeBus - ok
18:25:08.0260 0860 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
18:25:08.0270 0860 crcdisk - ok
18:25:08.0337 0860 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
18:25:08.0349 0860 DfsC - ok
18:25:08.0398 0860 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:25:08.0408 0860 discache - ok
18:25:08.0434 0860 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
18:25:08.0446 0860 Disk - ok
18:25:08.0486 0860 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:25:08.0493 0860 drmkaud - ok
18:25:08.0574 0860 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
18:25:08.0640 0860 DXGKrnl - ok
18:25:08.0996 0860 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
18:25:09.0137 0860 ebdrv - ok
18:25:09.0276 0860 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
18:25:09.0314 0860 elxstor - ok
18:25:09.0350 0860 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
18:25:09.0357 0860 ErrDev - ok
18:25:09.0440 0860 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:25:09.0454 0860 exfat - ok
18:25:09.0483 0860 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:25:09.0497 0860 fastfat - ok
18:25:09.0543 0860 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
18:25:09.0553 0860 fdc - ok
18:25:09.0643 0860 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:25:09.0654 0860 FileInfo - ok
18:25:09.0686 0860 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:25:09.0693 0860 Filetrace - ok
18:25:09.0729 0860 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
18:25:09.0735 0860 flpydisk - ok
18:25:09.0787 0860 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
18:25:09.0808 0860 FltMgr - ok
18:25:09.0837 0860 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:25:09.0846 0860 FsDepends - ok
18:25:09.0874 0860 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
18:25:09.0881 0860 Fs_Rec - ok
18:25:09.0910 0860 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:25:09.0931 0860 fvevol - ok
18:25:09.0975 0860 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
18:25:09.0985 0860 gagp30kx - ok
18:25:10.0024 0860 ggflt (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys
18:25:10.0030 0860 ggflt - ok
18:25:10.0082 0860 ggsemc (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys
18:25:10.0091 0860 ggsemc - ok
18:25:10.0127 0860 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:25:10.0136 0860 hcw85cir - ok
18:25:10.0183 0860 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
18:25:10.0204 0860 HdAudAddService - ok
18:25:10.0252 0860 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
18:25:10.0266 0860 HDAudBus - ok
18:25:10.0307 0860 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys
18:25:10.0316 0860 HECIx64 - ok
18:25:10.0359 0860 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
18:25:10.0365 0860 HidBatt - ok
18:25:10.0398 0860 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
18:25:10.0409 0860 HidBth - ok
18:25:10.0442 0860 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
18:25:10.0450 0860 HidIr - ok
18:25:10.0505 0860 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
18:25:10.0513 0860 HidUsb - ok
18:25:10.0550 0860 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
18:25:10.0562 0860 HpSAMD - ok
18:25:10.0624 0860 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
18:25:10.0680 0860 HTTP - ok
18:25:10.0734 0860 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
18:25:10.0741 0860 hwpolicy - ok
18:25:10.0823 0860 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
18:25:10.0836 0860 i8042prt - ok
18:25:10.0893 0860 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\drivers\iaStor.sys
18:25:10.0901 0860 iaStor - ok
18:25:10.0992 0860 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
18:25:11.0011 0860 iaStorV - ok
18:25:11.0368 0860 igfx (31569a2e836c12014148bf7342716946) C:\Windows\system32\DRIVERS\igdkmd64.sys
18:25:11.0666 0860 igfx - ok
18:25:11.0713 0860 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
18:25:11.0724 0860 iirsp - ok
18:25:11.0783 0860 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
18:25:11.0794 0860 Impcd - ok
18:25:11.0899 0860 IntcAzAudAddService (526e482afb586cb1cdd687869decf686) C:\Windows\system32\drivers\RTKVHD64.sys
18:25:12.0024 0860 IntcAzAudAddService - ok
18:25:12.0097 0860 IntcDAud (03c74719d48056a1078f3a51ceb76baa) C:\Windows\system32\DRIVERS\IntcDAud.sys
18:25:12.0112 0860 IntcDAud - ok
18:25:12.0150 0860 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
18:25:12.0157 0860 intelide - ok
18:25:12.0195 0860 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
18:25:12.0206 0860 intelppm - ok
18:25:12.0256 0860 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:25:12.0266 0860 IpFilterDriver - ok
18:25:12.0319 0860 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
18:25:12.0332 0860 IPMIDRV - ok
18:25:12.0377 0860 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:25:12.0389 0860 IPNAT - ok
18:25:12.0417 0860 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:25:12.0423 0860 IRENUM - ok
18:25:12.0474 0860 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
18:25:12.0482 0860 isapnp - ok
18:25:12.0521 0860 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
18:25:12.0538 0860 iScsiPrt - ok
18:25:12.0578 0860 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
18:25:12.0587 0860 kbdclass - ok
18:25:12.0618 0860 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
18:25:12.0624 0860 kbdhid - ok
18:25:12.0679 0860 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
18:25:12.0690 0860 KSecDD - ok
18:25:12.0741 0860 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
18:25:12.0758 0860 KSecPkg - ok
18:25:12.0793 0860 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:25:12.0804 0860 ksthunk - ok
18:25:12.0850 0860 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:25:12.0860 0860 lltdio - ok
18:25:12.0969 0860 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
18:25:12.0984 0860 LSI_FC - ok
18:25:13.0052 0860 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
18:25:13.0064 0860 LSI_SAS - ok
18:25:13.0107 0860 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
18:25:13.0118 0860 LSI_SAS2 - ok
18:25:13.0217 0860 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
18:25:13.0227 0860 LSI_SCSI - ok
18:25:13.0289 0860 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:25:13.0291 0860 luafv - ok
18:25:13.0337 0860 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
18:25:13.0346 0860 megasas - ok
18:25:13.0395 0860 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
18:25:13.0414 0860 MegaSR - ok
18:25:13.0447 0860 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:25:13.0455 0860 Modem - ok
18:25:13.0488 0860 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:25:13.0498 0860 monitor - ok
18:25:13.0587 0860 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
18:25:13.0597 0860 mouclass - ok
18:25:13.0641 0860 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
18:25:13.0647 0860 mouhid - ok
18:25:13.0694 0860 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
18:25:13.0704 0860 mountmgr - ok
18:25:13.0782 0860 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
18:25:13.0799 0860 mpio - ok
18:25:13.0856 0860 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:25:13.0866 0860 mpsdrv - ok
18:25:13.0929 0860 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
18:25:13.0942 0860 MRxDAV - ok
18:25:13.0988 0860 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:25:14.0001 0860 mrxsmb - ok
18:25:14.0051 0860 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:25:14.0071 0860 mrxsmb10 - ok
18:25:14.0123 0860 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:25:14.0134 0860 mrxsmb20 - ok
18:25:14.0174 0860 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
18:25:14.0183 0860 msahci - ok
18:25:14.0232 0860 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
18:25:14.0245 0860 msdsm - ok
18:25:14.0307 0860 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:25:14.0313 0860 Msfs - ok
18:25:14.0344 0860 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:25:14.0349 0860 mshidkmdf - ok
18:25:14.0375 0860 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
18:25:14.0383 0860 msisadrv - ok
18:25:14.0422 0860 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:25:14.0427 0860 MSKSSRV - ok
18:25:14.0452 0860 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:25:14.0456 0860 MSPCLOCK - ok
18:25:14.0484 0860 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:25:14.0488 0860 MSPQM - ok
18:25:14.0542 0860 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
18:25:14.0560 0860 MsRPC - ok
18:25:14.0594 0860 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
18:25:14.0602 0860 mssmbios - ok
18:25:14.0632 0860 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:25:14.0637 0860 MSTEE - ok
18:25:14.0679 0860 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
18:25:14.0685 0860 MTConfig - ok
18:25:14.0717 0860 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:25:14.0728 0860 Mup - ok
18:25:14.0769 0860 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:25:14.0787 0860 NativeWifiP - ok
18:25:14.0856 0860 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
18:25:14.0933 0860 NDIS - ok
18:25:14.0959 0860 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:25:14.0967 0860 NdisCap - ok
18:25:14.0997 0860 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:25:15.0004 0860 NdisTapi - ok
18:25:15.0049 0860 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
18:25:15.0058 0860 Ndisuio - ok
18:25:15.0119 0860 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
18:25:15.0139 0860 NdisWan - ok
18:25:15.0192 0860 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
18:25:15.0201 0860 NDProxy - ok
18:25:15.0235 0860 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:25:15.0243 0860 NetBIOS - ok
18:25:15.0314 0860 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
18:25:15.0332 0860 NetBT - ok
18:25:15.0594 0860 NETw5s64 (18555f48844c2861d9dce8f2b7223ae5) C:\Windows\system32\DRIVERS\NETw5s64.sys
18:25:15.0852 0860 NETw5s64 - ok
18:25:15.0925 0860 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
18:25:15.0934 0860 nfrd960 - ok
18:25:15.0976 0860 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:25:15.0983 0860 Npfs - ok
18:25:16.0012 0860 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:25:16.0020 0860 nsiproxy - ok
18:25:16.0112 0860 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
18:25:16.0245 0860 Ntfs - ok
18:25:16.0294 0860 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:25:16.0298 0860 Null - ok
18:25:16.0367 0860 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
18:25:16.0380 0860 nvraid - ok
18:25:16.0409 0860 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
18:25:16.0421 0860 nvstor - ok
18:25:16.0471 0860 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
18:25:16.0483 0860 nv_agp - ok
18:25:16.0510 0860 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
18:25:16.0521 0860 ohci1394 - ok
18:25:16.0579 0860 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
18:25:16.0589 0860 Parport - ok
18:25:16.0631 0860 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
18:25:16.0643 0860 partmgr - ok
18:25:16.0700 0860 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
18:25:16.0713 0860 pci - ok
18:25:16.0749 0860 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
18:25:16.0755 0860 pciide - ok
18:25:16.0790 0860 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
18:25:16.0807 0860 pcmcia - ok
18:25:16.0848 0860 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:25:16.0857 0860 pcw - ok
18:25:16.0897 0860 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:25:16.0950 0860 PEAUTH - ok
18:25:17.0065 0860 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
18:25:17.0077 0860 PptpMiniport - ok
18:25:17.0124 0860 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
18:25:17.0135 0860 Processor - ok
18:25:17.0209 0860 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
18:25:17.0224 0860 Psched - ok
18:25:17.0255 0860 PxHlpa64 (fbf4db6d53585437e41a113300002a2b) C:\Windows\system32\Drivers\PxHlpa64.sys
18:25:17.0265 0860 PxHlpa64 - ok
18:25:17.0341 0860 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
18:25:17.0425 0860 ql2300 - ok
18:25:17.0499 0860 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
18:25:17.0512 0860 ql40xx - ok
18:25:17.0547 0860 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:25:17.0555 0860 QWAVEdrv - ok
18:25:17.0575 0860 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:25:17.0581 0860 RasAcd - ok
18:25:17.0605 0860 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:25:17.0615 0860 RasAgileVpn - ok
18:25:17.0666 0860 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:25:17.0668 0860 Rasl2tp - ok
18:25:17.0703 0860 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:25:17.0715 0860 RasPppoe - ok
18:25:17.0738 0860 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:25:17.0749 0860 RasSstp - ok
18:25:17.0801 0860 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
18:25:17.0823 0860 rdbss - ok
18:25:17.0870 0860 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
18:25:17.0877 0860 rdpbus - ok
18:25:17.0913 0860 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:25:17.0917 0860 RDPCDD - ok
18:25:17.0942 0860 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:25:17.0947 0860 RDPENCDD - ok
18:25:17.0969 0860 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:25:17.0975 0860 RDPREFMP - ok
18:25:18.0027 0860 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
18:25:18.0040 0860 RDPWD - ok
18:25:18.0099 0860 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
18:25:18.0116 0860 rdyboost - ok
18:25:18.0176 0860 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
18:25:18.0186 0860 RFCOMM - ok
18:25:18.0231 0860 rimspci (fa6abc06b629da29634d31f1fe0347bd) C:\Windows\system32\drivers\rimssne64.sys
18:25:18.0242 0860 rimspci - ok
18:25:18.0285 0860 risdsnpe (8f8539a7f5c117d4407b2985995671f2) C:\Windows\system32\drivers\risdsne64.sys
18:25:18.0294 0860 risdsnpe - ok
18:25:18.0345 0860 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:25:18.0354 0860 rspndr - ok
18:25:18.0395 0860 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
18:25:18.0407 0860 sbp2port - ok
18:25:18.0479 0860 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
18:25:18.0488 0860 scfilter - ok
18:25:18.0543 0860 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
18:25:18.0555 0860 sdbus - ok
18:25:18.0599 0860 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:25:18.0607 0860 secdrv - ok
18:25:18.0657 0860 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
18:25:18.0663 0860 Serenum - ok
18:25:18.0697 0860 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
18:25:18.0708 0860 Serial - ok
18:25:18.0761 0860 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
18:25:18.0767 0860 sermouse - ok
18:25:18.0828 0860 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
18:25:18.0833 0860 SFEP - ok
18:25:18.0872 0860 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:25:18.0878 0860 sffdisk - ok
18:25:18.0900 0860 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:25:18.0906 0860 sffp_mmc - ok
18:25:18.0952 0860 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
18:25:18.0957 0860 sffp_sd - ok
18:25:18.0996 0860 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
18:25:19.0001 0860 sfloppy - ok
18:25:19.0064 0860 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
18:25:19.0107 0860 Sftfs - ok
18:25:19.0178 0860 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
18:25:19.0193 0860 Sftplay - ok
18:25:19.0214 0860 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
18:25:19.0222 0860 Sftredir - ok
18:25:19.0271 0860 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
18:25:19.0277 0860 Sftvol - ok
18:25:19.0340 0860 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
18:25:19.0350 0860 SiSRaid2 - ok
18:25:19.0388 0860 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
18:25:19.0399 0860 SiSRaid4 - ok
18:25:19.0435 0860 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:25:19.0446 0860 Smb - ok
18:25:19.0512 0860 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:25:19.0519 0860 spldr - ok
18:25:19.0586 0860 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
18:25:19.0608 0860 srv - ok
18:25:19.0659 0860 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
18:25:19.0683 0860 srv2 - ok
18:25:19.0708 0860 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
18:25:19.0722 0860 srvnet - ok
18:25:19.0770 0860 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
18:25:19.0778 0860 stexstor - ok
18:25:19.0834 0860 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
18:25:19.0840 0860 swenum - ok
18:25:19.0956 0860 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
18:25:20.0077 0860 Tcpip - ok
18:25:20.0221 0860 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
18:25:20.0245 0860 TCPIP6 - ok
18:25:20.0301 0860 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
18:25:20.0309 0860 tcpipreg - ok
18:25:20.0345 0860 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:25:20.0351 0860 TDPIPE - ok
18:25:20.0367 0860 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
18:25:20.0374 0860 TDTCP - ok
18:25:20.0426 0860 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
18:25:20.0437 0860 tdx - ok
18:25:20.0467 0860 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
18:25:20.0477 0860 TermDD - ok
18:25:20.0542 0860 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:25:20.0549 0860 tssecsrv - ok
18:25:20.0587 0860 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
18:25:20.0599 0860 TsUsbFlt - ok
18:25:20.0647 0860 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
18:25:20.0649 0860 tunnel - ok
18:25:20.0691 0860 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
18:25:20.0700 0860 uagp35 - ok
18:25:20.0770 0860 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
18:25:20.0787 0860 udfs - ok
18:25:20.0850 0860 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
18:25:20.0861 0860 uliagpkx - ok
18:25:20.0914 0860 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
18:25:20.0924 0860 umbus - ok
18:25:20.0978 0860 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
18:25:20.0984 0860 UmPass - ok
18:25:21.0045 0860 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
18:25:21.0055 0860 usbccgp - ok
18:25:21.0105 0860 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
18:25:21.0121 0860 usbcir - ok
18:25:21.0159 0860 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
18:25:21.0166 0860 usbehci - ok
18:25:21.0197 0860 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
18:25:21.0219 0860 usbhub - ok
18:25:21.0244 0860 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
18:25:21.0251 0860 usbohci - ok
18:25:21.0284 0860 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
18:25:21.0291 0860 usbprint - ok
18:25:21.0317 0860 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:25:21.0329 0860 USBSTOR - ok
18:25:21.0360 0860 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
18:25:21.0367 0860 usbuhci - ok
18:25:21.0427 0860 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
18:25:21.0442 0860 usbvideo - ok
18:25:21.0533 0860 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
18:25:21.0541 0860 vdrvroot - ok
18:25:21.0583 0860 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:25:21.0589 0860 vga - ok
18:25:21.0619 0860 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:25:21.0625 0860 VgaSave - ok
18:25:21.0671 0860 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
18:25:21.0688 0860 vhdmp - ok
18:25:21.0737 0860 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
18:25:21.0745 0860 viaide - ok
18:25:21.0778 0860 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
18:25:21.0789 0860 volmgr - ok
18:25:21.0841 0860 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
18:25:21.0863 0860 volmgrx - ok
18:25:21.0919 0860 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
18:25:21.0937 0860 volsnap - ok
18:25:21.0972 0860 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
18:25:21.0984 0860 vsmraid - ok
18:25:22.0027 0860 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
18:25:22.0035 0860 vwifibus - ok
18:25:22.0065 0860 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
18:25:22.0074 0860 vwififlt - ok
18:25:22.0095 0860 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
18:25:22.0100 0860 vwifimp - ok
18:25:22.0150 0860 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
18:25:22.0157 0860 WacomPen - ok
18:25:22.0204 0860 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:25:22.0215 0860 WANARP - ok
18:25:22.0222 0860 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:25:22.0224 0860 Wanarpv6 - ok
18:25:22.0288 0860 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
18:25:22.0295 0860 Wd - ok
18:25:22.0335 0860 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:25:22.0372 0860 Wdf01000 - ok
18:25:22.0413 0860 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:25:22.0418 0860 WfpLwf - ok
18:25:22.0450 0860 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:25:22.0459 0860 WIMMount - ok
18:25:22.0541 0860 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
18:25:22.0551 0860 WinUsb - ok
18:25:22.0605 0860 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
18:25:22.0618 0860 WmiAcpi - ok
18:25:22.0672 0860 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:25:22.0678 0860 ws2ifsl - ok
18:25:22.0741 0860 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
18:25:22.0752 0860 WudfPf - ok
18:25:22.0786 0860 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:25:22.0799 0860 WUDFRd - ok
18:25:22.0853 0860 yukonw7 (5250193ef8e173aa7491250f00eb367f) C:\Windows\system32\DRIVERS\yk62x64.sys
18:25:22.0878 0860 yukonw7 - ok
18:25:22.0916 0860 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:25:22.0942 0860 \Device\Harddisk0\DR0 - ok
18:25:22.0953 0860 Boot (0x1200) (05d0041e69bc4ecd76ccc8b2772cf749) \Device\Harddisk0\DR0\Partition0
18:25:22.0955 0860 \Device\Harddisk0\DR0\Partition0 - ok
18:25:22.0964 0860 Boot (0x1200) (928e4505a1b301fd08d556bfa317f1f0) \Device\Harddisk0\DR0\Partition1
18:25:22.0967 0860 \Device\Harddisk0\DR0\Partition1 - ok
18:25:22.0967 0860 ============================================================
18:25:22.0967 0860 Scan finished
18:25:22.0967 0860 ============================================================
18:25:22.0989 7092 Detected object count: 0
18:25:22.0989 7092 Actual detected object count: 0
18:26:03.0081 8036 ============================================================
18:26:03.0081 8036 Scan started
18:26:03.0081 8036 Mode: Manual;
18:26:03.0081 8036 ============================================================
18:26:03.0611 8036 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
18:26:03.0614 8036 1394ohci - ok
18:26:03.0665 8036 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
18:26:03.0669 8036 ACPI - ok
18:26:03.0694 8036 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
18:26:03.0695 8036 AcpiPmi - ok
18:26:03.0751 8036 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
18:26:03.0757 8036 adp94xx - ok
18:26:03.0799 8036 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
18:26:03.0803 8036 adpahci - ok
18:26:03.0885 8036 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
18:26:03.0888 8036 adpu320 - ok
18:26:03.0951 8036 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
18:26:03.0957 8036 AFD - ok
18:26:04.0006 8036 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
18:26:04.0008 8036 agp440 - ok
18:26:04.0064 8036 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
18:26:04.0065 8036 aliide - ok
18:26:04.0094 8036 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
18:26:04.0095 8036 amdide - ok
18:26:04.0128 8036 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
18:26:04.0129 8036 AmdK8 - ok
18:26:04.0163 8036 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
18:26:04.0164 8036 AmdPPM - ok
18:26:04.0208 8036 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
18:26:04.0210 8036 amdsata - ok
18:26:04.0242 8036 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
18:26:04.0245 8036 amdsbs - ok
18:26:04.0272 8036 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
18:26:04.0272 8036 amdxata - ok
18:26:04.0319 8036 ApfiltrService (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\DRIVERS\Apfiltr.sys
18:26:04.0323 8036 ApfiltrService - ok
18:26:04.0373 8036 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
18:26:04.0374 8036 AppID - ok
18:26:04.0432 8036 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
18:26:04.0433 8036 arc - ok
18:26:04.0471 8036 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
18:26:04.0472 8036 arcsas - ok
18:26:04.0506 8036 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
18:26:04.0506 8036 ArcSoftKsUFilter - ok
18:26:04.0542 8036 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:26:04.0544 8036 AsyncMac - ok
18:26:04.0587 8036 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
18:26:04.0587 8036 atapi - ok
18:26:04.0674 8036 athr (cca705cdf038d5bc243203ce4416b345) C:\Windows\system32\DRIVERS\athrx.sys
18:26:04.0694 8036 athr - ok
18:26:04.0903 8036 atikmdag (eaea2ce49de0cca80beb9134107e5dd7) C:\Windows\system32\DRIVERS\atikmdag.sys
18:26:04.0975 8036 atikmdag - ok
18:26:05.0038 8036 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
18:26:05.0040 8036 avgntflt - ok
18:26:05.0075 8036 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
18:26:05.0077 8036 avipbb - ok
18:26:05.0132 8036 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
18:26:05.0137 8036 b06bdrv - ok
18:26:05.0175 8036 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:26:05.0178 8036 b57nd60a - ok
18:26:05.0211 8036 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:26:05.0212 8036 Beep - ok
18:26:05.0259 8036 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
18:26:05.0260 8036 blbdrive - ok
18:26:05.0309 8036 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
18:26:05.0310 8036 bowser - ok
18:26:05.0346 8036 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
18:26:05.0346 8036 BrFiltLo - ok
18:26:05.0375 8036 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
18:26:05.0376 8036 BrFiltUp - ok
18:26:05.0420 8036 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:26:05.0424 8036 Brserid - ok
18:26:05.0470 8036 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:26:05.0471 8036 BrSerWdm - ok
18:26:05.0533 8036 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:26:05.0534 8036 BrUsbMdm - ok
18:26:05.0572 8036 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:26:05.0573 8036 BrUsbSer - ok
18:26:05.0616 8036 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
18:26:05.0617 8036 BthEnum - ok
18:26:05.0641 8036 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
18:26:05.0642 8036 BTHMODEM - ok
18:26:05.0679 8036 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
18:26:05.0681 8036 BthPan - ok
18:26:05.0741 8036 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
18:26:05.0748 8036 BTHPORT - ok
18:26:05.0808 8036 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
18:26:05.0809 8036 BTHUSB - ok
18:26:05.0851 8036 btwampfl (59e3510784548c6939c1b3b985c232e3) C:\Windows\system32\drivers\btwampfl.sys
18:26:05.0856 8036 btwampfl - ok
18:26:05.0880 8036 btwaudio (1872074ed0a3fb22e3f1e3197b984bfa) C:\Windows\system32\drivers\btwaudio.sys
18:26:05.0881 8036 btwaudio - ok
18:26:05.0910 8036 btwavdt (691cf076c33ab1c3a5b2fd5450300733) C:\Windows\system32\drivers\btwavdt.sys
18:26:05.0912 8036 btwavdt - ok
18:26:05.0961 8036 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
18:26:05.0961 8036 btwl2cap - ok
18:26:05.0995 8036 btwrchid (c9273b20dec8ce38dbce5d29de63c907) C:\Windows\system32\DRIVERS\btwrchid.sys
18:26:05.0996 8036 btwrchid - ok
18:26:06.0020 8036 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:26:06.0022 8036 cdfs - ok
18:26:06.0074 8036 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
18:26:06.0076 8036 cdrom - ok
18:26:06.0122 8036 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
18:26:06.0123 8036 circlass - ok
18:26:06.0167 8036 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:26:06.0173 8036 CLFS - ok
18:26:06.0213 8036 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
18:26:06.0214 8036 CmBatt - ok
18:26:06.0260 8036 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
18:26:06.0260 8036 cmdide - ok
18:26:06.0309 8036 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
18:26:06.0315 8036 CNG - ok
18:26:06.0351 8036 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
18:26:06.0352 8036 Compbatt - ok
18:26:06.0401 8036 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
18:26:06.0402 8036 CompositeBus - ok
18:26:06.0435 8036 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
18:26:06.0436 8036 crcdisk - ok
18:26:06.0501 8036 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
18:26:06.0503 8036 DfsC - ok
18:26:06.0540 8036 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:26:06.0542 8036 discache - ok
18:26:06.0576 8036 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
18:26:06.0578 8036 Disk - ok
18:26:06.0616 8036 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:26:06.0617 8036 drmkaud - ok
18:26:06.0695 8036 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
18:26:06.0709 8036 DXGKrnl - ok
18:26:06.0833 8036 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
18:26:06.0866 8036 ebdrv - ok
18:26:06.0933 8036 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
18:26:06.0940 8036 elxstor - ok
18:26:06.0976 8036 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
18:26:06.0977 8036 ErrDev - ok
18:26:07.0043 8036 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:26:07.0046 8036 exfat - ok
18:26:07.0074 8036 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:26:07.0077 8036 fastfat - ok
18:26:07.0113 8036 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
18:26:07.0114 8036 fdc - ok
18:26:07.0159 8036 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:26:07.0160 8036 FileInfo - ok
18:26:07.0190 8036 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:26:07.0191 8036 Filetrace - ok
18:26:07.0222 8036 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
18:26:07.0223 8036 flpydisk - ok
18:26:07.0281 8036 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
18:26:07.0285 8036 FltMgr - ok
18:26:07.0330 8036 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:26:07.0331 8036 FsDepends - ok
18:26:07.0356 8036 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
18:26:07.0357 8036 Fs_Rec - ok
18:26:07.0414 8036 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:26:07.0417 8036 fvevol - ok
18:26:07.0457 8036 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
18:26:07.0458 8036 gagp30kx - ok
18:26:07.0495 8036 ggflt (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys
18:26:07.0496 8036 ggflt - ok
18:26:07.0542 8036 ggsemc (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys
18:26:07.0543 8036 ggsemc - ok
18:26:07.0587 8036 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:26:07.0587 8036 hcw85cir - ok
18:26:07.0632 8036 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
18:26:07.0637 8036 HdAudAddService - ok
18:26:07.0691 8036 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
18:26:07.0692 8036 HDAudBus - ok
18:26:07.0734 8036 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys
18:26:07.0735 8036 HECIx64 - ok
18:26:07.0775 8036 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
18:26:07.0776 8036 HidBatt - ok
18:26:07.0803 8036 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
18:26:07.0805 8036 HidBth - ok
18:26:07.0836 8036 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
18:26:07.0837 8036 HidIr - ok
18:26:07.0888 8036 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
18:26:07.0889 8036 HidUsb - ok
18:26:07.0933 8036 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
18:26:07.0934 8036 HpSAMD - ok
18:26:07.0997 8036 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
18:26:08.0005 8036 HTTP - ok
18:26:08.0051 8036 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
18:26:08.0051 8036 hwpolicy - ok
18:26:08.0096 8036 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
18:26:08.0098 8036 i8042prt - ok
18:26:08.0155 8036 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\drivers\iaStor.sys
18:26:08.0161 8036 iaStor - ok
18:26:08.0221 8036 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
18:26:08.0226 8036 iaStorV - ok
18:26:08.0547 8036 igfx (31569a2e836c12014148bf7342716946) C:\Windows\system32\DRIVERS\igdkmd64.sys
18:26:08.0671 8036 igfx - ok
18:26:08.0711 8036 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
18:26:08.0712 8036 iirsp - ok
18:26:08.0748 8036 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
18:26:08.0750 8036 Impcd - ok
18:26:08.0839 8036 IntcAzAudAddService (526e482afb586cb1cdd687869decf686) C:\Windows\system32\drivers\RTKVHD64.sys
18:26:08.0864 8036 IntcAzAudAddService - ok
18:26:08.0908 8036 IntcDAud (03c74719d48056a1078f3a51ceb76baa) C:\Windows\system32\DRIVERS\IntcDAud.sys
18:26:08.0913 8036 IntcDAud - ok
18:26:08.0961 8036 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
18:26:08.0961 8036 intelide - ok
18:26:09.0006 8036 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
18:26:09.0007 8036 intelppm - ok
18:26:09.0056 8036 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:26:09.0057 8036 IpFilterDriver - ok
18:26:09.0129 8036 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
18:26:09.0130 8036 IPMIDRV - ok
18:26:09.0177 8036 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:26:09.0179 8036 IPNAT - ok
18:26:09.0206 8036 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:26:09.0207 8036 IRENUM - ok
18:26:09.0252 8036 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
18:26:09.0253 8036 isapnp - ok
18:26:09.0310 8036 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
18:26:09.0314 8036 iScsiPrt - ok
18:26:09.0356 8036 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
18:26:09.0357 8036 kbdclass - ok
18:26:09.0384 8036 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
18:26:09.0385 8036 kbdhid - ok
18:26:09.0433 8036 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
18:26:09.0434 8036 KSecDD - ok
18:26:09.0486 8036 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
18:26:09.0488 8036 KSecPkg - ok
18:26:09.0527 8036 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:26:09.0528 8036 ksthunk - ok
18:26:09.0562 8036 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:26:09.0563 8036 lltdio - ok
18:26:09.0625 8036 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
18:26:09.0627 8036 LSI_FC - ok
18:26:09.0654 8036 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
18:26:09.0656 8036 LSI_SAS - ok
18:26:09.0699 8036 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
18:26:09.0700 8036 LSI_SAS2 - ok
18:26:09.0742 8036 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
18:26:09.0743 8036 LSI_SCSI - ok
18:26:09.0769 8036 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:26:09.0771 8036 luafv - ok
18:26:09.0818 8036 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
18:26:09.0819 8036 megasas - ok
18:26:09.0853 8036 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
18:26:09.0856 8036 MegaSR - ok
18:26:09.0906 8036 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:26:09.0907 8036 Modem - ok
18:26:09.0936 8036 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:26:09.0937 8036 monitor - ok
18:26:09.0991 8036 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
18:26:09.0992 8036 mouclass - ok
18:26:10.0023 8036 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
18:26:10.0024 8036 mouhid - ok
18:26:10.0075 8036 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
18:26:10.0076 8036 mountmgr - ok
18:26:10.0120 8036 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
18:26:10.0122 8036 mpio - ok
18:26:10.0172 8036 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:26:10.0173 8036 mpsdrv - ok
18:26:10.0234 8036 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
18:26:10.0236 8036 MRxDAV - ok
18:26:10.0293 8036 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:26:10.0296 8036 mrxsmb - ok
18:26:10.0344 8036 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:26:10.0348 8036 mrxsmb10 - ok
18:26:10.0395 8036 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:26:10.0397 8036 mrxsmb20 - ok
18:26:10.0434 8036 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
18:26:10.0435 8036 msahci - ok
18:26:10.0481 8036 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
18:26:10.0483 8036 msdsm - ok
18:26:10.0535 8036 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:26:10.0536 8036 Msfs - ok
18:26:10.0561 8036 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:26:10.0562 8036 mshidkmdf - ok
18:26:10.0603 8036 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
18:26:10.0603 8036 msisadrv - ok
18:26:10.0639 8036 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:26:10.0640 8036 MSKSSRV - ok
18:26:10.0668 8036 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:26:10.0669 8036 MSPCLOCK - ok
18:26:10.0690 8036 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:26:10.0691 8036 MSPQM - ok
18:26:10.0737 8036 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
18:26:10.0742 8036 MsRPC - ok
18:26:10.0789 8036 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
18:26:10.0789 8036 mssmbios - ok
18:26:10.0827 8036 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:26:10.0828 8036 MSTEE - ok
18:26:10.0863 8036 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
18:26:10.0864 8036 MTConfig - ok
18:26:10.0890 8036 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:26:10.0891 8036 Mup - ok
18:26:10.0930 8036 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:26:10.0934 8036 NativeWifiP - ok
18:26:11.0006 8036 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
18:26:11.0016 8036 NDIS - ok
18:26:11.0055 8036 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:26:11.0056 8036 NdisCap - ok
18:26:11.0081 8036 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:26:11.0082 8036 NdisTapi - ok
18:26:11.0133 8036 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
18:26:11.0134 8036 Ndisuio - ok
18:26:11.0181 8036 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
18:26:11.0184 8036 NdisWan - ok
18:26:11.0233 8036 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
18:26:11.0234 8036 NDProxy - ok
18:26:11.0265 8036 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:26:11.0266 8036 NetBIOS - ok
18:26:11.0321 8036 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
18:26:11.0324 8036 NetBT - ok
18:26:11.0581 8036 NETw5s64 (18555f48844c2861d9dce8f2b7223ae5) C:\Windows\system32\DRIVERS\NETw5s64.sys
18:26:11.0670 8036 NETw5s64 - ok
18:26:11.0713 8036 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
18:26:11.0714 8036 nfrd960 - ok
18:26:11.0763 8036 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:26:11.0764 8036 Npfs - ok
18:26:11.0789 8036 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:26:11.0790 8036 nsiproxy - ok
18:26:11.0889 8036 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
18:26:11.0910 8036 Ntfs - ok
18:26:11.0938 8036 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:26:11.0939 8036 Null - ok
18:26:12.0000 8036 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
18:26:12.0003 8036 nvraid - ok
18:26:12.0064 8036 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
18:26:12.0067 8036 nvstor - ok
18:26:12.0127 8036 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
18:26:12.0129 8036 nv_agp - ok
18:26:12.0154 8036 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
18:26:12.0155 8036 ohci1394 - ok
18:26:12.0213 8036 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
18:26:12.0214 8036 Parport - ok
18:26:12.0265 8036 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
18:26:12.0266 8036 partmgr - ok
18:26:12.0323 8036 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
18:26:12.0325 8036 pci - ok
18:26:12.0371 8036 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
18:26:12.0372 8036 pciide - ok
18:26:12.0413 8036 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
18:26:12.0416 8036 pcmcia - ok
18:26:12.0459 8036 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:26:12.0460 8036 pcw - ok
18:26:12.0498 8036 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:26:12.0506 8036 PEAUTH - ok
18:26:12.0610 8036 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
18:26:12.0612 8036 PptpMiniport - ok
18:26:12.0658 8036 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
18:26:12.0659 8036 Processor - ok
18:26:12.0722 8036 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
18:26:12.0724 8036 Psched - ok
18:26:12.0756 8036 PxHlpa64 (fbf4db6d53585437e41a113300002a2b) C:\Windows\system32\Drivers\PxHlpa64.sys
18:26:12.0757 8036 PxHlpa64 - ok
18:26:12.0831 8036 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
18:26:12.0849 8036 ql2300 - ok
18:26:12.0902 8036 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
18:26:12.0904 8036 ql40xx - ok
18:26:12.0950 8036 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:26:12.0951 8036 QWAVEdrv - ok
18:26:12.0978 8036 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:26:12.0979 8036 RasAcd - ok
18:26:13.0018 8036 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:26:13.0019 8036 RasAgileVpn - ok
18:26:13.0079 8036 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:26:13.0081 8036 Rasl2tp - ok
18:26:13.0116 8036 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:26:13.0119 8036 RasPppoe - ok
18:26:13.0140 8036 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:26:13.0142 8036 RasSstp - ok
18:26:13.0194 8036 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
18:26:13.0198 8036 rdbss - ok
18:26:13.0239 8036 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
18:26:13.0240 8036 rdpbus - ok
18:26:13.0271 8036 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:26:13.0272 8036 RDPCDD - ok
18:26:13.0292 8036 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:26:13.0293 8036 RDPENCDD - ok
18:26:13.0316 8036 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:26:13.0317 8036 RDPREFMP - ok
18:26:13.0375 8036 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
18:26:13.0378 8036 RDPWD - ok
18:26:13.0435 8036 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
18:26:13.0439 8036 rdyboost - ok
18:26:13.0491 8036 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
18:26:13.0494 8036 RFCOMM - ok
18:26:13.0534 8036 rimspci (fa6abc06b629da29634d31f1fe0347bd) C:\Windows\system32\drivers\rimssne64.sys
18:26:13.0535 8036 rimspci - ok
18:26:13.0577 8036 risdsnpe (8f8539a7f5c117d4407b2985995671f2) C:\Windows\system32\drivers\risdsne64.sys
18:26:13.0578 8036 risdsnpe - ok
18:26:13.0626 8036 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:26:13.0628 8036 rspndr - ok
18:26:13.0687 8036 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
18:26:13.0689 8036 sbp2port - ok
18:26:13.0728 8036 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
18:26:13.0729 8036 scfilter - ok
18:26:13.0769 8036 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
18:26:13.0771 8036 sdbus - ok
18:26:13.0815 8036 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:26:13.0815 8036 secdrv - ok
18:26:13.0872 8036 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
18:26:13.0873 8036 Serenum - ok
18:26:13.0901 8036 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
18:26:13.0903 8036 Serial - ok
18:26:13.0954 8036 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
18:26:13.0955 8036 sermouse - ok
18:26:14.0033 8036 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
18:26:14.0034 8036 SFEP - ok
18:26:14.0076 8036 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:26:14.0077 8036 sffdisk - ok
18:26:14.0105 8036 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:26:14.0106 8036 sffp_mmc - ok
18:26:14.0129 8036 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
18:26:14.0130 8036 sffp_sd - ok
18:26:14.0167 8036 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
18:26:14.0168 8036 sfloppy - ok
18:26:14.0235 8036 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
18:26:14.0243 8036 Sftfs - ok
18:26:14.0305 8036 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
18:26:14.0309 8036 Sftplay - ok
18:26:14.0331 8036 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
18:26:14.0332 8036 Sftredir - ok
18:26:14.0387 8036 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
18:26:14.0388 8036 Sftvol - ok
18:26:14.0445 8036 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
18:26:14.0446 8036 SiSRaid2 - ok
18:26:14.0483 8036 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
18:26:14.0484 8036 SiSRaid4 - ok
18:26:14.0519 8036 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:26:14.0520 8036 Smb - ok
18:26:14.0573 8036 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:26:14.0575 8036 spldr - ok
18:26:14.0637 8036 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
18:26:14.0644 8036 srv - ok
18:26:14.0698 8036 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
18:26:14.0703 8036 srv2 - ok
18:26:14.0735 8036 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
18:26:14.0738 8036 srvnet - ok
18:26:14.0787 8036 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
18:26:14.0788 8036 stexstor - ok
18:26:14.0841 8036 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
18:26:14.0841 8036 swenum - ok
18:26:14.0952 8036 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
18:26:14.0975 8036 Tcpip - ok
18:26:15.0050 8036 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
18:26:15.0072 8036 TCPIP6 - ok
18:26:15.0131 8036 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
18:26:15.0132 8036 tcpipreg - ok
18:26:15.0175 8036 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:26:15.0176 8036 TDPIPE - ok
18:26:15.0193 8036 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
18:26:15.0194 8036 TDTCP - ok
18:26:15.0245 8036 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
18:26:15.0247 8036 tdx - ok
18:26:15.0286 8036 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
18:26:15.0287 8036 TermDD - ok
18:26:15.0351 8036 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:26:15.0352 8036 tssecsrv - ok
18:26:15.0395 8036 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
18:26:15.0397 8036 TsUsbFlt - ok
18:26:15.0444 8036 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
18:26:15.0446 8036 tunnel - ok
18:26:15.0488 8036 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
18:26:15.0489 8036 uagp35 - ok
18:26:15.0556 8036 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
18:26:15.0561 8036 udfs - ok
18:26:15.0625 8036 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
18:26:15.0626 8036 uliagpkx - ok
18:26:15.0678 8036 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
18:26:15.0679 8036 umbus - ok
18:26:15.0720 8036 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
18:26:15.0721 8036 UmPass - ok
18:26:15.0776 8036 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
18:26:15.0777 8036 usbccgp - ok
18:26:15.0815 8036 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
18:26:15.0816 8036 usbcir - ok
18:26:15.0857 8036 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
18:26:15.0859 8036 usbehci - ok
18:26:15.0895 8036 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
18:26:15.0899 8036 usbhub - ok
18:26:15.0953 8036 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
18:26:15.0954 8036 usbohci - ok
18:26:15.0994 8036 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
18:26:15.0994 8036 usbprint - ok
18:26:16.0026 8036 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:26:16.0028 8036 USBSTOR - ok
18:26:16.0070 8036 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
18:26:16.0071 8036 usbuhci - ok
18:26:16.0103 8036 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
18:26:16.0106 8036 usbvideo - ok
18:26:16.0198 8036 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
18:26:16.0199 8036 vdrvroot - ok
18:26:16.0248 8036 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:26:16.0249 8036 vga - ok
18:26:16.0273 8036 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:26:16.0274 8036 VgaSave - ok
18:26:16.0325 8036 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
18:26:16.0328 8036 vhdmp - ok
18:26:16.0369 8036 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
18:26:16.0370 8036 viaide - ok
18:26:16.0410 8036 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
18:26:16.0411 8036 volmgr - ok
18:26:16.0462 8036 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
18:26:16.0467 8036 volmgrx - ok
18:26:16.0518 8036 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
18:26:16.0522 8036 volsnap - ok
18:26:16.0559 8036 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
18:26:16.0561 8036 vsmraid - ok
18:26:16.0604 8036 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
18:26:16.0606 8036 vwifibus - ok
18:26:16.0631 8036 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
18:26:16.0632 8036 vwififlt - ok
18:26:16.0660 8036 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
18:26:16.0661 8036 vwifimp - ok
18:26:16.0705 8036 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
18:26:16.0706 8036 WacomPen - ok
18:26:16.0748 8036 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:26:16.0750 8036 WANARP - ok
18:26:16.0757 8036 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:26:16.0759 8036 Wanarpv6 - ok
18:26:16.0821 8036 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
18:26:16.0822 8036 Wd - ok
18:26:16.0880 8036 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:26:16.0888 8036 Wdf01000 - ok
18:26:16.0946 8036 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:26:16.0946 8036 WfpLwf - ok
18:26:16.0972 8036 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:26:16.0973 8036 WIMMount - ok
18:26:17.0052 8036 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
18:26:17.0053 8036 WinUsb - ok
18:26:17.0105 8036 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
18:26:17.0106 8036 WmiAcpi - ok
18:26:17.0161 8036 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:26:17.0162 8036 ws2ifsl - ok
18:26:17.0230 8036 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
18:26:17.0231 8036 WudfPf - ok
18:26:17.0264 8036 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:26:17.0268 8036 WUDFRd - ok
18:26:17.0320 8036 yukonw7 (5250193ef8e173aa7491250f00eb367f) C:\Windows\system32\DRIVERS\yk62x64.sys
18:26:17.0325 8036 yukonw7 - ok
18:26:17.0361 8036 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:26:17.0376 8036 \Device\Harddisk0\DR0 - ok
18:26:17.0387 8036 Boot (0x1200) (05d0041e69bc4ecd76ccc8b2772cf749) \Device\Harddisk0\DR0\Partition0
18:26:17.0389 8036 \Device\Harddisk0\DR0\Partition0 - ok
18:26:17.0398 8036 Boot (0x1200) (928e4505a1b301fd08d556bfa317f1f0) \Device\Harddisk0\DR0\Partition1
18:26:17.0400 8036 \Device\Harddisk0\DR0\Partition1 - ok
18:26:17.0402 8036 ============================================================
18:26:17.0402 8036 Scan finished
18:26:17.0402 8036 ============================================================
18:26:17.0416 7128 Detected object count: 0
18:26:17.0416 7128 Actual detected object count: 0
__________________
Alt 27.11.2011, 00:48   #4
Larusso
/// Selecta Jahrusso
 
SystemFix auf meinem Laptop - Standard

SystemFix auf meinem Laptop


Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Bitte downloade dir Combofix.exe und speichere es unbedingt auf deinem Desktop.
  • Besuche folgende Seite für Downloadlinks und Anweisungen für dieses Tool

    Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Hinweis:
    Gehe sicher das all deine Anti Virus und Anti Malware Programme abgeschalten sind, damit diese Combofix nicht bei der Arbeit stören.
  • Poste bitte die C:\Combofix.txt in deiner nächsten Antwort.


Bitte poste in deiner nächsten Antwort
Combofix.txt
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie
Alt 27.11.2011, 05:09   #5
charli8
 
SystemFix auf meinem Laptop - Standard

SystemFix auf meinem Laptop


Habe Combofix durchgeführt. Danke für die Hilfe .

Combofix.txt
Combofix Logfile:
Code:
ATTFilter
ComboFix 11-11-26.04 - CHARLI8 26.11.2011  22:04:19.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3758.1715 [GMT -5:00]
ausgeführt von:: c:\users\CHARLI8\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\hosts
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-10-27 bis 2011-11-27  ))))))))))))))))))))))))))))))
.
.
2011-11-27 03:36 . 2011-11-27 03:36	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-11-26 16:00 . 2011-11-26 16:00	69000	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{9E68BCC5-3EDB-4920-B4A5-90CF3EFD7FFA}\offreg.dll
2011-11-26 04:29 . 2011-11-26 04:38	--------	d-----w-	c:\programdata\SecTaskMan
2011-11-26 04:29 . 2011-11-26 04:29	--------	d-----w-	c:\program files (x86)\Security Task Manager
2011-11-25 22:57 . 2011-10-07 04:16	8570192	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{9E68BCC5-3EDB-4920-B4A5-90CF3EFD7FFA}\mpengine.dll
2011-11-22 04:55 . 2011-11-22 04:55	0	----a-w-	c:\windows\SysWow64\shoE7A6.tmp
2011-11-21 14:00 . 2011-11-21 14:00	--------	d-----w-	c:\program files (x86)\Common Files\Java
2011-11-20 22:40 . 2011-11-20 22:40	--------	d-----w-	c:\windows\system32\Macromed
2011-11-20 06:50 . 2011-11-20 06:50	--------	d-----w-	c:\users\CHARLI8\AppData\Roaming\TrojanHunter
2011-11-20 03:35 . 2011-11-20 15:35	--------	d-----w-	c:\program files (x86)\TrojanHunter 5.5
2011-11-17 13:41 . 2011-11-17 13:41	--------	d-----w-	c:\programdata\Nikon
2011-11-16 21:14 . 2011-11-16 21:14	--------	d-----w-	c:\users\CHARLI8\AppData\Roaming\Nikon
2011-11-16 21:14 . 2011-11-20 15:36	--------	d-----w-	c:\users\CHARLI8\AppData\Local\Nikon
2011-11-16 21:05 . 2011-11-16 21:05	106496	----a-w-	c:\windows\SysWow64\ATL71.DLL
2011-11-16 21:05 . 2011-11-16 21:05	--------	d-----w-	c:\programdata\Ultima_T15
2011-11-16 21:05 . 2011-11-16 21:05	--------	d-----w-	c:\programdata\EnterNHelp
2011-11-16 21:04 . 2011-11-20 15:36	--------	d-----w-	c:\program files (x86)\Nikon
2011-11-16 21:04 . 2011-11-16 21:04	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2011-11-16 21:04 . 2011-11-16 21:04	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2011-11-16 21:04 . 2011-11-16 21:04	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2011-11-16 21:04 . 2011-11-16 21:04	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2011-11-16 21:04 . 2011-11-16 21:04	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2011-11-16 21:04 . 2011-11-16 21:04	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2011-11-16 21:04 . 2011-11-16 21:04	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2011-11-16 21:04 . 2011-11-16 21:04	--------	d-----w-	c:\program files (x86)\QuickTime
2011-11-16 21:04 . 2011-11-16 21:04	--------	d-----w-	c:\programdata\Apple Computer
2011-11-16 21:03 . 2011-11-16 21:03	--------	d-----w-	c:\programdata\Apple
2011-11-14 02:36 . 2011-11-14 02:36	0	----a-w-	c:\windows\SysWow64\sho9579.tmp
2011-11-08 22:24 . 2011-10-01 05:45	886784	----a-w-	c:\program files\Common Files\System\wab32.dll
2011-11-08 22:24 . 2011-10-01 04:37	708608	----a-w-	c:\program files (x86)\Common Files\System\wab32.dll
2011-11-08 22:24 . 2011-09-29 16:29	1923952	----a-w-	c:\windows\system32\drivers\tcpip.sys
2011-11-08 22:24 . 2011-09-29 04:03	3144704	----a-w-	c:\windows\system32\win32k.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-21 02:17 . 2011-06-26 23:24	414368	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-03 10:06 . 2010-07-28 02:07	472808	----a-w-	c:\windows\SysWow64\deployJava1.dll
2011-09-26 19:09 . 2011-09-26 19:09	86528	----a-w-	c:\windows\SysWow64\iesysprep.dll
2011-09-26 19:09 . 2011-09-26 19:09	76800	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2011-09-26 19:09 . 2011-09-26 19:09	74752	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-09-26 19:09 . 2011-09-26 19:09	63488	----a-w-	c:\windows\SysWow64\tdc.ocx
2011-09-26 19:09 . 2011-09-26 19:09	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2011-09-26 19:09 . 2011-09-26 19:09	367104	----a-w-	c:\windows\SysWow64\html.iec
2011-09-26 19:09 . 2011-09-26 19:09	161792	----a-w-	c:\windows\SysWow64\msls31.dll
2011-09-26 19:09 . 2011-09-26 19:09	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2011-09-26 19:09 . 2011-09-26 19:09	91648	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2011-09-26 19:09 . 2011-09-26 19:09	89088	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2011-09-26 19:09 . 2011-09-26 19:09	85504	----a-w-	c:\windows\system32\iesetup.dll
2011-09-26 19:09 . 2011-09-26 19:09	76800	----a-w-	c:\windows\system32\tdc.ocx
2011-09-26 19:09 . 2011-09-26 19:09	74752	----a-w-	c:\windows\SysWow64\iesetup.dll
2011-09-26 19:09 . 2011-09-26 19:09	603648	----a-w-	c:\windows\system32\vbscript.dll
2011-09-26 19:09 . 2011-09-26 19:09	49664	----a-w-	c:\windows\system32\imgutil.dll
2011-09-26 19:09 . 2011-09-26 19:09	48640	----a-w-	c:\windows\system32\mshtmler.dll
2011-09-26 19:09 . 2011-09-26 19:09	448512	----a-w-	c:\windows\system32\html.iec
2011-09-26 19:09 . 2011-09-26 19:09	420864	----a-w-	c:\windows\SysWow64\vbscript.dll
2011-09-26 19:09 . 2011-09-26 19:09	35840	----a-w-	c:\windows\SysWow64\imgutil.dll
2011-09-26 19:09 . 2011-09-26 19:09	30720	----a-w-	c:\windows\system32\licmgr10.dll
2011-09-26 19:09 . 2011-09-26 19:09	23552	----a-w-	c:\windows\SysWow64\licmgr10.dll
2011-09-26 19:09 . 2011-09-26 19:09	222208	----a-w-	c:\windows\system32\msls31.dll
2011-09-26 19:09 . 2011-09-26 19:09	173056	----a-w-	c:\windows\system32\ieUnatt.exe
2011-09-26 19:09 . 2011-09-26 19:09	165888	----a-w-	c:\windows\system32\iexpress.exe
2011-09-26 19:09 . 2011-09-26 19:09	160256	----a-w-	c:\windows\system32\wextract.exe
2011-09-26 19:09 . 2011-09-26 19:09	152064	----a-w-	c:\windows\SysWow64\wextract.exe
2011-09-26 19:09 . 2011-09-26 19:09	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2011-09-26 19:09 . 2011-09-26 19:09	1492992	----a-w-	c:\windows\system32\inetcpl.cpl
2011-09-26 19:09 . 2011-09-26 19:09	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2011-09-26 19:09 . 2011-09-26 19:09	1427456	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2011-09-26 19:09 . 2011-09-26 19:09	135168	----a-w-	c:\windows\system32\IEAdvpack.dll
2011-09-26 19:09 . 2011-09-26 19:09	12288	----a-w-	c:\windows\system32\mshta.exe
2011-09-26 19:09 . 2011-09-26 19:09	11776	----a-w-	c:\windows\SysWow64\mshta.exe
2011-09-26 19:09 . 2011-09-26 19:09	114176	----a-w-	c:\windows\system32\admparse.dll
2011-09-26 19:09 . 2011-09-26 19:09	111616	----a-w-	c:\windows\system32\iesysprep.dll
2011-09-26 19:09 . 2011-09-26 19:09	101888	----a-w-	c:\windows\SysWow64\admparse.dll
2011-09-26 18:33 . 2009-07-14 02:36	152576	----a-w-	c:\windows\SysWow64\msclmd.dll
2011-09-26 18:33 . 2009-07-14 02:36	175616	----a-w-	c:\windows\system32\msclmd.dll
2011-09-01 05:24 . 2011-10-14 03:32	2309120	----a-w-	c:\windows\system32\jscript9.dll
2011-09-01 05:17 . 2011-10-14 03:32	1389056	----a-w-	c:\windows\system32\wininet.dll
2011-09-01 05:12 . 2011-10-14 03:32	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2011-09-01 02:35 . 2011-10-14 03:32	1798144	----a-w-	c:\windows\SysWow64\jscript9.dll
2011-09-01 02:28 . 2011-10-14 03:32	1126912	----a-w-	c:\windows\SysWow64\wininet.dll
2011-09-01 02:22 . 2011-10-14 03:32	2382848	----a-w-	c:\windows\SysWow64\mshtml.tlb
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Elbserver"="c:\program files (x86)\Sony\Media Gallery\ElbServer.exe" [2010-06-22 81264]
"CAHeadless"="c:\program files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe" [2009-10-09 615808]
"VRLPHelper"="c:\program files (x86)\Sony\Media Gallery\VRLPHelper.exe" [2010-06-22 183152]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-07-28 39408]
"Sony Ericsson PC Companion"="c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" [2011-07-25 433360]
"Facebook Update"="c:\users\CHARLI8\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-09-09 137536]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2010-05-31 673136]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-06-01 600928]
"SHTtray.exe"="c:\program files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe" [2010-06-20 99696]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-01-10 281768]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-09-08 421888]
"Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2010-05-26 619008]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-8 1128224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-28 136176]
R2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-28 136176]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-06-09 101232]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-05-02 136360]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-06-01 367456]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
S2 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-06-20 108400]
S2 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-06-18 423280]
S2 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-06-20 67952]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-05-28 2320920]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-06-21 575856]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-06-17 851824]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-06-09 537456]
S2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-06-09 384880]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-06-08 836608]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link der Serie 5000 Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-06-06 304496]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2011-09-23 1429608]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 85464747
*Deregistered* - 85464747
.
Inhalt des "geplante Tasks" Ordners
.
2011-11-27 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2659469812-1657583075-3705183488-1001Core.job
- c:\users\Mara Bangert\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-09 02:13]
.
2011-11-27 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2659469812-1657583075-3705183488-1001UA.job
- c:\users\Mara Bangert\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-09 02:13]
.
2011-11-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-28 01:51]
.
2011-11-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-28 01:51]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-05-31 10775584]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-05-31 2040352]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-26 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-26 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-26 415256]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1 71.250.0.12
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2011-11-26  22:58:32
ComboFix-quarantined-files.txt  2011-11-27 03:58
.
Vor Suchlauf: 17 Verzeichnis(se), 221.016.256.512 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 221.475.479.552 Bytes frei
.
- - End Of File - - 03420D9DAD8A1DD215DBAFF23E48221D
--- --- ---
Alt 27.11.2011, 15:28   #6
Larusso
/// Selecta Jahrusso
 
SystemFix auf meinem Laptop - Standard

SystemFix auf meinem Laptop


Hy,

Wie läuft der Rechner ?
__________________
--> SystemFix auf meinem Laptop

Alt 27.11.2011, 16:12   #7
charli8
 
SystemFix auf meinem Laptop - Standard

SystemFix auf meinem Laptop


Das Problem mit Google besteht immernoch , werde also immernoch auf andere Seiten geführt , als die , die ich angeklickt habe.

Alt 27.11.2011, 17:15   #8
Larusso
/// Selecta Jahrusso
 
SystemFix auf meinem Laptop - Standard

SystemFix auf meinem Laptop


Okay,
Sehen wir mal ob diese Infektion auch schon bei uns aufgetaucht ist. Bis jetzt nur im internationalen Bereich gesehen.

Drücke bitte die Windows + R Taste und kopiere folgenden Befehl hinein und drücke OK.

diskmgmt.msc


Poste mir bitte einen Screenshot dieses Fensters in deiner nächsten Antwort
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie
Alt 27.11.2011, 17:27   #9
charli8
 
SystemFix auf meinem Laptop - Standard

SystemFix auf meinem Laptop


Ich hoffe , das ist das Richtige .
Liebe Güße ,
Charli8
Alt 27.11.2011, 17:38   #10
Larusso
/// Selecta Jahrusso
 
SystemFix auf meinem Laptop - Standard

SystemFix auf meinem Laptop


Gute Arbeit.

Sieht hier nicht so aus, als wäre diese Infektion vorhanden.


Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe
    Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Nein.
  • Klicke auf Scan
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.


Auf deinem Desktop wird eine MBR.dat Datei erstellt. Bitte Rechtsklick --> Senden an --> Zip komprimierter Ordner

und hänge diese in deiner nächsten Antwort an.
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie
Alt 28.11.2011, 01:26   #11
charli8
 
SystemFix auf meinem Laptop - Standard

SystemFix auf meinem Laptop


aswMBR.txt

Zitat:
aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-27 19:17:37
-----------------------------
19:17:37.833 OS Version: Windows x64 6.1.7601 Service Pack 1
19:17:37.833 Number of processors: 4 586 0x2505
19:17:37.833 ComputerName: CHARLI8 UserName:
19:17:38.972 Initialize success
19:17:52.283 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:17:52.283 Disk 0 Vendor: ST932032 0006 Size: 305245MB BusType: 3
19:17:52.314 Disk 0 MBR read successfully
19:17:52.314 Disk 0 MBR scan
19:17:52.314 Disk 0 Windows 7 default MBR code
19:17:52.330 Service scanning
19:17:58.913 Modules scanning
19:17:58.913 Disk 0 trace - called modules:
19:17:58.976 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa8006374334]<<
19:17:58.976 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800635d060]
19:17:58.976 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa800356a750]
19:17:58.991 5 ACPI.sys[fffff88000ecf7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004325050]
19:17:58.991 \Driver\iaStor[0xfffffa80042e5cb0] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0xfffffa8006374334
19:17:59.007 Scan finished successfully
19:20:52.822 Disk 0 MBR has been saved successfully to "C:\Users\CHARLI8\Desktop\MBR.dat"
19:20:52.822 The log file has been saved successfully to "C:\Users\CHARLI8\Desktop\aswMBR.txt"
und die MBR.dat befindet sich im Anhang. Konnte diese aber selbst nicht öffnen , ist das normal ?

Alt 28.11.2011, 15:44   #12
Larusso
/// Selecta Jahrusso
 
SystemFix auf meinem Laptop - Standard

SystemFix auf meinem Laptop


Wir haben da spezielle Tools für.


Sind die Umleitungen in allen Browsern vorhanden ?


Downloade Dir bitte Malwarebytes
  • Installiere das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere Quick-Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.



Bitte poste in deiner nächsten Antwort
Malwarebytes Logfile
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie
Alt 28.11.2011, 17:39   #13
charli8
 
SystemFix auf meinem Laptop - Standard

SystemFix auf meinem Laptop


Malwarebyte hat heute nichts gefunden.

Zitat:
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 177894
Laufzeit: 5 Minute(n), 49 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Habe aber nochmal die Auswertung von dem Tag gefunden , als ich mir den Virus eingefangen hatte.

Zitat:
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 7622

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

19.11.2011 13:20:49
mbam-log-2011-11-19 (13-20-49).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 180936
Laufzeit: 7 Minute(n), 21 Sekunde(n)

Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 2
Infizierte Verzeichnisse: 1
Infizierte Dateien: 5

Infizierte Speicherprozesse:
c:\Users\CHARLI8\AppData\Roaming\kb00765306.exe (Trojan.Agent.Gen) -> 5616 -> Unloaded process successfully.

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KB00765306.exe (Trojan.Agent.Gen) -> Value: KB00765306.exe -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
c:\Users\CHARLI8\AppData\Roaming\67737652 (Rogue.Multiple) -> Quarantined and deleted successfully.

Infizierte Dateien:
c:\Users\CHARLI8\AppData\Roaming\kb00765306.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
c:\Users\CHARLI8\AppData\Local\Temp\0.2549771505112399.exe (Exploit.Drop.2) -> Quarantined and deleted successfully.
c:\Users\CHARLI8\AppData\Local\Temp\0.7507630034363558.exe (Exploit.Drop.2) -> Quarantined and deleted successfully.
c:\programdata\Carbon (Stolen.Data) -> Quarantined and deleted successfully.
c:\Users\CHARLI8\AppData\Roaming\67737652\67737652.DAT (Rogue.Multiple) -> Quarantined and deleted successfully.
Die Umleitungen sind sowohl bei Internet Explorer als auch bei Google Chrome vorzufinden.
Mir ist auch aufgefallen , dass ich Internet Explorer nicht löschen kann , da dass immer von einem Programm verhindert wird.

Alt 28.11.2011, 17:48   #14
Larusso
/// Selecta Jahrusso
 
SystemFix auf meinem Laptop - Standard

SystemFix auf meinem Laptop


Okay, dann sehen wir uns das mal genauer an.


Downloade dir bitte Farbar's Recovery Scan Tool x64 und speichere diese auf einen USB Stick.

Schließe den USB Stick an das infizierte System an

Du musst das System nun in die System Reparatur Option booten.

Über den Boot Manager
  • Starte den Rechner neu auf.
  • Während dem Hochfahren drücke mehrmals die F8 Taste
  • Wähle nun Computer reparieren.
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".

Mit Windows CD/DVD
  • Lege die Windows CD in dein Laufwerk.
  • Starte den Rechner neu auf und starte von der CD
  • Wähle die Spracheinstellungen und klicke "Weiter".
  • Klicke auf Computerreparaturoptionen !!
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".


Wähle in den Reparaturoptionen Eingabeaufforderung
  • Gib nun bitte notepad ein und drücke Enter.
  • Im öffnenden Textdokument --> Datei --> Speichern unter und wähle Computer
    Hier wird dir der Laufwerksbuchstabe deines USB Sticks angezeigt.
  • Schließe Notepad wieder
  • Gib nun bitte folgenden Befehl ein.
    e:\frst64.exe
    Hinweis: e steht für den Laufwerksbuchstaben deines USB Sticks. Gegebenfalls anpassen.
  • Akzeptiere den Disclaimer mit Yes und klicke Scan
Das Tool erstellt eine FRST.txt auf deinem USB Stick. Poste den Inhalt bitte hier.
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie
Alt 28.11.2011, 18:40   #15
charli8
 
SystemFix auf meinem Laptop - Standard

SystemFix auf meinem Laptop


Ich habe leider keinen USB-Stick zur Verfügung . Könnte nur einen Mp3 Player , mit USB-Anschluss , SD-Karten oder eine externe Festplatte anbieten. Ginge es auch mit einem dieser Speichermedien ?

Antwort
Seite 1 von 4 1 23 Letzte »

Themen zu SystemFix auf meinem Laptop
32-bit, adobe flashplayer, alternate, antivir, autorun, avira, bho, c:\windows\system32\rundll32.exe, computer, desktop, error, format, google, google chrome, google earth, home, install.exe, internet, internet explorer, limited.com/facebook, logfile, microsoft office starter 2010, plug-in, problem, realtek, registry, required, richtlinie, rundll, safer networking, scan, security, shortcut, sicherheit, software, symantec, system, systemfix, version=1.0, virus, warum, webcheck, werbeanzeigen, windows, windows 7 64bit


« windows aus sicherheitsgründen blockiert | Trojaner, der Virenprogramm vorgaukelt eingefangen + Firewall lässt sich nicht mehr einschalten »


Ähnliche Themen: SystemFix auf meinem Laptop


  1. Virenfunde auf meinem Laptop
    Plagegeister aller Art und deren Bekämpfung - 04.12.2014 (13)
  2. Was ist nur mit meinem Laptop los?
    Plagegeister aller Art und deren Bekämpfung - 27.09.2014 (21)
  3. Bootstrapper.exe auf meinem Laptop
    Plagegeister aller Art und deren Bekämpfung - 07.11.2013 (10)
  4. bluescreen auf meinem laptop
    Log-Analyse und Auswertung - 19.10.2013 (3)
  5. GVU Trojaner auf meinem Win 7 Laptop.
    Plagegeister aller Art und deren Bekämpfung - 31.07.2013 (17)
  6. GVU - Trojaner auf meinem Laptop
    Log-Analyse und Auswertung - 26.07.2013 (10)
  7. GVU Trojaner auf meinem Laptop
    Plagegeister aller Art und deren Bekämpfung - 28.06.2013 (7)
  8. Trojaner auf meinem Laptop
    Plagegeister aller Art und deren Bekämpfung - 30.05.2013 (9)
  9. BKA Trojaner auf meinem Laptop
    Plagegeister aller Art und deren Bekämpfung - 22.10.2012 (1)
  10. GVU-Trojaner auf meinem Laptop
    Log-Analyse und Auswertung - 22.09.2012 (9)
  11. TR/Trash.Gen (Systemfix, Gema, und weitere Viren)
    Log-Analyse und Auswertung - 29.12.2011 (22)
  12. Systemfix entfernt - PC wieder sauber?
    Log-Analyse und Auswertung - 15.12.2011 (41)
  13. Systemfix und Win 7 internet Security - hoffentlich bald alle reste entfernt?
    Log-Analyse und Auswertung - 08.12.2011 (7)
  14. Virusbefall auf meinem Laptop
    Log-Analyse und Auswertung - 08.11.2011 (47)
  15. Probleme mit meinem Laptop (Win XP)
    Log-Analyse und Auswertung - 11.02.2011 (5)
  16. Beastdoor!IK auf meinem Laptop
    Log-Analyse und Auswertung - 31.05.2010 (9)
  17. Logfile von meinem Laptop
    Log-Analyse und Auswertung - 02.08.2005 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema SystemFix auf meinem Laptop - Hallo Helfer vom Trojaner-Board. Ich habe mir vor einigen Tagen den Virus "System Fix" eingefangen . Die Folgen waren folgende : - jegliche Verknüpfungen auf dem Desktop waren verschwunden - - SystemFix auf meinem Laptop...
Archiv
Du betrachtest: SystemFix auf meinem Laptop auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131