Firefox verbindet kaum noch

klein_lola · 29.03.2012, 14:01

Hallo zusammen,
als ich meinen Laptop heut morgen aus dem Standby geholt hab, verbindet FF auf einmal ganz schlecht, es kommt eine Fehlermeldung und ich werde immer aufgefordert es nochmals zu probieren. daraufhin habe ich mbam durchlaufen lassen und promt was gefunden. gleichzeitig hat auch MSE eine meldung gebracht das es ebenfalls was gefunden hat.
Kann mir von euch bitte jemand weiterhelfen?!?

Hier der mbam logfile:

Code:

ATTFilter

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.03.29.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
LOLA :: LOLA-PC [Administrator]

Schutz: Aktiviert

29.03.2012 10:38:56
mbam-log-2012-03-29 (10-38-56).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 403990
Laufzeit: 2 Stunde(n), 26 Minute(n), 55 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\LOLA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XYEIPD0E\softw[1].exe (Trojan.Agent.PE5) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Bei MSE wurde folgendes gefunden:
-Exploit:Java/CVE-2012-0507.D!ldr
-Exploit:Java/CVE-2012-0507.A
-Rogue:Win32/Winwebsec

markusg · 29.03.2012, 15:38

hi, wo hat mse das gefunden, pfadangaben posten bitte.
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die
OTL.exe
.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt in die
Textbox.

Code:

ATTFilter

activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Kopiere
nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

klein_lola · 30.03.2012, 08:08

Das Problem mit FF lag anscheinend an meiner Netzverbindung. heute geht zumindestens alles wieder. Weiterhin muss ich dazu sagen, dass ich eigentlich zu Sicherheit nur über ein Konto mit Standardrechten surfe. Dieses Konto habe ich gestern auch schon vorsichtshalber gelöscht und zum surfen wieder ein neues erstellt. Nur damit du bescheid weißt.

Hier der OTL-file

Code:

ATTFilter

OTL logfile created on: 30.03.2012 08:44:18 - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\LOLA\André\TrojanerBoard
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 1,13 Gb Available Physical Memory | 56,64% Memory free
7,79 Gb Paging File | 6,89 Gb Available in Paging File | 88,44% Paging File free
Paging file location(s): c:\pagefile.sys 6000 6000 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140,11 Gb Total Space | 42,68 Gb Free Space | 30,46% Space Free | Partition Type: NTFS
 
Computer Name: LOLA-PC | User Name: LOLA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.02.07 16:33:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\LOLA\André\TrojanerBoard\OTL.exe
PRC - [2012.01.13 15:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.10.14 08:01:50 | 000,994,360 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psia.exe
PRC - [2011.10.14 08:01:48 | 000,399,416 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\sua.exe
PRC - [2011.06.15 16:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\msseces.exe
PRC - [2011.04.27 16:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2011.04.27 16:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2009.04.11 00:28:04 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.02.26 19:36:46 | 000,030,040 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2007.07.24 19:26:38 | 000,182,392 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe
PRC - [2007.07.24 19:26:38 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2007.06.28 09:53:02 | 000,184,320 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2007.06.28 09:53:00 | 000,188,416 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2007.06.28 09:52:48 | 000,274,432 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2007.06.15 13:45:20 | 000,469,112 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\Wireless Switch Setting Utility\Switcher.exe
PRC - [2007.06.14 08:40:46 | 000,921,600 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Power Management\SPMgr.exe
PRC - [2007.02.25 22:55:18 | 000,125,048 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2007.01.04 20:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2007.06.30 03:07:56 | 000,249,856 | ---- | M] () -- C:\Windows\System32\igfxTMM.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] --  -- (CLTNetCnService)
SRV - [2012.01.13 15:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.10.14 08:01:50 | 000,994,360 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011.10.14 08:01:48 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011.04.27 16:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011.04.27 16:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2008.01.19 00:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.07.24 19:26:38 | 000,182,392 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2007.07.05 20:12:52 | 000,292,152 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2007.07.05 18:43:04 | 000,079,736 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2007.06.28 09:53:04 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2007.06.28 09:53:02 | 000,184,320 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2007.06.28 09:53:00 | 000,188,416 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2007.06.28 09:52:48 | 000,274,432 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2007.02.25 22:55:18 | 000,125,048 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007.01.04 20:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | Unknown | Running] --  -- (MpKsl2f299fee)
DRV - [2012.03.30 08:32:32 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FDBAC49C-2366-4912-9DB0-1DAF133D314F}\MpKsl9967ca85.sys -- (MpKsl9967ca85)
DRV - [2012.02.09 17:38:04 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.12.10 16:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.11.17 16:37:16 | 000,441,608 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\System32\drivers\Uim_IM.sys -- (Uim_IM)
DRV - [2011.11.17 16:37:16 | 000,277,576 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\System32\drivers\Uim_Vim.sys -- (Uim_Vim)
DRV - [2011.11.17 16:37:16 | 000,045,240 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\Windows\System32\drivers\UimBus.sys -- (UimBus)
DRV - [2011.04.27 16:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011.04.18 14:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010.09.01 10:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2007.07.07 02:10:36 | 002,591,232 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007.07.06 12:27:31 | 000,084,480 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007.06.30 13:04:34 | 002,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007.06.27 19:29:58 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2007.06.16 02:17:13 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.06.06 02:00:39 | 000,812,544 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2007.04.24 19:36:00 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfusb.sys -- (tosrfusb)
DRV - [2007.04.24 13:20:06 | 000,113,920 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2007.04.20 02:01:10 | 000,073,472 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FLx86.sys -- (R5U870FLx86)
DRV - [2007.04.20 02:01:10 | 000,043,904 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FUx86.sys -- (R5U870FUx86)
DRV - [2007.04.17 21:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2007.03.01 16:53:12 | 000,073,728 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2007.02.13 19:06:36 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2006.11.20 18:55:16 | 000,036,480 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2006.11.06 10:29:32 | 000,027,520 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SonyNC.sys -- (SNC)
DRV - [2006.10.10 20:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2005.08.01 17:45:00 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005.01.06 14:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.groupon.de/"
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.03.17 11:24:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2012.02.06 20:52:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LOLA\AppData\Roaming\mozilla\Extensions
[2012.02.24 19:32:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LOLA\AppData\Roaming\mozilla\Firefox\Profiles\xc1owxwn.default\extensions
[2012.03.17 11:24:31 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XC1OWXWN.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012.03.10 03:36:40 | 000,134,072 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.03.10 03:35:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.03.10 03:35:35 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll File not found
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\LOLA\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E8D3B9EF-A0AB-41E2-979F-2C01C0F80089}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) -  File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\VAIO CR Wallpaper Pink 1280x800.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\VAIO CR Wallpaper Pink 1280x800.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe - (TOSHIBA CORPORATION.)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk - C:\Programme\Secunia\PSI\psi_tray.exe - (Secunia)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= -  File not found
MsConfig - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig - StartUpReg: BrMfcWnd - hkey= - key= - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
MsConfig - StartUpReg: ControlCenter3 - hkey= - key= - C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig - StartUpReg: IndexSearch - hkey= - key= - C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
MsConfig - StartUpReg: ISBMgr.exe - hkey= - key= - C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: Malwarebytes' Anti-Malware - hkey= - key= - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
MsConfig - StartUpReg: PaperPort PTD - hkey= - key= - C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
MsConfig - StartUpReg: PPort11reminder - hkey= - key= - C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
MsConfig - StartUpReg: Skype - hkey= - key= -  File not found
MsConfig - StartUpReg: SSBkgdUpdate - hkey= - key= - C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: SynTPEnh - hkey= - key= - C:\Programme\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
MsConfig - StartUpReg: Windows Defender - hkey= - key= -  File not found
MsConfig - State: "startup" - 2
MsConfig - State: "bootini" - 2
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.03.21 11:11:16 | 000,000,000 | ---D | C] -- C:\Users\LOLA\Documents\Expression
[2012.03.20 09:47:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2012.03.20 09:47:35 | 000,000,000 | ---D | C] -- C:\Users\LOLA\AppData\Roaming\pdfforge
[2012.03.20 09:47:31 | 000,054,784 | ---- | C] (pdfforge GbR) -- C:\Windows\System32\pdfcmon.dll
[2012.03.13 15:55:30 | 000,000,000 | ---D | C] -- C:\Program Files\WPF Toolkit
[2012.03.13 15:55:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 3 SDK
[2012.03.13 15:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 4 SDK
[2012.03.13 15:52:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
[2012.03.13 15:51:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
[2012.03.13 15:49:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Expression
[2012.03.13 15:29:37 | 000,000,000 | ---D | C] -- C:\Users\LOLA\AppData\Roaming\e-academy Inc
[2012.03.12 15:55:19 | 000,000,000 | R--D | C] -- C:\Users\LOLA\AppData\Roaming\Brother
[2012.03.12 15:52:39 | 000,000,000 | ---D | C] -- C:\Users\LOLA\Documents\Wichtiges
[2012.03.11 11:37:51 | 000,000,000 | ---D | C] -- C:\Users\LOLA\Elke
[2012.03.02 09:07:15 | 000,000,000 | ---D | C] -- C:\Windows\Sun
 
========== Files - Modified Within 30 Days ==========
 
[2012.03.30 08:38:59 | 000,673,562 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.03.30 08:38:59 | 000,634,252 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.03.30 08:38:59 | 000,145,404 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.03.30 08:38:59 | 000,119,778 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.03.30 08:37:03 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.03.30 08:33:57 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.03.30 08:32:11 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.30 08:32:11 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.30 08:32:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.30 08:31:58 | 2137,448,448 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.17 11:24:33 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.03.14 18:23:42 | 000,054,784 | ---- | M] (pdfforge GbR) -- C:\Windows\System32\pdfcmon.dll
[2012.03.14 14:03:58 | 000,409,232 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.03.03 17:06:23 | 000,133,388 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat
[2012.03.03 12:38:57 | 000,023,040 | ---- | M] () -- C:\Users\LOLA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== Files Created - No Company Name ==========
 
[2012.03.29 15:12:56 | 2137,448,448 | -HS- | C] () -- C:\hiberfil.sys
[2012.03.03 17:06:23 | 000,133,388 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2012.02.07 19:03:28 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2012.02.06 23:20:58 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012.02.06 23:20:34 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08b.dat
[2012.02.06 23:13:15 | 000,031,864 | ---- | C] () -- C:\Windows\maxlink.ini
[2012.02.06 20:17:37 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012.02.06 20:16:30 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012.02.06 20:16:30 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2012.02.06 17:32:55 | 000,023,040 | ---- | C] () -- C:\Users\LOLA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.06 17:32:55 | 000,001,356 | ---- | C] () -- C:\Users\LOLA\AppData\Local\d3d9caps.dat
[2012.02.06 15:51:11 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2007.08.14 00:00:50 | 000,910,304 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007.08.14 00:00:50 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007.08.14 00:00:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1244.dll
[2007.08.14 00:00:49 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007.08.14 00:00:48 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007.08.14 00:00:48 | 000,145,050 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007.08.13 14:46:45 | 000,000,031 | ---- | C] () -- C:\Windows\System32\elcric.dat
[2007.08.13 05:25:16 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007.07.12 22:02:46 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2007.07.12 21:59:38 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2006.12.05 14:05:06 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006.11.02 17:33:31 | 000,673,562 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 17:33:31 | 000,145,404 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,409,232 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,634,252 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,119,778 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005.07.22 22:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
 
========== LOP Check ==========
 
[2012.02.07 19:02:35 | 000,000,000 | ---D | M] -- C:\Users\LOLA\AppData\Roaming\Canneverbe Limited
[2012.02.07 20:02:53 | 000,000,000 | ---D | M] -- C:\Users\LOLA\AppData\Roaming\DAEMON Tools Lite
[2012.02.11 18:08:36 | 000,000,000 | ---D | M] -- C:\Users\LOLA\AppData\Roaming\DVDVideoSoft
[2012.02.07 18:20:01 | 000,000,000 | ---D | M] -- C:\Users\LOLA\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.03.13 15:29:37 | 000,000,000 | ---D | M] -- C:\Users\LOLA\AppData\Roaming\e-academy Inc
[2012.03.20 09:47:36 | 000,000,000 | ---D | M] -- C:\Users\LOLA\AppData\Roaming\pdfforge
[2012.03.29 22:43:54 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*. >
[2012.02.07 21:04:14 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2012.02.07 18:24:06 | 000,000,000 | RH-D | M] -- C:\AHCache
[2012.02.11 11:41:34 | 000,000,000 | ---D | M] -- C:\archive_db
[2012.02.06 20:38:39 | 000,000,000 | -HSD | M] -- C:\Boot
[2012.02.06 15:52:22 | 000,000,000 | ---D | M] -- C:\Documentation
[2006.11.02 15:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2007.08.13 14:08:30 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012.02.06 15:23:06 | 000,000,000 | -H-D | M] -- C:\InstantON
[2012.02.09 17:55:50 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2012.02.06 19:14:54 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.03.24 15:32:39 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.02.11 11:39:09 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2007.08.13 14:08:31 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.03.30 08:47:16 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.03.29 15:21:11 | 000,000,000 | R--D | M] -- C:\Users
[2012.03.29 15:10:58 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
 
< MD5 for: AGP440.SYS  >
[2008.01.19 00:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.19 00:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.19 00:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.19 00:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 00:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 00:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 00:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 00:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 00:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2009.04.11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 00:33:12 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2008.01.19 00:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.19 00:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009.04.11 00:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 00:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.19 00:35:38 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 00:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.19 00:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.19 00:36:20 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 00:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 00:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2007.08.13 15:11:30 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=63B4F59D7C89B1BF5277F1FFEFD491CD -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll
[2007.08.13 15:11:31 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=9D9F061EDA75425FC67F0365E3467C86 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll
[2008.01.19 00:36:48 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2006.11.02 11:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll
[2009.04.11 00:28:26 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 00:28:26 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.19 00:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 00:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.01.13 15:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.04.11 00:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 00:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 00:33:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2006.11.02 10:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys
[2008.01.18 22:56:50 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.18 22:56:50 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2011.04.18 14:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\drivers\MpNWMon.sys
 
< %systemroot%\System32\config\*.sav >
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\system32\*.dll /lockedfiles >
[2012.02.09 07:18:03 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2012.02.09 07:18:03 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
 
< %USERPROFILE%\*.* >
[2012.03.30 08:44:17 | 001,572,864 | -HS- | M] () -- C:\Users\LOLA\NTUSER.DAT
[2012.03.30 08:44:17 | 000,262,144 | -H-- | M] () -- C:\Users\LOLA\ntuser.dat.LOG1
[2012.02.06 17:32:55 | 000,000,000 | -H-- | M] () -- C:\Users\LOLA\ntuser.dat.LOG2
[2012.03.29 22:43:46 | 000,065,536 | -HS- | M] () -- C:\Users\LOLA\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2012.03.29 22:43:46 | 000,524,288 | -HS- | M] () -- C:\Users\LOLA\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2012.02.06 18:05:27 | 000,524,288 | -HS- | M] () -- C:\Users\LOLA\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2007.08.13 14:10:12 | 000,000,020 | -HS- | M] () -- C:\Users\LOLA\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

< End of report >

MSE Funde:
-Exploit:Java/CVE-2012-0507.D!ldr
containerfile:C:\Users\LOLA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\2f22a2dd-4fe67d77
file:C:\Users\LOLA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\2f22a2dd-4fe67d77->a/Msgs.class

-Exploit:Java/CVE-2012-0507.A
containerfile:C:\Users\LOLA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\2f22a2dd-4fe67d77
file:C:\Users\LOLA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\2f22a2dd-4fe67d77->a/Test.class

-Rogue:Win32/Winwebsec
file:C:\Users\LOLA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XYEIPD0E\softw[1].exe

markusg · 30.03.2012, 11:27

Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

klein_lola · 02.04.2012, 10:36

Grüße dich,
ich hab combofix ne halbe stunde laufen lassen und nix is passiert. wie soll ich weiter verfahren?

markusg · 02.04.2012, 10:59

hi
starte mal neu, drücke f8 wähle abgesicherter modus mit netzwerk, melde dich in deinem konto an und versuchs erneut.

klein_lola · 03.04.2012, 13:58

passiert auch nix anderes. es wirkt immer so als würde der laptop nicht mehr arbeiten, sogar der lüfter schaltet fast komplett ab, obwohl im prgrammfenster so ein strich noch blinkt. wenn ich dann nach einer stunde combifix schließen will, hängt er sich auf.

markusg · 03.04.2012, 19:14

nutze mal den tdss killer bitte:
http://www.trojaner-board.de/82358-t...entfernen.html
bei aktion, wähle skip, poste bitte das log

klein_lola · 04.04.2012, 08:21

Es wurde nix gefunden!

markusg · 04.04.2012, 12:13

log posten.

klein_lola · 04.04.2012, 18:49

Code:

ATTFilter

19:47:59.0153 2672	TDSS rootkit removing tool 2.7.25.0 Apr  3 2012 13:42:32
19:47:59.0316 2672	============================================================
19:47:59.0316 2672	Current date / time: 2012/04/04 19:47:59.0316
19:47:59.0316 2672	SystemInfo:
19:47:59.0316 2672	
19:47:59.0317 2672	OS Version: 6.0.6002 ServicePack: 2.0
19:47:59.0317 2672	Product type: Workstation
19:47:59.0317 2672	ComputerName: LOLA-PC
19:47:59.0317 2672	UserName: LOLA
19:47:59.0317 2672	Windows directory: C:\Windows
19:47:59.0317 2672	System windows directory: C:\Windows
19:47:59.0317 2672	Processor architecture: Intel x86
19:47:59.0317 2672	Number of processors: 2
19:47:59.0317 2672	Page size: 0x1000
19:47:59.0317 2672	Boot type: Normal boot
19:47:59.0317 2672	============================================================
19:48:09.0371 2672	Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:48:09.0552 2672	\Device\Harddisk0\DR0:
19:48:09.0552 2672	MBR used
19:48:09.0552 2672	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x11E3000, BlocksNum 0x11836EB0
19:48:09.0613 2672	Initialize success
19:48:09.0613 2672	============================================================

markusg · 05.04.2012, 12:55

versuchen wir es noch mal wie folgt:
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten

klein_lola · 06.04.2012, 09:21

Code:

ATTFilter

10:16:54.0411 3892	TDSS rootkit removing tool 2.7.26.0 Apr  4 2012 19:52:02
10:16:54.0536 3892	============================================================
10:16:54.0536 3892	Current date / time: 2012/04/06 10:16:54.0536
10:16:54.0536 3892	SystemInfo:
10:16:54.0536 3892	
10:16:54.0536 3892	OS Version: 6.0.6002 ServicePack: 2.0
10:16:54.0536 3892	Product type: Workstation
10:16:54.0536 3892	ComputerName: LOLA-PC
10:16:54.0536 3892	UserName: LOLA
10:16:54.0536 3892	Windows directory: C:\Windows
10:16:54.0536 3892	System windows directory: C:\Windows
10:16:54.0536 3892	Processor architecture: Intel x86
10:16:54.0536 3892	Number of processors: 2
10:16:54.0536 3892	Page size: 0x1000
10:16:54.0536 3892	Boot type: Normal boot
10:16:54.0536 3892	============================================================
10:16:58.0108 3892	Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:16:58.0124 3892	\Device\Harddisk0\DR0:
10:16:58.0124 3892	MBR used
10:16:58.0124 3892	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x11E3000, BlocksNum 0x11836EB0
10:16:58.0155 3892	Initialize success
10:16:58.0155 3892	============================================================
10:17:19.0418 1772	============================================================
10:17:19.0418 1772	Scan started
10:17:19.0418 1772	Mode: Manual; 
10:17:19.0418 1772	============================================================
10:17:19.0964 1772	ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
10:17:19.0979 1772	ACPI - ok
10:17:20.0088 1772	AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
10:17:20.0104 1772	AdobeARMservice - ok
10:17:20.0291 1772	AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:17:20.0322 1772	AdobeFlashPlayerUpdateSvc - ok
10:17:20.0338 1772	Scan interrupted by user!
10:17:20.0338 1772	Scan interrupted by user!
10:17:20.0338 1772	Scan interrupted by user!
10:17:20.0338 1772	============================================================
10:17:20.0338 1772	Scan finished
10:17:20.0338 1772	============================================================
10:17:20.0354 3076	Detected object count: 0
10:17:20.0354 3076	Actual detected object count: 0
10:17:44.0721 3080	============================================================
10:17:44.0721 3080	Scan started
10:17:44.0721 3080	Mode: Manual; SigCheck; TDLFS; 
10:17:44.0721 3080	============================================================
10:17:45.0267 3080	ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
10:17:45.0376 3080	ACPI - ok
10:17:45.0563 3080	AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
10:17:45.0688 3080	AdobeARMservice - ok
10:17:45.0953 3080	AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:17:46.0078 3080	AdobeFlashPlayerUpdateSvc - ok
10:17:46.0328 3080	adp94xx         (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
10:17:46.0359 3080	adp94xx - ok
10:17:46.0608 3080	adpahci         (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
10:17:46.0686 3080	adpahci - ok
10:17:46.0920 3080	adpu160m        (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
10:17:46.0952 3080	adpu160m - ok
10:17:47.0232 3080	adpu320         (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
10:17:47.0279 3080	adpu320 - ok
10:17:47.0466 3080	AeLookupSvc     (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
10:17:47.0591 3080	AeLookupSvc - ok
10:17:47.0763 3080	AFD             (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
10:17:47.0856 3080	AFD - ok
10:17:48.0075 3080	agp440          (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
10:17:48.0122 3080	agp440 - ok
10:17:48.0184 3080	aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
10:17:48.0215 3080	aic78xx - ok
10:17:48.0356 3080	ALG             (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
10:17:48.0574 3080	ALG - ok
10:17:48.0870 3080	aliide          (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
10:17:48.0917 3080	aliide - ok
10:17:49.0058 3080	amdagp          (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
10:17:49.0089 3080	amdagp - ok
10:17:49.0182 3080	amdide          (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
10:17:49.0198 3080	amdide - ok
10:17:49.0276 3080	AmdK7           (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
10:17:49.0494 3080	AmdK7 - ok
10:17:49.0744 3080	AmdK8           (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
10:17:49.0838 3080	AmdK8 - ok
10:17:50.0118 3080	Appinfo         (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
10:17:50.0165 3080	Appinfo - ok
10:17:50.0352 3080	arc             (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
10:17:50.0384 3080	arc - ok
10:17:50.0430 3080	arcsas          (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
10:17:50.0462 3080	arcsas - ok
10:17:50.0680 3080	aspnet_state    (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:17:50.0727 3080	aspnet_state - ok
10:17:52.0833 3080	AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
10:17:52.0880 3080	AsyncMac - ok
10:17:54.0954 3080	atapi           (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
10:17:54.0970 3080	atapi - ok
10:17:55.0516 3080	atikmdag        (0be6ed329aa8ef85ebb890d336071e7c) C:\Windows\system32\DRIVERS\atikmdag.sys
10:17:55.0703 3080	atikmdag - ok
10:17:56.0078 3080	AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
10:17:56.0171 3080	AudioEndpointBuilder - ok
10:17:56.0171 3080	Audiosrv        (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
10:17:56.0218 3080	Audiosrv - ok
10:17:56.0826 3080	Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
10:17:56.0936 3080	Beep - ok
10:17:57.0263 3080	BFE             (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
10:17:57.0450 3080	BFE - ok
10:17:57.0981 3080	BITS            (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
10:17:58.0184 3080	BITS - ok
10:17:59.0042 3080	blbdrive - ok
10:17:59.0619 3080	bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
10:17:59.0790 3080	bowser - ok
10:18:00.0508 3080	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
10:18:00.0570 3080	BrFiltLo - ok
10:18:01.0023 3080	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
10:18:01.0101 3080	BrFiltUp - ok
10:18:01.0959 3080	Browser         (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
10:18:02.0037 3080	Browser - ok
10:18:02.0926 3080	Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
10:18:03.0066 3080	Brserid - ok
10:18:03.0815 3080	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
10:18:03.0909 3080	BrSerWdm - ok
10:18:06.0108 3080	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
10:18:06.0171 3080	BrUsbMdm - ok
10:18:07.0076 3080	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
10:18:07.0138 3080	BrUsbSer - ok
10:18:08.0199 3080	BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
10:18:08.0261 3080	BTHMODEM - ok
10:18:08.0464 3080	catchme - ok
10:18:09.0306 3080	cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
10:18:09.0400 3080	cdfs - ok
10:18:10.0258 3080	cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
10:18:10.0305 3080	cdrom - ok
10:18:10.0726 3080	CertPropSvc     (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
10:18:10.0820 3080	CertPropSvc - ok
10:18:11.0069 3080	circlass        (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
10:18:11.0147 3080	circlass - ok
10:18:11.0366 3080	CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
10:18:11.0397 3080	CLFS - ok
10:18:11.0475 3080	clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:18:11.0568 3080	clr_optimization_v2.0.50727_32 - ok
10:18:11.0724 3080	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:18:11.0756 3080	clr_optimization_v4.0.30319_32 - ok
10:18:11.0880 3080	CLTNetCnService - ok
10:18:12.0114 3080	CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
10:18:12.0177 3080	CmBatt - ok
10:18:12.0317 3080	cmdide          (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
10:18:12.0348 3080	cmdide - ok
10:18:12.0473 3080	Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
10:18:12.0489 3080	Compbatt - ok
10:18:12.0629 3080	COMSysApp - ok
10:18:12.0676 3080	crcdisk         (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
10:18:12.0723 3080	crcdisk - ok
10:18:12.0848 3080	Crusoe          (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
10:18:12.0894 3080	Crusoe - ok
10:18:12.0972 3080	CryptSvc        (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
10:18:13.0019 3080	CryptSvc - ok
10:18:13.0175 3080	DcomLaunch      (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
10:18:13.0269 3080	DcomLaunch - ok
10:18:13.0472 3080	DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
10:18:13.0550 3080	DfsC - ok
10:18:13.0752 3080	DFSR            (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
10:18:14.0252 3080	DFSR - ok
10:18:14.0486 3080	Dhcp            (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
10:18:14.0548 3080	Dhcp - ok
10:18:14.0657 3080	disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
10:18:14.0720 3080	disk - ok
10:18:14.0798 3080	DMICall         (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys
10:18:14.0829 3080	DMICall - ok
10:18:14.0907 3080	Dnscache        (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
10:18:14.0969 3080	Dnscache - ok
10:18:15.0110 3080	dot3svc         (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
10:18:15.0156 3080	dot3svc - ok
10:18:15.0250 3080	DPS             (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
10:18:15.0328 3080	DPS - ok
10:18:15.0484 3080	drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
10:18:15.0515 3080	drmkaud - ok
10:18:15.0827 3080	dtsoftbus01     (687af6bb383885ff6a64071b189a7f3e) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
10:18:15.0905 3080	dtsoftbus01 - ok
10:18:16.0092 3080	DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
10:18:16.0170 3080	DXGKrnl - ok
10:18:16.0248 3080	E1G60           (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
10:18:16.0373 3080	E1G60 - ok
10:18:16.0498 3080	EapHost         (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
10:18:16.0545 3080	EapHost - ok
10:18:16.0685 3080	Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
10:18:16.0748 3080	Ecache - ok
10:18:16.0794 3080	ehRecvr         (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
10:18:16.0888 3080	ehRecvr - ok
10:18:16.0935 3080	ehSched         (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
10:18:17.0028 3080	ehSched - ok
10:18:17.0060 3080	ehstart         (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
10:18:17.0091 3080	ehstart - ok
10:18:17.0200 3080	elxstor         (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
10:18:17.0231 3080	elxstor - ok
10:18:17.0294 3080	EMDMgmt         (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
10:18:17.0434 3080	EMDMgmt - ok
10:18:17.0543 3080	EventSystem     (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
10:18:17.0621 3080	EventSystem - ok
10:18:17.0699 3080	exfat           (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
10:18:17.0793 3080	exfat - ok
10:18:17.0855 3080	fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
10:18:17.0902 3080	fastfat - ok
10:18:17.0996 3080	fdc             (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
10:18:18.0089 3080	fdc - ok
10:18:18.0292 3080	fdPHost         (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
10:18:18.0339 3080	fdPHost - ok
10:18:18.0604 3080	FDResPub        (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
10:18:18.0666 3080	FDResPub - ok
10:18:18.0869 3080	FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
10:18:18.0916 3080	FileInfo - ok
10:18:19.0025 3080	Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
10:18:19.0072 3080	Filetrace - ok
10:18:19.0197 3080	flpydisk        (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
10:18:19.0275 3080	flpydisk - ok
10:18:19.0540 3080	FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
10:18:19.0602 3080	FltMgr - ok
10:18:19.0727 3080	FontCache       (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
10:18:19.0790 3080	FontCache - ok
10:18:19.0930 3080	FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:18:19.0946 3080	FontCache3.0.0.0 - ok
10:18:20.0226 3080	Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
10:18:20.0258 3080	Fs_Rec - ok
10:18:20.0538 3080	gagp30kx        (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
10:18:20.0570 3080	gagp30kx - ok
10:18:20.0741 3080	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:18:20.0788 3080	GEARAspiWDM - ok
10:18:20.0960 3080	gpsvc           (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
10:18:21.0131 3080	gpsvc - ok
10:18:21.0318 3080	gupdate         (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
10:18:21.0412 3080	gupdate - ok
10:18:21.0459 3080	gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
10:18:21.0506 3080	gupdatem - ok
10:18:21.0724 3080	HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
10:18:21.0802 3080	HdAudAddService - ok
10:18:22.0145 3080	HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:18:22.0239 3080	HDAudBus - ok
10:18:22.0442 3080	HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
10:18:22.0520 3080	HidBth - ok
10:18:22.0613 3080	HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
10:18:22.0676 3080	HidIr - ok
10:18:22.0785 3080	hidserv         (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
10:18:22.0878 3080	hidserv - ok
10:18:23.0034 3080	HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
10:18:23.0081 3080	HidUsb - ok
10:18:23.0222 3080	hkmsvc          (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
10:18:23.0268 3080	hkmsvc - ok
10:18:23.0424 3080	HpCISSs         (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
10:18:23.0440 3080	HpCISSs - ok
10:18:23.0549 3080	HSFHWAZL        (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
10:18:23.0627 3080	HSFHWAZL - ok
10:18:23.0814 3080	HSF_DPV         (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys
10:18:23.0924 3080	HSF_DPV - ok
10:18:24.0189 3080	HSXHWAZL        (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
10:18:24.0236 3080	HSXHWAZL - ok
10:18:24.0407 3080	HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
10:18:24.0563 3080	HTTP - ok
10:18:24.0828 3080	i2omp           (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
10:18:24.0860 3080	i2omp - ok
10:18:25.0047 3080	i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
10:18:25.0094 3080	i8042prt - ok
10:18:25.0218 3080	iaStorV         (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
10:18:25.0265 3080	iaStorV - ok
10:18:25.0468 3080	IDriverT        (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
10:18:25.0562 3080	IDriverT ( UnsignedFile.Multi.Generic ) - warning
10:18:25.0562 3080	IDriverT - detected UnsignedFile.Multi.Generic (1)
10:18:25.0811 3080	idsvc           (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:18:26.0014 3080	idsvc - ok
10:18:26.0310 3080	igfx            (1b954f2bcb244596da704dc8c7729930) C:\Windows\system32\DRIVERS\igdkmd32.sys
10:18:26.0498 3080	igfx - ok
10:18:26.0716 3080	iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
10:18:26.0747 3080	iirsp - ok
10:18:26.0997 3080	IKEEXT          (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
10:18:27.0075 3080	IKEEXT - ok
10:18:27.0293 3080	IntcAzAudAddService (2bd6633db50a98534aa3262e0f9f5a14) C:\Windows\system32\drivers\RTKVHDA.sys
10:18:27.0449 3080	IntcAzAudAddService - ok
10:18:27.0652 3080	intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
10:18:27.0683 3080	intelide - ok
10:18:27.0870 3080	intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
10:18:27.0917 3080	intelppm - ok
10:18:28.0120 3080	IPBusEnum       (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
10:18:28.0167 3080	IPBusEnum - ok
10:18:28.0276 3080	IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:18:28.0323 3080	IpFilterDriver - ok
10:18:28.0526 3080	iphlpsvc        (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
10:18:28.0588 3080	iphlpsvc - ok
10:18:28.0760 3080	IpInIp - ok
10:18:28.0853 3080	IPMIDRV         (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
10:18:28.0947 3080	IPMIDRV - ok
10:18:29.0009 3080	IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
10:18:29.0072 3080	IPNAT - ok
10:18:29.0165 3080	iPod Service    (49918803b661367023bf325cf602afdc) C:\Program Files\iPod\bin\iPodService.exe
10:18:29.0337 3080	iPod Service - ok
10:18:29.0493 3080	IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
10:18:29.0540 3080	IRENUM - ok
10:18:29.0680 3080	isapnp          (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
10:18:29.0711 3080	isapnp - ok
10:18:29.0836 3080	iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
10:18:29.0883 3080	iScsiPrt - ok
10:18:29.0930 3080	iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
10:18:29.0961 3080	iteatapi - ok
10:18:29.0976 3080	iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
10:18:30.0008 3080	iteraid - ok
10:18:30.0086 3080	IviRegMgr       (213822072085b5bbad9af30ab577d817) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
10:18:30.0164 3080	IviRegMgr - ok
10:18:30.0320 3080	kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
10:18:30.0351 3080	kbdclass - ok
10:18:30.0413 3080	kbdhid          (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
10:18:30.0476 3080	kbdhid - ok
10:18:30.0522 3080	KeyIso          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
10:18:30.0569 3080	KeyIso - ok
10:18:30.0663 3080	KSecDD          (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
10:18:30.0756 3080	KSecDD - ok
10:18:30.0819 3080	KtmRm           (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
10:18:30.0944 3080	KtmRm - ok
10:18:31.0022 3080	LanmanServer    (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
10:18:31.0084 3080	LanmanServer - ok
10:18:31.0224 3080	LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
10:18:31.0302 3080	LanmanWorkstation - ok
10:18:31.0458 3080	lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
10:18:31.0536 3080	lltdio - ok
10:18:31.0661 3080	lltdsvc         (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
10:18:31.0739 3080	lltdsvc - ok
10:18:31.0848 3080	lmhosts         (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
10:18:31.0911 3080	lmhosts - ok
10:18:32.0082 3080	LSI_FC          (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
10:18:32.0114 3080	LSI_FC - ok
10:18:32.0207 3080	LSI_SAS         (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
10:18:32.0238 3080	LSI_SAS - ok
10:18:32.0285 3080	LSI_SCSI        (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
10:18:32.0316 3080	LSI_SCSI - ok
10:18:32.0504 3080	luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
10:18:32.0582 3080	luafv - ok
10:18:32.0800 3080	MBAMProtector   (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
10:18:32.0847 3080	MBAMProtector - ok
10:18:32.0909 3080	MBAMService     (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
10:18:33.0034 3080	MBAMService - ok
10:18:33.0190 3080	Mcx2Svc         (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
10:18:33.0237 3080	Mcx2Svc - ok
10:18:33.0440 3080	mdmxsdk         (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
10:18:33.0471 3080	mdmxsdk - ok
10:18:33.0752 3080	megasas         (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
10:18:33.0783 3080	megasas - ok
10:18:33.0970 3080	Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
10:18:34.0001 3080	Microsoft Office Groove Audit Service - ok
10:18:34.0157 3080	MMCSS           (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
10:18:34.0235 3080	MMCSS - ok
10:18:34.0298 3080	Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
10:18:34.0344 3080	Modem - ok
10:18:34.0422 3080	monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
10:18:34.0485 3080	monitor - ok
10:18:34.0703 3080	mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
10:18:34.0734 3080	mouclass - ok
10:18:34.0875 3080	mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
10:18:34.0922 3080	mouhid - ok
10:18:35.0046 3080	MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
10:18:35.0078 3080	MountMgr - ok
10:18:35.0202 3080	MpFilter        (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
10:18:35.0265 3080	MpFilter - ok
10:18:35.0483 3080	mpio            (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
10:18:35.0546 3080	mpio - ok
10:18:35.0764 3080	MpKsl9ed78a8c   (a69630d039c38018689190234f866d77) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{71FEA22E-9042-425B-98DC-B7D6E4A80143}\MpKsl9ed78a8c.sys
10:18:35.0780 3080	MpKsl9ed78a8c - ok
10:18:35.0998 3080	MpNWMon         (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
10:18:36.0029 3080	MpNWMon - ok
10:18:36.0107 3080	mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
10:18:36.0154 3080	mpsdrv - ok
10:18:36.0216 3080	MpsSvc          (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
10:18:36.0310 3080	MpsSvc - ok
10:18:36.0404 3080	Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
10:18:36.0419 3080	Mraid35x - ok
10:18:36.0450 3080	MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
10:18:36.0497 3080	MRxDAV - ok
10:18:36.0544 3080	mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:18:36.0606 3080	mrxsmb - ok
10:18:36.0700 3080	mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:18:36.0747 3080	mrxsmb10 - ok
10:18:36.0809 3080	mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:18:36.0856 3080	mrxsmb20 - ok
10:18:36.0918 3080	msahci          (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
10:18:36.0950 3080	msahci - ok
10:18:36.0965 3080	msdsm           (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
10:18:37.0012 3080	msdsm - ok
10:18:37.0090 3080	MSDTC           (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
10:18:37.0152 3080	MSDTC - ok
10:18:37.0262 3080	Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
10:18:37.0308 3080	Msfs - ok
10:18:37.0449 3080	msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
10:18:37.0464 3080	msisadrv - ok
10:18:37.0667 3080	MSiSCSI         (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
10:18:37.0730 3080	MSiSCSI - ok
10:18:37.0823 3080	msiserver - ok
10:18:37.0948 3080	MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
10:18:37.0995 3080	MSKSSRV - ok
10:18:38.0151 3080	MsMpSvc         (cfce43b70ca0cc4dcc8adb62b792b173) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
10:18:38.0182 3080	MsMpSvc - ok
10:18:38.0432 3080	MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
10:18:38.0463 3080	MSPCLOCK - ok
10:18:38.0572 3080	MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
10:18:38.0619 3080	MSPQM - ok
10:18:38.0822 3080	MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
10:18:38.0900 3080	MsRPC - ok
10:18:38.0993 3080	mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
10:18:39.0024 3080	mssmbios - ok
10:18:39.0102 3080	MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
10:18:39.0165 3080	MSTEE - ok
10:18:39.0305 3080	Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
10:18:39.0336 3080	Mup - ok
10:18:39.0492 3080	napagent        (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
10:18:39.0539 3080	napagent - ok
10:18:39.0680 3080	NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
10:18:39.0711 3080	NativeWifiP - ok
10:18:39.0929 3080	NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
10:18:39.0976 3080	NDIS - ok
10:18:40.0132 3080	NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
10:18:40.0179 3080	NdisTapi - ok
10:18:40.0350 3080	Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
10:18:40.0382 3080	Ndisuio - ok
10:18:40.0818 3080	NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
10:18:40.0865 3080	NdisWan - ok
10:18:40.0990 3080	NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
10:18:41.0068 3080	NDProxy - ok
10:18:41.0115 3080	NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
10:18:41.0177 3080	NetBIOS - ok
10:18:41.0302 3080	netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
10:18:41.0333 3080	netbt - ok
10:18:41.0458 3080	Netlogon        (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
10:18:41.0489 3080	Netlogon - ok
10:18:41.0661 3080	Netman          (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
10:18:41.0786 3080	Netman - ok
10:18:42.0035 3080	NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:18:42.0066 3080	NetMsmqActivator - ok
10:18:42.0066 3080	NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:18:42.0098 3080	NetPipeActivator - ok
10:18:42.0285 3080	netprofm        (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
10:18:42.0363 3080	netprofm - ok
10:18:42.0644 3080	NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:18:42.0675 3080	NetTcpActivator - ok
10:18:42.0675 3080	NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:18:42.0706 3080	NetTcpPortSharing - ok
10:18:42.0956 3080	NETw4v32        (25acccfc33dd448b9d3037c5e439e830) C:\Windows\system32\DRIVERS\NETw4v32.sys
10:18:43.0143 3080	NETw4v32 - ok
10:18:43.0408 3080	nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
10:18:43.0439 3080	nfrd960 - ok
10:18:43.0564 3080	NisDrv          (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:18:43.0595 3080	NisDrv - ok
10:18:43.0767 3080	NisSrv          (a5cb074f34bbd89948e34a630d459c0c) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
10:18:43.0829 3080	NisSrv - ok
10:18:44.0001 3080	NlaSvc          (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
10:18:44.0048 3080	NlaSvc - ok
10:18:44.0172 3080	Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
10:18:44.0219 3080	Npfs - ok
10:18:44.0422 3080	nsi             (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
10:18:44.0500 3080	nsi - ok
10:18:44.0609 3080	nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
10:18:44.0656 3080	nsiproxy - ok
10:18:44.0781 3080	Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
10:18:45.0015 3080	Ntfs - ok
10:18:45.0171 3080	ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
10:18:45.0249 3080	ntrigdigi - ok
10:18:45.0405 3080	Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
10:18:45.0436 3080	Null - ok
10:18:45.0592 3080	nvraid          (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
10:18:45.0639 3080	nvraid - ok
10:18:45.0764 3080	nvstor          (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
10:18:45.0795 3080	nvstor - ok
10:18:45.0904 3080	nv_agp          (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
10:18:45.0935 3080	nv_agp - ok
10:18:46.0122 3080	NwlnkFlt - ok
10:18:46.0263 3080	NwlnkFwd - ok
10:18:46.0434 3080	odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:18:46.0512 3080	odserv - ok
10:18:46.0731 3080	ohci1394        (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
10:18:46.0793 3080	ohci1394 - ok
10:18:46.0965 3080	ose             (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:18:47.0012 3080	ose - ok
10:18:47.0199 3080	p2pimsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:18:47.0386 3080	p2pimsvc - ok
10:18:47.0480 3080	p2psvc          (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:18:47.0589 3080	p2psvc - ok
10:18:47.0823 3080	Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
10:18:47.0901 3080	Parport - ok
10:18:48.0119 3080	partmgr         (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
10:18:48.0213 3080	partmgr - ok
10:18:50.0818 3080	Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
10:18:50.0880 3080	Parvdm - ok
10:18:51.0021 3080	PcaSvc          (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
10:18:51.0114 3080	PcaSvc - ok
10:18:51.0208 3080	pci             (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
10:18:51.0239 3080	pci - ok
10:18:51.0348 3080	pciide          (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
10:18:51.0380 3080	pciide - ok
10:18:51.0489 3080	pcmcia          (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys
10:18:51.0536 3080	pcmcia - ok
10:18:51.0692 3080	PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
10:18:51.0801 3080	PEAUTH - ok
10:18:51.0988 3080	PEVSystemStart  (f042ee4c8d66248d9b86dcf52abae416) C:\ComboFix\pev.3XE
10:18:52.0456 3080	PEVSystemStart ( UnsignedFile.Multi.Generic ) - warning
10:18:52.0456 3080	PEVSystemStart - detected UnsignedFile.Multi.Generic (1)
10:18:52.0643 3080	pla             (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
10:18:52.0862 3080	pla - ok
10:18:52.0986 3080	PlugPlay        (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
10:18:54.0016 3080	PlugPlay - ok
10:18:54.0328 3080	PNRPAutoReg     (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:18:54.0390 3080	PNRPAutoReg - ok
10:18:54.0406 3080	PNRPsvc         (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:18:54.0453 3080	PNRPsvc - ok
10:18:54.0593 3080	PolicyAgent     (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
10:18:54.0656 3080	PolicyAgent - ok
10:18:54.0812 3080	PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
10:18:54.0858 3080	PptpMiniport - ok
10:18:55.0139 3080	Processor       (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
10:18:55.0217 3080	Processor - ok
10:18:55.0545 3080	ProfSvc         (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
10:18:55.0607 3080	ProfSvc - ok
10:18:55.0857 3080	ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
10:18:55.0888 3080	ProtectedStorage - ok
10:18:56.0231 3080	PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
10:18:56.0294 3080	PSched - ok
10:18:56.0528 3080	PSI             (d24dfd16a1e2a76034df5aa18125c35d) C:\Windows\system32\DRIVERS\psi_mf.sys
10:18:56.0559 3080	PSI - ok
10:18:56.0637 3080	PxHelp20        (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
10:18:56.0668 3080	PxHelp20 - ok
10:18:56.0996 3080	ql2300          (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
10:18:57.0105 3080	ql2300 - ok
10:18:57.0432 3080	ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
10:18:57.0495 3080	ql40xx - ok
10:18:57.0776 3080	QWAVE           (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
10:18:57.0900 3080	QWAVE - ok
10:18:58.0290 3080	QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
10:18:58.0322 3080	QWAVEdrv - ok
10:18:58.0634 3080	R5U870FLx86     (9c9d24115f13af3aea05e1343a032bb1) C:\Windows\system32\Drivers\R5U870FLx86.sys
10:18:58.0680 3080	R5U870FLx86 - ok
10:18:58.0992 3080	R5U870FUx86     (18b4c879647661de37b49c2e48d65820) C:\Windows\system32\Drivers\R5U870FUx86.sys
10:18:59.0039 3080	R5U870FUx86 - ok
10:18:59.0258 3080	RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
10:18:59.0336 3080	RasAcd - ok
10:18:59.0507 3080	RasAuto         (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
10:18:59.0554 3080	RasAuto - ok
10:18:59.0835 3080	Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:18:59.0897 3080	Rasl2tp - ok
10:19:00.0272 3080	RasMan          (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
10:19:00.0365 3080	RasMan - ok
10:19:00.0693 3080	RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
10:19:00.0740 3080	RasPppoe - ok
10:19:01.0098 3080	RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
10:19:01.0161 3080	RasSstp - ok
10:19:01.0488 3080	rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
10:19:01.0551 3080	rdbss - ok
10:19:01.0925 3080	RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:19:01.0972 3080	RDPCDD - ok
10:19:02.0331 3080	rdpdr           (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
10:19:02.0456 3080	rdpdr - ok
10:19:02.0612 3080	RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
10:19:02.0658 3080	RDPENCDD - ok
10:19:02.0752 3080	RDPWD           (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
10:19:02.0846 3080	RDPWD - ok
10:19:02.0939 3080	regi            (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
10:19:02.0955 3080	regi - ok
10:19:03.0048 3080	RemoteAccess    (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
10:19:03.0142 3080	RemoteAccess - ok
10:19:03.0220 3080	RemoteRegistry  (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
10:19:03.0314 3080	RemoteRegistry - ok
10:19:03.0407 3080	RpcLocator      (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
10:19:03.0454 3080	RpcLocator - ok
10:19:03.0579 3080	RpcSs           (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
10:19:03.0641 3080	RpcSs - ok
10:19:03.0719 3080	rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
10:19:03.0782 3080	rspndr - ok
10:19:03.0860 3080	RTL8169         (b7e1c523e2f7787d700766fc78e01f77) C:\Windows\system32\DRIVERS\Rtlh86.sys
10:19:03.0922 3080	RTL8169 - ok
10:19:03.0984 3080	SamSs           (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
10:19:04.0016 3080	SamSs - ok
10:19:04.0094 3080	sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
10:19:04.0140 3080	sbp2port - ok
10:19:04.0203 3080	SCardSvr        (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
10:19:04.0234 3080	SCardSvr - ok
10:19:04.0281 3080	Schedule        (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
10:19:04.0390 3080	Schedule - ok
10:19:04.0437 3080	SCPolicySvc     (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
10:19:04.0468 3080	SCPolicySvc - ok
10:19:04.0562 3080	SDRSVC          (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
10:19:04.0624 3080	SDRSVC - ok
10:19:04.0733 3080	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
10:19:04.0796 3080	secdrv - ok
10:19:04.0842 3080	seclogon        (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
10:19:04.0889 3080	seclogon - ok
10:19:05.0014 3080	Secunia PSI Agent (5b66db4877bbac9f7493aa8d84421e49) C:\Program Files\Secunia\PSI\PSIA.exe
10:19:05.0342 3080	Secunia PSI Agent - ok
10:19:05.0451 3080	Secunia Update Agent (0e88fdf474f2cdd370a4a6ce77d018f0) C:\Program Files\Secunia\PSI\sua.exe
10:19:05.0669 3080	Secunia Update Agent - ok
10:19:05.0810 3080	SENS            (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
10:19:05.0872 3080	SENS - ok
10:19:05.0997 3080	Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
10:19:06.0059 3080	Serenum - ok
10:19:06.0122 3080	Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
10:19:06.0184 3080	Serial - ok
10:19:06.0309 3080	sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
10:19:06.0340 3080	sermouse - ok
10:19:06.0418 3080	SessionEnv      (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
10:19:06.0480 3080	SessionEnv - ok
10:19:06.0574 3080	sffdisk         (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
10:19:06.0636 3080	sffdisk - ok
10:19:06.0668 3080	sffp_mmc        (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
10:19:06.0730 3080	sffp_mmc - ok
10:19:06.0839 3080	sffp_sd         (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
10:19:06.0933 3080	sffp_sd - ok
10:19:07.0011 3080	sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
10:19:07.0073 3080	sfloppy - ok
10:19:07.0151 3080	SharedAccess    (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
10:19:07.0245 3080	SharedAccess - ok
10:19:07.0323 3080	ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
10:19:07.0385 3080	ShellHWDetection - ok
10:19:07.0572 3080	sisagp          (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
10:19:07.0619 3080	sisagp - ok
10:19:07.0666 3080	SiSRaid2        (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
10:19:07.0697 3080	SiSRaid2 - ok
10:19:07.0728 3080	SiSRaid4        (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
10:19:07.0760 3080	SiSRaid4 - ok
10:19:08.0274 3080	slsvc           (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
10:19:08.0571 3080	slsvc - ok
10:19:08.0789 3080	SLUINotify      (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
10:19:08.0867 3080	SLUINotify - ok
10:19:09.0039 3080	Smb             (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
10:19:09.0086 3080	Smb - ok
10:19:09.0148 3080	SNC             (db31d8989b3450569c29780e7fa98c48) C:\Windows\system32\Drivers\SonyNC.sys
10:19:09.0242 3080	SNC - ok
10:19:09.0413 3080	SNMPTRAP        (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
10:19:09.0460 3080	SNMPTRAP - ok
10:19:09.0569 3080	spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
10:19:09.0600 3080	spldr - ok
10:19:09.0678 3080	Spooler         (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
10:19:09.0756 3080	Spooler - ok
10:19:10.0006 3080	srv             (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
10:19:10.0115 3080	srv - ok
10:19:10.0349 3080	srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
10:19:10.0396 3080	srv2 - ok
10:19:10.0677 3080	srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
10:19:10.0708 3080	srvnet - ok
10:19:10.0911 3080	SSDPSRV         (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
10:19:11.0004 3080	SSDPSRV - ok
10:19:11.0082 3080	SstpSvc         (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
10:19:11.0129 3080	SstpSvc - ok
10:19:11.0254 3080	stisvc          (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
10:19:11.0348 3080	stisvc - ok
10:19:11.0410 3080	swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
10:19:11.0426 3080	swenum - ok
10:19:11.0535 3080	swprv           (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
10:19:11.0644 3080	swprv - ok
10:19:11.0956 3080	Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
10:19:11.0972 3080	Symc8xx - ok
10:19:12.0112 3080	Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
10:19:12.0143 3080	Sym_hi - ok
10:19:12.0252 3080	Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
10:19:12.0284 3080	Sym_u3 - ok
10:19:12.0455 3080	SynTP           (99da94793332aadbb17bbb521ae56e21) C:\Windows\system32\DRIVERS\SynTP.sys
10:19:12.0486 3080	SynTP - ok
10:19:12.0876 3080	SysMain         (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
10:19:12.0970 3080	SysMain - ok
10:19:13.0126 3080	TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
10:19:13.0204 3080	TabletInputService - ok
10:19:13.0438 3080	TapiSrv         (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
10:19:13.0516 3080	TapiSrv - ok
10:19:13.0703 3080	TBS             (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
10:19:13.0766 3080	TBS - ok
10:19:14.0093 3080	Tcpip           (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers\tcpip.sys
10:19:14.0171 3080	Tcpip - ok
10:19:14.0390 3080	Tcpip6          (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS\tcpip.sys
10:19:14.0436 3080	Tcpip6 - ok
10:19:14.0702 3080	tcpipreg        (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers\tcpipreg.sys
10:19:14.0764 3080	tcpipreg - ok
10:19:14.0967 3080	TcUsb           (5ca437a08509fb7ecf843480fc1232e2) C:\Windows\system32\Drivers\tcusb.sys
10:19:14.0998 3080	TcUsb - ok
10:19:15.0092 3080	TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
10:19:15.0138 3080	TDPIPE - ok
10:19:15.0263 3080	TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
10:19:15.0310 3080	TDTCP - ok
10:19:15.0513 3080	tdx             (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
10:19:15.0606 3080	tdx - ok
10:19:15.0872 3080	TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
10:19:15.0903 3080	TermDD - ok
10:19:16.0215 3080	TermService     (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
10:19:16.0293 3080	TermService - ok
10:19:16.0402 3080	Themes          (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
10:19:16.0433 3080	Themes - ok
10:19:16.0527 3080	THREADORDER     (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
10:19:16.0558 3080	THREADORDER - ok
10:19:16.0698 3080	ti21sony        (909cd987b54a8179c9aee874d754721a) C:\Windows\system32\drivers\ti21sony.sys
10:19:16.0823 3080	ti21sony - ok
10:19:17.0010 3080	TOSHIBA Bluetooth Service (87843b2da99051bc66e2d6c211e3d6a4) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
10:19:17.0057 3080	TOSHIBA Bluetooth Service - ok
10:19:17.0307 3080	tosporte        (8d624d3bd1f2d78bd1c01a2d4e954b4e) C:\Windows\system32\DRIVERS\tosporte.sys
10:19:17.0354 3080	tosporte - ok
10:19:17.0556 3080	tosrfbd         (8c3bfaf3fca90502e6fa35503b8e979e) C:\Windows\system32\DRIVERS\tosrfbd.sys
10:19:17.0603 3080	tosrfbd - ok
10:19:17.0868 3080	tosrfbnp        (90c8525bc578aaffe87c2d0ed4379e9e) C:\Windows\system32\Drivers\tosrfbnp.sys
10:19:17.0946 3080	tosrfbnp - ok
10:19:18.0024 3080	Tosrfcom        (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\Windows\system32\Drivers\tosrfcom.sys
10:19:18.0071 3080	Tosrfcom - ok
10:19:18.0258 3080	Tosrfhid        (7c807ba9660e2995cc0217a14a24094c) C:\Windows\system32\DRIVERS\Tosrfhid.sys
10:19:18.0305 3080	Tosrfhid - ok
10:19:18.0383 3080	tosrfnds        (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\Windows\system32\DRIVERS\tosrfnds.sys
10:19:18.0414 3080	tosrfnds - ok
10:19:18.0648 3080	tosrfusb        (ac59b465500e660607ba393587e0e3a1) C:\Windows\system32\DRIVERS\tosrfusb.sys
10:19:18.0711 3080	tosrfusb - ok
10:19:18.0945 3080	TrkWks          (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
10:19:18.0992 3080	TrkWks - ok
10:19:19.0101 3080	TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
10:19:19.0163 3080	TrustedInstaller - ok
10:19:19.0350 3080	tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:19:19.0413 3080	tssecsrv - ok
10:19:19.0522 3080	tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
10:19:19.0553 3080	tunmp - ok
10:19:19.0631 3080	tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
10:19:19.0678 3080	tunnel - ok
10:19:19.0725 3080	uagp35          (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
10:19:19.0756 3080	uagp35 - ok
10:19:19.0928 3080	udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
10:19:19.0959 3080	udfs - ok
10:19:20.0084 3080	UI0Detect       (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
10:19:20.0146 3080	UI0Detect - ok
10:19:20.0240 3080	UimBus          (0a1822d12cf103633893caf9cae4e69d) C:\Windows\system32\DRIVERS\UimBus.sys
10:19:20.0286 3080	UimBus - ok
10:19:20.0489 3080	Uim_IM          (42f7398a76d279e0f63fc600920ab90c) C:\Windows\system32\Drivers\Uim_IM.sys
10:19:20.0552 3080	Uim_IM - ok
10:19:20.0723 3080	Uim_Vim         (48ad04132fcac71e0eec3de5fb22d66e) C:\Windows\system32\Drivers\Uim_Vim.sys
10:19:20.0848 3080	Uim_Vim - ok
10:19:20.0895 3080	UIUSys - ok
10:19:20.0973 3080	uliagpkx        (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
10:19:21.0035 3080	uliagpkx - ok
10:19:21.0098 3080	uliahci         (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
10:19:21.0160 3080	uliahci - ok
10:19:21.0207 3080	UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
10:19:21.0238 3080	UlSata - ok
10:19:21.0254 3080	ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
10:19:21.0285 3080	ulsata2 - ok
10:19:21.0363 3080	umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
10:19:21.0425 3080	umbus - ok
10:19:21.0534 3080	upnphost        (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
10:19:21.0612 3080	upnphost - ok
10:19:21.0737 3080	usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
10:19:21.0784 3080	usbccgp - ok
10:19:21.0878 3080	usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
10:19:21.0971 3080	usbcir - ok
10:19:22.0174 3080	usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
10:19:22.0252 3080	usbehci - ok
10:19:22.0377 3080	usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
10:19:22.0455 3080	usbhub - ok
10:19:22.0642 3080	usbohci         (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
10:19:22.0704 3080	usbohci - ok
10:19:22.0907 3080	usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
10:19:22.0938 3080	usbprint - ok
10:19:23.0110 3080	usbscan         (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
10:19:23.0141 3080	usbscan - ok
10:19:23.0250 3080	USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:19:23.0328 3080	USBSTOR - ok
10:19:23.0406 3080	usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
10:19:23.0469 3080	usbuhci - ok
10:19:23.0547 3080	usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
10:19:23.0594 3080	usbvideo - ok
10:19:23.0703 3080	UxSms           (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
10:19:23.0750 3080	UxSms - ok
10:19:24.0030 3080	VAIO Entertainment TV Device Arbitration Service (afbcd738df9de3b6d71afc704e7f27fb) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
10:19:24.0140 3080	VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - warning
10:19:24.0140 3080	VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic (1)
10:19:24.0311 3080	VAIO Event Service (8a9f18adad471402236ca931553bf79b) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
10:19:24.0374 3080	VAIO Event Service - ok
10:19:24.0498 3080	VcmIAlzMgr      (5d325b6add78a111be62a3842cf05345) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
10:19:24.0639 3080	VcmIAlzMgr - ok
10:19:24.0873 3080	VcmXmlIfHelper  (8fd247d84d168097d7bc3e4f21f3414d) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
10:19:24.0920 3080	VcmXmlIfHelper - ok
10:19:24.0966 3080	Vcsw - ok
10:19:25.0232 3080	vds             (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
10:19:25.0325 3080	vds - ok
10:19:25.0575 3080	vga             (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
10:19:25.0684 3080	vga - ok
10:19:25.0746 3080	VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
10:19:25.0840 3080	VgaSave - ok
10:19:25.0918 3080	viaagp          (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
10:19:25.0949 3080	viaagp - ok
10:19:26.0090 3080	ViaC7           (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
10:19:26.0152 3080	ViaC7 - ok
10:19:26.0292 3080	viaide          (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
10:19:26.0324 3080	viaide - ok
10:19:26.0433 3080	volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
10:19:26.0464 3080	volmgr - ok
10:19:26.0792 3080	volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
10:19:26.0854 3080	volmgrx - ok
10:19:27.0244 3080	volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
10:19:27.0306 3080	volsnap - ok
10:19:27.0494 3080	vsmraid         (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
10:19:27.0540 3080	vsmraid - ok
10:19:27.0868 3080	VSS             (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
10:19:28.0024 3080	VSS - ok
10:19:28.0352 3080	VzCdbSvc        (0b3244bab1fa37cf15fa7243504391a6) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
10:19:28.0508 3080	VzCdbSvc ( UnsignedFile.Multi.Generic ) - warning
10:19:28.0508 3080	VzCdbSvc - detected UnsignedFile.Multi.Generic (1)
10:19:28.0539 3080	VzFw            (938fbfa83148dadd7db0b1303dccfa00) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
10:19:28.0664 3080	VzFw ( UnsignedFile.Multi.Generic ) - warning
10:19:28.0664 3080	VzFw - detected UnsignedFile.Multi.Generic (1)
10:19:28.0851 3080	W32Time         (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
10:19:28.0944 3080	W32Time - ok
10:19:29.0069 3080	WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
10:19:29.0147 3080	WacomPen - ok
10:19:29.0303 3080	Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:19:29.0350 3080	Wanarp - ok
10:19:29.0350 3080	Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:19:29.0397 3080	Wanarpv6 - ok
10:19:29.0646 3080	wcncsvc         (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
10:19:29.0802 3080	wcncsvc - ok
10:19:30.0099 3080	WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
10:19:30.0192 3080	WcsPlugInService - ok
10:19:30.0286 3080	Wd              (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
10:19:30.0317 3080	Wd - ok
10:19:30.0411 3080	Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
10:19:30.0489 3080	Wdf01000 - ok
10:19:30.0567 3080	WdiServiceHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
10:19:30.0629 3080	WdiServiceHost - ok
10:19:30.0645 3080	WdiSystemHost   (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
10:19:30.0692 3080	WdiSystemHost - ok
10:19:30.0879 3080	WebClient       (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
10:19:30.0926 3080	WebClient - ok
10:19:31.0019 3080	Wecsvc          (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
10:19:31.0097 3080	Wecsvc - ok
10:19:31.0160 3080	wercplsupport   (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
10:19:31.0222 3080	wercplsupport - ok
10:19:31.0269 3080	WerSvc          (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
10:19:31.0331 3080	WerSvc - ok
10:19:31.0721 3080	WimFltr         (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\Windows\system32\DRIVERS\wimfltr.sys
10:19:31.0768 3080	WimFltr - ok
10:19:32.0080 3080	winachsf        (5a77ac34a0ffb70ce8b35b524fede9ba) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
10:19:32.0142 3080	winachsf - ok
10:19:32.0423 3080	WinDefend       (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
10:19:32.0454 3080	WinDefend - ok
10:19:32.0470 3080	WinHttpAutoProxySvc - ok
10:19:32.0735 3080	Winmgmt         (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
10:19:32.0766 3080	Winmgmt - ok
10:19:32.0938 3080	WinRM           (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
10:19:33.0156 3080	WinRM - ok
10:19:33.0437 3080	Wlansvc         (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
10:19:33.0531 3080	Wlansvc - ok
10:19:33.0671 3080	WmiAcpi         (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
10:19:33.0734 3080	WmiAcpi - ok
10:19:34.0170 3080	wmiApSrv        (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
10:19:34.0233 3080	wmiApSrv - ok
10:19:34.0592 3080	WMPNetworkSvc   (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
10:19:34.0904 3080	WMPNetworkSvc - ok
10:19:35.0200 3080	WPCSvc          (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
10:19:35.0247 3080	WPCSvc - ok
10:19:35.0309 3080	WPDBusEnum      (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
10:19:35.0372 3080	WPDBusEnum - ok
10:19:35.0652 3080	WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:19:35.0746 3080	WPFFontCache_v0400 - ok
10:19:36.0074 3080	ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
10:19:36.0105 3080	ws2ifsl - ok
10:19:36.0230 3080	wscsvc          (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
10:19:36.0276 3080	wscsvc - ok
10:19:36.0308 3080	WSearch - ok
10:19:36.0495 3080	wuauserv        (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
10:19:36.0698 3080	wuauserv - ok
10:19:37.0119 3080	WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:19:37.0181 3080	WUDFRd - ok
10:19:37.0244 3080	wudfsvc         (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
10:19:37.0306 3080	wudfsvc - ok
10:19:37.0556 3080	XAudio          (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys
10:19:37.0571 3080	XAudio - ok
10:19:37.0805 3080	XAudioService   (15a317674a08df26be65164d959e9203) C:\Windows\system32\DRIVERS\xaudio.exe
10:19:37.0930 3080	XAudioService - ok
10:19:37.0992 3080	MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
10:19:38.0289 3080	\Device\Harddisk0\DR0 - ok
10:19:38.0289 3080	Boot (0x1200)   (11ade9b81d7b6880de790a968b2c647b) \Device\Harddisk0\DR0\Partition0
10:19:38.0289 3080	\Device\Harddisk0\DR0\Partition0 - ok
10:19:38.0289 3080	============================================================
10:19:38.0304 3080	Scan finished
10:19:38.0304 3080	============================================================
10:19:38.0304 3932	Detected object count: 5
10:19:38.0304 3932	Actual detected object count: 5
10:20:04.0606 3932	IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
10:20:04.0606 3932	IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:20:04.0606 3932	PEVSystemStart ( UnsignedFile.Multi.Generic ) - skipped by user
10:20:04.0606 3932	PEVSystemStart ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:20:04.0622 3932	VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:20:04.0622 3932	VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:20:04.0622 3932	VzCdbSvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:20:04.0622 3932	VzCdbSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:20:04.0622 3932	VzFw ( UnsignedFile.Multi.Generic ) - skipped by user
10:20:04.0622 3932	VzFw ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:20:13.0170 0484	Deinitialize success

markusg · 06.04.2012, 15:29

gibts momentan noch probleme?
lade den CCleaner standard:
CCleaner Download - CCleaner 3.17.1689
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

klein_lola · 06.04.2012, 19:37

Code:

ATTFilter

Adobe Flash Player 11 ActiveX	Adobe Systems Incorporated	09.03.2012		11.1.102.63 notwendig
Adobe Flash Player 11 Plugin	Adobe Systems Incorporated	30.03.2012		11.2.202.228 notwendig
Adobe Reader X (10.1.2) - Deutsch	Adobe Systems Incorporated	08.02.2012	120,3MB	10.1.2 notwendig
Apple Application Support	Apple Inc.	06.02.2012	60,3MB	2.1.6 notwendig
Apple Software Update	Apple Inc.	06.02.2012	2,29MB	2.1.3.127 notwendig
ArcSoft Magic-i Visual Effects Installer	ArcSoft	05.02.2012	17,5MB	unbekannt
Bluetooth Stack for Windows by Toshiba		05.02.2012	56,1MB	v5.10.10(SO) unbekannt
Brother MFL-Pro Suite DCP-195C	Brother Industries, Ltd.	05.02.2012	1,60MB	1.0.0.0 notwendig
Browser Address Error Redirector		05.02.2012	unbekannt	
CCleaner	Piriform	05.04.2012	4,38MB	3.17 notwendig
CDBurnerXP	CDBurnerXP	06.02.2012	12,8MB	4.4.0.2905 notwendig
DAEMON Tools Lite	DT Soft Ltd	08.02.2012	24,7MB	4.45.2.0287 notwendig
Defraggler	Piriform	11.02.2012	4,54MB	2.09 notwendig
DivX Codec	DivX, Inc.	05.02.2012	45,0MB	6.6.1 notwendig
DivX Converter	DivX, Inc.	05.02.2012	45,0MB	6.5 notwendig
DivX Player	DivXNetworks, Inc.	05.02.2012	45,0MB	6.4.3 notwendig
Free YouTube to MP3 Converter version 3.10.15.1228	DVDVideoSoft Ltd.	06.02.2012	14,6MB	 notwendig
Google Earth	Google	07.02.2012	115,6MB	6.2.1.6014 notwendig
HDAUDIO SoftV92 Data Fax Modem with SmartCP		12.08.2007	1,01MB	unbekannt
Instant Mode	InterVideo	05.02.2012	187,9MB	1.0.2 unbekannt
Intel(R) Graphics Media Accelerator Driver		12.08.2007	unbekannt	
iTunes	Apple Inc.	06.02.2012	166,2MB	10.5.3.3 notwendig 
Java(TM) 6 Update 30	Oracle	06.02.2012	95,2MB	6.0.300 notwendig
Malwarebytes Anti-Malware Version 1.60.1.1000	Malwarebytes Corporation	06.02.2012	11,4MB	1.60.1.1000 notwendig
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU	Microsoft Corporation	06.02.2012	36,7MB	unbekannt
Microsoft .NET Framework 3.5 SP1	Microsoft Corporation	06.02.2012	36,7MB	unbekannt
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	06.02.2012	120,1MB	4.0.30319 unbekannt
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	06.02.2012	24,4MB	4.0.30319 unbekannt
Microsoft .NET Framework 4 Extended	Microsoft Corporation	12.03.2012	37,9MB	4.0.30319 unbekannt
Microsoft .NET Framework 4 Extended DEU Language Pack	Microsoft Corporation	12.03.2012	7,43MB	4.0.30319 unbekannt
Microsoft .NET Framework 4 Multi-Targeting Pack	Microsoft Corporation	12.03.2012	83,0MB	4.0.30319 unbekannt
Microsoft Expression Blend 3 SDK	Microsoft Corporation	12.03.2012	8,68MB	1.0.1343.0 notwendig
Microsoft Expression Blend 4	Microsoft Corporation	12.03.2012	156,8MB	4.0.20621.0 notwendig
Microsoft Expression Blend SDK for .NET 4	Microsoft Corporation	12.03.2012	9,45MB	2.0.20621.0 notwendig
Microsoft Expression Blend SDK for Silverlight 4	Microsoft Corporation	12.03.2012	10,9MB	2.0.20621.0 notwendig
Microsoft Expression Design 4	Microsoft Corporation	13.03.2012	61,7MB	7.0.20516.0 notwendig
Microsoft Expression Encoder 4	Microsoft Corporation	12.03.2012	78,9MB	4.0.1651.0 notwendig
Microsoft Expression Encoder 4 Screen Capture Codec	Microsoft Corporation	12.03.2012	1,80MB	4.0.1651.0 notwendig
Microsoft Expression Studio 4	Microsoft Corporation	12.03.2012	9,94MB	4.0.20705.0 notwendig
Microsoft Expression Web 4	Microsoft Corporation	15.03.2012	254MB	4.0.1303.0 notwendig
Microsoft Office Enterprise 2007	Microsoft Corporation	01.03.2012	606MB	12.0.6612.1000 notwendig
Microsoft Office File Validation Add-In	Microsoft Corporation	24.02.2012	7,95MB	14.0.5130.5003 notwendig
Microsoft Security Essentials	Microsoft Corporation	05.02.2012	17,8MB	2.1.1116.0 notwendig
Microsoft Silverlight 3 SDK	Microsoft Corporation	12.03.2012	31,4MB	3.0.40818.0 unbekannt
Microsoft Silverlight 4 SDK	Microsoft Corporation	12.03.2012	50,6MB	4.0.50401.0 unbekannt
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	06.02.2012	0,29MB	8.0.61001 unbekannt
Mozilla Firefox 10.0.3 (x86 en-US)	Mozilla	16.03.2012	36,1MB	10.0.3 notwendig
MSXML 4.0 SP2 (KB927978)	Microsoft Corporation	12.08.2007	1,25MB	4.20.9841.0 unbekannt
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	06.02.2012	34,00KB	4.20.9870.0 unbekannt
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	06.02.2012	1,33MB	4.20.9876.0 unbekannt
Paint.NET v3.5.10	dotPDN LLC	04.04.2012	10,5MB	3.60.0 notwendig
PaperPort Image Printer	Nuance Communications, Inc.	05.02.2012	0,49MB	1.00.0000 notwendig
Paragon Backup & Recovery™ 2012 Free	Paragon Software	10.02.2012	138,4MB	90.00.0003 notwendig
PDFCreator	Frank Heindörfer, Philip Chinery	19.03.2012	31,4MB	1.3.1 notwendig
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista	Realtek	12.08.2007	0,66MB	1.00.0000 unbekannt
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	12.08.2007	14,2MB	6.0.1.5391 unbekannt
ScanSoft PaperPort 11	Nuance Communications, Inc.	05.02.2012	145,9MB	11.2.0000 notwendig
Secunia PSI (2.0.0.4003)	Secunia	06.02.2012	3,59MB	2.0.0.4003 notwendig
Secure Download Manager	e-academy Inc.	12.03.2012	1,14MB	3.0.3 unbekannt
Setting Utility Series	Sony Corporation	13.08.2007	17,4MB	3.0.00.07240  unbekannt
Skype™ 5.8	Skype Technologies S.A.	06.02.2012	18,8MB	5.8.154 notwendig
Sony Video Shared Library	Sony Corporation	05.02.2012	3,90MB	3.2.00 unbekannt
Synaptics Pointing Device Driver	Synaptics	12.08.2007	12,9MB	9.1.13.0 unbekannt
VAIO Camera Capture Utility	Sony Corporation	05.02.2012	9,48MB	2.7.00.07050 unbekannt
VAIO Content Folder Setting	Sony Corporation	05.02.2012	6,69MB	1.0.00.07170 unbekannt
VAIO Content Importer / VAIO Content Exporter	Sony Corporation	05.02.2012	56,8MB	1.2.00.06270 unbekannt
VAIO Content Metadata Intelligent Analyzing Manager	Sony Corporation	05.02.2012	13,3MB	2.0.01.07051 unbekannt
VAIO Content Metadata Manager Setting	Sony Corporation	05.02.2012	2,72MB	2.0.01.07041 unbekannt
VAIO Content Metadata XML Interface Library	Sony Corporation	05.02.2012	1,48MB	2.0.01.07050 unbekannt
VAIO Control Center	Sony Corporation	13.08.2007	1,37MB	2.1.00.07110 unbekannt
VAIO Data Restore Tool	Sony Corporation	05.02.2012	1,09MB	1.0.02.06190 unbekannt
VAIO Entertainment Platform	Sony Corporation	05.02.2012	15,9MB	3.0.00.06280 unbekannt
VAIO Event Service	Sony Corporation	13.08.2007	5,70MB	3.2.00.07240 unbekannt
VAIO Launcher	Sony Corporation	05.02.2012	5,69MB	1.0.00.07090 unbekannt 
VAIO Original Function Setting	Sony Corporation	05.02.2012	5,21MB	1.1.00.07130 unbekannt
VAIO Power Management	Sony Corporation	13.08.2007	12,0MB	2.2.00.06130 unbekannt
VLC media player 2.0.1	VideoLAN	27.03.2012	80,9MB	2.0.1 notwendig
WinDVD for VAIO	InterVideo Inc.	05.02.2012	89,2MB	8.0-B8.384 unbekannt
WinRAR 4.10 (32-Bit)	win.rar GmbH	06.02.2012	4,12MB	4.10.0 notwendig
Wireless Switch Setting Utility	Sony Corporation	05.02.2012	4,02MB	3.6.00.18210 unbekannt
WPF Toolkit February 2010 (Version 3.5.50211.1)	Microsoft Corporation	12.03.2012	4,81MB	3.5.50211.1 unbekannt

02.04.2012, 10:59	#6
markusg /// Malware-holic	Firefox verbindet kaum noch hi starte mal neu, drücke f8 wähle abgesicherter modus mit netzwerk, melde dich in deinem konto an und versuchs erneut. __________________ --> Firefox verbindet kaum noch

04.04.2012, 12:13	#10
markusg /// Malware-holic	Firefox verbindet kaum noch log posten. __________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet

Firefox verbindet kaum noch

Plagegeister aller Art und deren Bekämpfung: Firefox verbindet kaum noch