| |
| |||||||
Log-Analyse und Auswertung: Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-neinWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
17.05.2012, 21:36
| #1 |
 |  Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein Hi! Ich hoffe, Ihr konnt mir weiterhelfen. Gestern habe ich auf meinem Laptop ein Fenster entdeckt, welches mir freundlicherweise mitteilte, dass ich zu lange auf pornoseiten unterwegs war  und jetzt würde mein Windows blockiert. blablabla - 100EUR per Ukash überweisen und dann sei alles im Lot. Selbstverständlich habe ich es nicht gemacht  Mit viel Mühe haben wir es hingekriegt, das System zurückzusetzen und eigentlich funktioniert alles einwandfrei.Das Problem ist, dass ich mir nicht sicher bin, ob der Virus doch nicht irgendwo sich versteckt hat.. Da ich meine RecoveryCD nicht mehr finden kann, würde ich mich freuen, wenn sich die Neuinstallierung vermeiden ließe.. Bis jetzt habe ich immer die kostenlose Version von Avira benutzt. Aber da ich  war und öfters die Java-Updates vernachlässigt habe, kam es offenbar zum "Kontakt" mit dem Java Trojaner. Nachdem ich wieder Zugang zu meinem Profil hatte, ließ ich Avira laufen und da waren die kleinen "Freunde" - leider ließ sich der Bericht nicht als txt speichern, aber ich glaube, es waren 2 verschiedene Virennamen - einmal etwas mit Trojaner und ein mal EXP/CVE-2010-0840. Die habe ich gelöscht und die Welt schien in O. zu sein.Dann habe ich Scan Spyware laufen lassen (s. Log unten) und der fand 8 high risk files. Darunter auch Trojan Spammer, AntiMalware reg.keys und values. Habe versucht, diese zu löschen. Bei den Reg.keys und values ging es gut (ATI habe ich nicht entfernt), aber bei Tr.Spammer sagte er, dass der PC neugestartet werden muss. Gesagt getan. Nach dem Neustart sah ich ein Fenster, dass die "Löscharbeiten" erfolgreich waren. Als ich jedoch nochmal Scan Spyware laufen ließ, waren ALL DIESE Fails wieder da!!! Also habe ich noch Malwarebytes Anti-Malware Test laufen lassen. Der hat allerdings NIX gefunden (Log von dem vollständigen Suchlauf konnte ich nicht erstellen, aber das Ergebnis hieß: Der Suchlauf wurde erfolgreich abgeschlossen. Es wurden keine inf.Obj.gefunden). Flash scan ergab ebenfalls keine Treffer (s.Log) Vor 10Min.habe ich meinen PC wieder mit Avira testen lassen (vorher alles angekreuzt, wie hier im Forum vorgegeben) und es kam raus, dass keine Viren gefunden wurden, dafür aber 189 Warnungen (s.Log). Ich stehe wirklich auf dem Schlauch und verstehe nicht, ob mein PC nun "sauber" ist oder nein??? Konnt Ihr irgendetwas in den Logs das erkennen?  Danke im Voraus für Eure Antworten!!Seeigel Geändert von Seeigel (17.05.2012 um 22:07 Uhr) |
|
19.05.2012, 13:34
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein Führ bitte auch ESET aus, danach sehen wir weiter:
__________________ESET Online Scanner
__________________ |
|
19.05.2012, 23:44
| #3 |
| | Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein Hi.
__________________Hab den ESET 2mal laufen lassen und beide male wurde nichts gefunden. Log sieht allerdings bei beiden malen äußerst komisch aus: ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK esets_scanner_update returned -1 esets_gle=12 Ist es das?? Mehr steht da wirklich nichts drin. Außerdem habe ich heute erneut Malwarebytes laufen lassen. Hier der Log: Malwarebytes Anti-Malware (Test) 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.05.19.02 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Schutz: Aktiviert 2012.05.19. 10:26:37 mbam-log-2012-05-19 (10-26-37).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 333219 Laufzeit: 1 Stunde(n), 15 Minute(n), 30 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Wie gesagt - PC läuft normal weiter, unter Start sind keine merkwürdigen leeren Folder zu sehen (bis auf Autostart, aber das scheint ja OK zu sein). In meinem privaten Ordner habe ich FOlder .jivex entdeckt. Der enthält 1 Datei. Weiß nicht, was das Ding soll.  und gute Nacht  |
|
20.05.2012, 20:27
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein ESET hast du wahrscheinlich falsch gemacht, da gab es extra einen dicken Hinweis zu Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt so öffnen: per Rechtsklick => als Administrator ausführen
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
21.05.2012, 19:21
| #5 |
| | Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein ou yeah - habe total vergessen, dass ich doch Vista habe wieder nix gefunden.Hier der Log. ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK esets_scanner_update returned -1 esets_gle=12 # version=7 # iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=6b85dd566161a346ac855cc0f10416de # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-05-21 04:19:33 # local_time=2012-05-21 06:19:33 (+0100, Mitteleuropäische Sommerzeit) # lang=1033 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode=1792 16777215 100 0 18556545 18556545 0 0 # compatibility_mode=5892 16776573 100 100 201862 175149707 0 0 # compatibility_mode=8192 67108863 100 0 253094 253094 0 0 # scanned=232 # found=0 # cleaned=0 # scan_time=198 esets_scanner_update returned -1 esets_gle=53251 # version=7 # iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=6b85dd566161a346ac855cc0f10416de # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-05-21 06:16:18 # local_time=2012-05-21 08:16:18 (+0100, Mitteleuropäische Sommerzeit) # lang=1033 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode=1792 16777215 100 0 18556978 18556978 0 0 # compatibility_mode=5892 16776573 100 100 202295 175150140 0 0 # compatibility_mode=8192 67108863 100 0 253527 253527 0 0 # scanned=143899 # found=0 # cleaned=0 # scan_time=6765 |
|
21.05.2012, 20:29
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein Hätte da mal zwei Fragen bevor es weiter geht 1.) Geht der normale Modus uneingeschränkt? 2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?
__________________ --> Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein |
|
21.05.2012, 20:56
| #7 |
| | Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein Hi! Ja-PC läuft normal weiter, im Startmenü sind keine merkwürdigen leeren Folder zu sehen (bis auf Autostart, aber das scheint ja OK zu sein, oder?). In meinem My Documents Ordner habe ich FOlder .jivex entdeckt. Der enthält 1 Datei. Weiß nicht, was das Ding soll. Habe in der Zwischenzeit OTL durchgeführt hier der Extras log OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 2012.05.21. 21:36:45 - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Seeigel\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000426 | Country: *** | Language: *** | Date Format: yyyy.MM.dd.
3,00 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 48,23% Memory free
6,20 Gb Paging File | 4,21 Gb Available in Paging File | 68,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 224,77 Gb Total Space | 146,16 Gb Free Space | 65,02% Space Free | Partition Type: NTFS
Drive D: | 3,72 Gb Total Space | 2,34 Gb Free Space | 62,95% Space Free | Partition Type: FAT32
Computer Name: SEEIGEL-PC | User Name: Seeigel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = Max2.Association.HTML] -- C:\Users\Seeigel\AppData\Roaming\Maxthon2\Maxthon.exe (Maxthon International ltd.)
.url [@ = InternetShortcut] -- C:\Users\Seeigel\AppData\Roaming\Maxthon2\Maxthon.exe (Maxthon International ltd.)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B5E5EEC-C35D-4271-B934-0B9C026C0250}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{1D64DADC-B309-4AD1-ADF8-D68094ED4FD1}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2AF4896D-373D-475E-8C4D-76574B3DE161}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2C311BD1-4FF0-48AE-B07E-9293D80B1F52}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3D45C416-58DC-4552-AE1F-E231676E3088}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{651EDF3F-6DC8-48AC-B249-819CB9F0AE41}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7F0DB9B4-A4C8-41BF-A920-FD93C34353FD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{912717EC-6EDC-47FD-98EA-A4E2301DDA74}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AC1C24CB-11D5-4E6A-8425-C0FE0778810C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C22306D8-E9D5-4610-8AB6-9A5A64400624}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D9282514-A799-4E44-8C78-78A1E703B9EA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DCCE715C-4B87-4798-90A5-F2A140727726}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F55079AC-7C50-41EF-A04B-2076E4437993}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{FBBE953D-E312-48D3-9E72-137053C50527}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1401E1B0-361C-4E6F-9E3E-03B82BE3AD01}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1F094174-0E43-476C-9A8E-FD809C906F70}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{36E4ABBC-7A6E-4410-AC50-1B654BEB7ACF}" = protocol=6 | dir=out | app=system |
"{40C7A457-3A82-422C-9303-D0DE7E1E55B7}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{466EE777-350A-4D1B-AFDB-826AEDCB5176}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{48E7D24A-D004-4EF4-A77E-1B38B4443058}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{4D7CEE09-E507-42DD-8276-D92AA4A8064A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{58792994-ADB5-409F-B06E-13146EFB490D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6765CFF7-9075-4C96-A851-70EB52BB0BD8}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{6B706F92-CC56-4428-B3E0-C628599451B3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6B9B92F5-ADBC-4B38-AFAF-73A3E6F0E612}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7804FBCA-01E9-48EB-A1A4-36580C5B04D4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{78522EA0-A13F-45C2-BF4C-FBC5AF9A85EC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8CDA1223-0531-4AD8-967A-10E9067E8596}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{950DE681-3A9E-446C-BB72-476E2C703D34}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B0E62BAE-29AE-4227-BBB9-E69C1DDEADF5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B5CDD185-D644-4BFE-B80A-456CCD265F16}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D3977386-ACA8-4733-94EC-340ECD763C11}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{EC497A53-69AD-42BC-921E-0A176C1D9C29}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{F27EE3E3-F4E3-4FF1-BB9A-4B6234FE9629}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{FE104AD6-734D-4113-BB9F-C3A498228B9B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"TCP Query User{7A2AD33B-C39D-4DA6-9E8A-4ADC05382020}C:\users\Seeigel\appdata\roaming\maxthon2\modules\mxdownloader\mxdownloadserver.exe" = protocol=6 | dir=in | app=c:\users\Seeigel\appdata\roaming\maxthon2\modules\mxdownloader\mxdownloadserver.exe |
"TCP Query User{97182E46-58B7-480A-9E65-27A2550E7B46}C:\users\Seeigel\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light" = protocol=6 | dir=in | app=c:\users\Seeigel\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light |
"TCP Query User{A858DECB-3DB1-4C98-9DD5-EF6658B8ECB3}C:\users\Seeigel\appdata\roaming\maxthon2\maxthon.exe" = protocol=6 | dir=in | app=c:\users\Seeigel\appdata\roaming\maxthon2\maxthon.exe |
"TCP Query User{D54146F9-BC36-4103-856E-8C073EE18493}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{EAD22691-4C18-430F-8222-866EBCB15682}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{F96663CF-8126-4D8E-AD3B-17C5C376D171}C:\users\Seeigel\appdata\roaming\maxthon2\modules\mxdownloader\mxdownloadserver.exe" = protocol=6 | dir=in | app=c:\users\Seeigel\appdata\roaming\maxthon2\modules\mxdownloader\mxdownloadserver.exe |
"UDP Query User{1DCEF61A-0024-4C23-83C3-149CB06AD99A}C:\users\Seeigel\appdata\roaming\maxthon2\modules\mxdownloader\mxdownloadserver.exe" = protocol=17 | dir=in | app=c:\users\Seeigel\appdata\roaming\maxthon2\modules\mxdownloader\mxdownloadserver.exe |
"UDP Query User{2D6660FC-719B-4CA5-AB9E-5E31CBC7A4CF}C:\users\Seeigel\appdata\roaming\maxthon2\maxthon.exe" = protocol=17 | dir=in | app=c:\users\Seeigel\appdata\roaming\maxthon2\maxthon.exe |
"UDP Query User{576C2DCB-059A-4392-8B5E-F11B210196EB}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{5836B0F1-60C9-488A-923E-1400EDDDFAC3}C:\users\Seeigel\appdata\roaming\maxthon2\modules\mxdownloader\mxdownloadserver.exe" = protocol=17 | dir=in | app=c:\users\Seeigel\appdata\roaming\maxthon2\modules\mxdownloader\mxdownloadserver.exe |
"UDP Query User{894BD733-DF17-4E2F-AB15-5D42A328903C}C:\users\Seeigel\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light" = protocol=17 | dir=in | app=c:\users\Seeigel\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light |
"UDP Query User{D1A5A60D-D45C-447B-BB05-CADF0547F0DB}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{033D2EF8-EE01-4C78-BB87-9BE3BB745A0D}" = Latv4Germ
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06F4E770-E63C-6619-A4BD-BA172E0AF143}" = CCC Help Korean
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{09C468CA-2940-466A-AAE8-DCC0C6E9323C}" = Nokia Software Updater
"{0B3935EA-0186-5B0B-88CB-DDBA93A95376}" = CCC Help Spanish
"{0BE45907-E708-995C-F327-49A11924E2B8}" = Catalyst Control Center Localization Portuguese
"{0D6C3F46-15B5-706E-D162-579F89D7A818}" = Skins
"{0ED4E0C1-2EF1-EE6E-F578-5C1407A3D047}" = ATI Catalyst Install Manager
"{0EEF7052-BE05-E623-2299-9AFE0F2B0CAE}" = Catalyst Control Center Graphics Full Existing
"{0F6939E1-6994-FBA0-34D6-C4CCC2B2DBD3}" = Catalyst Control Center Localization Korean
"{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}" = VAIO Media plus
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1EDF22AA-2762-92FF-9A97-91A8504A1EB8}" = Catalyst Control Center Localization Greek
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{2018C019-30D9-4240-8C01-0865C10DCF5A}" = Unterstützung für VAIO-Präsentation
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{2630832F-5E46-9746-5FC8-295C9B1AADA3}" = Catalyst Control Center Localization Chinese Traditional
"{26921B2E-3E62-47F9-A514-1FC4A83BD738}" = Intel(R) PROSet/Wireless WiFi-Software
"{26A24AE4-039D-4CA4-87B4-2F83217003FF}" = Java(TM) 7 Update 3
"{29F563F4-8807-4496-8463-441EAA0E96AB}" = PC Connectivity Solution
"{2F0D8535-0F13-41FC-A227-101CD316CAB2}" = CCC Help Japanese
"{30D2B06E-12D1-70C3-4AE7-9942BD0736B0}" = Catalyst Control Center Core Implementation
"{314CE545-FF73-1AF2-AB7F-0B3C6F84C139}" = Catalyst Control Center Localization Danish
"{326DC400-1FC4-4D7D-946D-06D1EAB93200}" = VAIO Guide
"{35CCD624-A020-0EBE-3B04-1BE4D47A38E1}" = Catalyst Control Center Localization Czech
"{363611D9-1106-41F2-B74E-BD8481C41219}" = Click to Disc
"{36E408F0-DF8A-4F9B-BF26-AED92C789F5D}" = Tildes Birojs 2005
"{3B659FAD-E772-44A3-B7E7-560FF084669F}" = VAIO Smart Network
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{409ECFF1-9CC7-43A8-B28A-B7F0B7CB04D1}_is1" = Classic Menu 3.x for Office 2007
"{425F56BE-2966-22A6-2123-FD4B5AC334D6}" = Catalyst Control Center Localization Thai
"{42AE4A8D-9941-5890-7D89-BA7563CD6C7B}" = CCC Help Finnish
"{49A75034-EE1D-9BD8-B33B-15E4DFA100C8}" = CCC Help Portuguese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BCC3567-1875-C15C-9C12-818E27B6698D}" = Catalyst Control Center Graphics Full New
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{4F338231-AE58-7B54-963D-0C47A88ACC4D}" = ccc-core-static
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{53DBA3E6-8839-CEEE-C72A-91C8A19E3D92}" = CCC Help German
"{563CD8DC-4BE3-0DE2-18FC-3FA201BEE33D}" = Catalyst Control Center Localization Hungarian
"{57664BF2-4684-E828-4D29-66FC0343AD8A}" = Catalyst Control Center Localization Chinese Standard
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{59991D18-A988-45AB-B1BF-5ADE6E64CD3F}" = SnagIt 9
"{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" =
"{5E16077B-1373-5D40-2EC6-13A3885DE3D4}" = Catalyst Control Center Graphics Previews Common
"{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Energie Verwaltung
"{5F5DD0C0-3F2A-8830-6FDB-105EDFD6B438}" = CCC Help Polish
"{62CA24D9-F575-352C-F21C-EE45B183B9F8}" = CCC Help Czech
"{64DF88D9-D30D-69F9-58EF-36ED63C7988D}" = Catalyst Control Center Localization Swedish
"{66E164AC-632D-D5A1-95D0-279191FDCDF5}" = Catalyst Control Center Localization Spanish
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6C50525A-2D77-4C22-B058-9AA2F27ACFF2}" = VAIO Content Metadata Intelligent Analyzing Manager
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6EFAB4DC-730A-328F-15B3-16749C52507D}" = Catalyst Control Center Localization Finnish
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{706439E9-105B-B5FA-DF2C-A8E1CFE5CFD5}" = Catalyst Control Center Localization Japanese
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{75853925-2522-46A0-A2CA-D0CC9F49864D}" = RuQWERTY
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7E823DA5-43A2-46E8-A75E-5A2A0FDE81A1}" = VAIO Content Metadata Manager Setting
"{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}" = VAIO Update 4
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87EBA91F-4366-246A-5231-C3DBAEE6E857}" = CCC Help Norwegian
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A9ECC08-E50F-B36B-DECB-C2BC42CA8037}" = CCC Help Thai
"{8BD60AEF-3F9D-47AE-B80A-FB7FFCE335A0}" = VAIO Movie Story
"{8D0318A9-3C52-0EBC-C21C-349B16B25666}" = CCC Help Hungarian
"{8D574794-0933-ACFA-8F3E-E74741EA5D44}" = CCC Help English
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0419-0000-0000000FF1CE}" = Microsoft Office Proof (Russian) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{92F8BB8E-4DDA-5603-81FC-690A4E029EB2}" = CCC Help Danish
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A10E1547-A0DE-B7EE-712C-860E07F46AAC}" = Catalyst Control Center Localization Russian
"{A552C4EA-D41E-4C61-A0FB-C0E05440F7D7}" = VAIO Entertainment Platform
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AB138669-2648-F7E6-17DC-0056602F0C1C}" = Catalyst Control Center Graphics Light
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B49D194C-4F11-C359-5CEB-BE235CDDD703}" = CCC Help Italian
"{B513C7B0-024A-498F-B0F5-00C67E2440A9}" = VAIO Content Metadata Intelligent Analyzing Manager
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{BACD22AE-5B6B-4F23-B506-3FCFF13AC137}" = VAIO Media plus
"{BF8307DC-DD68-B2EC-FA47-9416406A0A0A}" = Catalyst Control Center Localization German
"{C0BBC0C2-7DDE-7416-23F6-EB20335DBC4D}" = Catalyst Control Center Localization Norwegian
"{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}" = OpenMG Secure Module 5.1.00
"{C15C4908-11B8-D34D-993F-0243F957A13C}" = CCC Help Turkish
"{C233101D-A379-FD7F-2754-5124CF1AA124}" = CCC Help Dutch
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C83D0710-17F9-3D2B-E7A2-58311242A4D6}" = Catalyst Control Center Localization Dutch
"{C85897A9-D7C5-8A9F-299E-998D8B3139B3}" = CCC Help Greek
"{C93F4E7C-1B31-449B-A304-EF277CF55E39}" = Catalyst Control Center - Branding
"{CA967022-3B55-F884-C803-0743A9084DF0}" = CCC Help Chinese Standard
"{CB8A8696-93EC-414E-A752-850AB133F68A}" = VAIO Content Metadata XML Interface Library
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{DA093954-87E4-CE1B-F278-C73607C23A75}" = Catalyst Control Center Localization Italian
"{DB9C9AF5-FA37-DDB7-6A82-D62504958DA0}" = CCC Help Russian
"{DDCDF8EC-8D5C-3390-3D89-27C9AB2CDCAE}" = CCC Help Chinese Traditional
"{E6059A2F-0DD4-53DB-007B-F5B910CB1AB8}" = CCC Help Swedish
"{E7182A1A-8E3D-FD52-7A8C-13DF92489494}" = Catalyst Control Center Localization Polish
"{EB233331-3AB8-8435-4924-B16C29AE0BFC}" = Catalyst Control Center Localization Turkish
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EE59BBF9-415C-45DB-8C4B-EE43CF635FEA}" = VAIO Content Metadata XML Interface Library
"{EE6D5D1E-B638-BBDC-C6A3-2752F38EED42}" = CCC Help French
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.053
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F140EBF8-399F-78F1-73A7-542511649382}" = ccc-utility
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F488BCB2-6D0A-E804-B272-1FF37C34392A}" = Catalyst Control Center Graphics Previews Vista
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{F68211B0-4E73-8D9D-B8ED-6B90762AB5D8}" = Catalyst Control Center Localization French
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FD72E69E-CF34-4071-BFD6-FD081A365E2C}" = VAIO Content Metadata Intelligent Analyzing Manager
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"{FE697886-F392-4E0D-A0C0-47587BF60992}" = VAIO Content Metadata Manager Setting
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Windows-Treiberpaket - Nokia Modem (10/05/2009 4.2)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Windows-Treiberpaket - Nokia Modem (06/01/2009 7.01.0.4)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira Free Antivirus
"BFG-Big Fish Games Spiel-Suite" = Big Fish Games Spiel-Suite
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"dt icon module" =
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"Google Desktop" = Google Desktop
"gtfirstboot Setting Request" =
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}" = OpenMG Secure Module 5.1.00
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"MarketingTools" = VAIO Marketing Tools
"Maxthon2" = Maxthon2
"MFU Module" =
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Nokia PC Suite" = Nokia PC Suite
"NSS" = Norton Security Scan
"Picasa2" = Picasa 2
"PrimoPDF4.0.1" = PrimoPDF
"PrintServer Network driver" = PrintServer Network driver
"ProInst" = Intel PROSet Wireless
"Scan Spyware_is1" = ScanSpyware v3.8.0.1
"SereneScreen Marine Aquarium 3_is1" = SereneScreen Marine Aquarium 3
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Update Engine" = Sony Ericsson Update Engine
"VAIO Help and Support" =
"VLC media player" = VLC media player 0.9.8a
"WinRAR archiver" = WinRAR archiver
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 2011.10.28. 15:12:00 | Computer Name = Seeigel-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 9.0.8112.16421, Zeitstempel
0x4d76255d, fehlerhaftes Modul AVIRAI~1.DLL, Version 1.0.3.1000, Zeitstempel 0x4ea88942,
Ausnahmecode 0xc0000005, Fehleroffset 0x000180da, Prozess-ID 0x1178, Anwendungsstartzeit
01cc95a5503db94d.
Error - 2011.10.28. 15:21:35 | Computer Name = Seeigel-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 9.0.8112.16421, Zeitstempel
0x4d76255d, fehlerhaftes Modul gdiplus.dll_unloaded, Version 0.0.0.0, Zeitstempel
0x4cd300b8, Ausnahmecode 0xc0000005, Fehleroffset 0x73f774b2, Prozess-ID 0x1988,
Anwendungsstartzeit 01cc95a579a05bdd.
Error - 2011.10.29. 13:56:00 | Computer Name = Seeigel-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 9.0.8112.16421, Zeitstempel
0x4d76255d, fehlerhaftes Modul gdiplus.dll_unloaded, Version 0.0.0.0, Zeitstempel
0x4cd300b8, Ausnahmecode 0xc0000005, Fehleroffset 0x73f774b2, Prozess-ID 0x870,
Anwendungsstartzeit 01cc9663d41d9920.
Error - 2011.10.30. 2:42:41 | Computer Name = Seeigel-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 9.0.8112.16421, Zeitstempel
0x4d76255d, fehlerhaftes Modul gdiplus.dll_unloaded, Version 0.0.0.0, Zeitstempel
0x4cd300b8, Ausnahmecode 0xc0000005, Fehleroffset 0x73f774b2, Prozess-ID 0x628,
Anwendungsstartzeit 01cc96ceeb801190.
Error - 2011.10.30. 2:52:58 | Computer Name = Seeigel-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 9.0.8112.16421, Zeitstempel
0x4d76255d, fehlerhaftes Modul gdiplus.dll_unloaded, Version 0.0.0.0, Zeitstempel
0x4cd300b8, Ausnahmecode 0xc0000005, Fehleroffset 0x73f774b2, Prozess-ID 0x1a88,
Anwendungsstartzeit 01cc96d07de02fb0.
Error - 2011.10.30. 11:25:33 | Computer Name = Seeigel-PC | Source = EventSystem | ID = 4621
Description =
Error - 2011.10.30. 11:27:18 | Computer Name = Seeigel-PC | Source = WinMgmt | ID = 10
Description =
Error - 2011.10.30. 11:28:06 | Computer Name = Seeigel-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 2011.10.30. 11:30:56 | Computer Name = Seeigel-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 9.0.8112.16421, Zeitstempel
0x4d76255d, fehlerhaftes Modul AVIRAI~1.DLL, Version 1.0.3.1000, Zeitstempel 0x4ea88942,
Ausnahmecode 0xc0000005, Fehleroffset 0x000180da, Prozess-ID 0x154c, Anwendungsstartzeit
01cc9718d42947e8.
Error - 2011.10.30. 11:30:59 | Computer Name = Seeigel-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 9.0.8112.16421, Zeitstempel
0x4d76255d, fehlerhaftes Modul AVIRAI~1.DLL, Version 1.0.3.1000, Zeitstempel 0x4ea88942,
Ausnahmecode 0xc0000005, Fehleroffset 0x000180da, Prozess-ID 0x16f4, Anwendungsstartzeit
01cc9718d408eea8.
[ OSession Events ]
Error - 2011.10.09. 18:58:18 | Computer Name = Seeigel-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 109
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 2012.05.15. 16:30:05 | Computer Name = Seeigel-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 2012.05.15. 16:30:05 | Computer Name = Seeigel-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 2012.05.15. 16:53:34 | Computer Name = Seeigel-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 2012.05.16. 1:27:56 | Computer Name = Seeigel-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 2012.05.16. 12:10:13 | Computer Name = Seeigel-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 2012.05.17. 0:56:32 | Computer Name = Seeigel-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 2012.05.18. 13:17:54 | Computer Name = Seeigel-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 2012.05.19. 4:07:08 | Computer Name = Seeigel-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 2012.05.20. 11:25:51 | Computer Name = Seeigel-PC | Source = DCOM | ID = 10010
Description =
Error - 2012.05.21. 12:12:41 | Computer Name = Seeigel-PC | Source = Service Control Manager | ID = 7011
Description =
< End of report >
[/code] Hier der OTL log OTL Logfile: Code:
ATTFilter OTL logfile created on: 2012.05.21. 21:36:45 - Run 1 OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Seeigel\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000426 | Country: *** | Language: *** | Date Format: yyyy.MM.dd. 3,00 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 48,23% Memory free 6,20 Gb Paging File | 4,21 Gb Available in Paging File | 68,03% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 224,77 Gb Total Space | 146,16 Gb Free Space | 65,02% Space Free | Partition Type: NTFS Drive D: | 3,72 Gb Total Space | 2,34 Gb Free Space | 62,95% Space Free | Partition Type: FAT32 Computer Name: SEEIGEL-PC | User Name: Seeigel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Seeigel\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Windows\System32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe (Adobe Systems Incorporated) PRC - C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Programme\Sony\Sony PC Companion\PCCompanion.exe (Sony) PRC - C:\Programme\Sony\Sony PC Companion\PCCompanionInfo.exe () PRC - C:\Programme\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName}) PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\conime.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) PRC - C:\Programme\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation) PRC - C:\Windows\RTKAUDIOSERVICE.EXE (Realtek Semiconductor) PRC - C:\Programme\Sony\Network Utility\NSUService.exe (Sony Corporation) PRC - C:\Programme\Sony\Network Utility\LANUtil.exe (Sony Corporation) PRC - C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) PRC - C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Update 4\VAIOUpdt.exe (Sony Corporation) PRC - C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) PRC - C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) PRC - C:\Programme\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) PRC - C:\Programme\Tildes Birojs 2005\MDICTION.EXE (Sabiedrîba Tilde) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\75df548d77c2833a48c5da51424c93f1\System.IdentityModel.Selectors.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\32983e3f4c5c20053e6673f37a58a874\System.IdentityModel.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1619144e1a9eaca847e53b952b21820b\System.Runtime.Serialization.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\521fb04fdfbb0039a34cc91111d11804\SMDiagnostics.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\1dac5ff29f483e19c77b23b00ba533f9\System.ServiceModel.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\675632907c226b0c67a2407f2ddd4bf7\System.ServiceProcess.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ef684a2ee2f7276eec3973a0654d2bd4\System.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4d54640bacd18e047a4573cb4611bd3\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5d8696f15e49aedf883dd945806a7049\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll () MOD - C:\Programme\Sony\Sony PC Companion\PCCompanionInfo.exe () MOD - C:\Programme\Sony\Sony PC Companion\MExplorer.dll () MOD - C:\Programme\Sony\Sony PC Companion\TMonitorAPI.dll () MOD - C:\Programme\Google\Google Desktop Search\gzlib.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Programme\WinRAR\RarExt.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3020.36958__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3020.36966__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3020.36925__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3020.36980__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3020.37156__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3020.37121__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3020.37076__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3020.36945__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3020.37184__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3020.37129__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3020.37190__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3020.37135__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3020.36939__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3020.37128__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3020.37085__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3020.36992__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3020.36947__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3020.37148__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3020.36985__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3020.37100__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3020.37084__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3020.36997__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3020.37100__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3020.37078__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3020.37114__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3020.36998__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3020.37077__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3020.37084__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3020.37114__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.dll () MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll () MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2965.22300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2939.23740__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.3020.37169_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3020.36952__90ba9c70f846762e\CLI.Component.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3020.37169__90ba9c70f846762e\CLI.Component.Systemtray.dll () MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3020.37176__90ba9c70f846762e\MOM.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3020.37175__90ba9c70f846762e\LOG.Foundation.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3020.37200__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3020.37210__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3020.36917__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3020.36918__90ba9c70f846762e\CLI.Component.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3020.36932__90ba9c70f846762e\CLI.Component.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3020.37176__90ba9c70f846762e\CCC.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3020.36918__90ba9c70f846762e\ATIDEMOS.dll () MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3020.36916__90ba9c70f846762e\APM.Server.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3020.36917__90ba9c70f846762e\AEM.Server.dll () MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll () MOD - C:\Windows\assembly\GAC_MSIL\SPMCommon\3.1.0.6020__e3c7096ba83f9295\SPMCommon.dll () MOD - C:\Windows\assembly\GAC_MSIL\SPMDam\3.1.0.6020__1b3c579b6925895f\SPMDam.dll () MOD - C:\Windows\System32\atitmmxx.dll () MOD - C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll () MOD - C:\Programme\Tildes Birojs 2005\ld1062.dll () ========== Win32 Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (Sony PC Companion) -- C:\Programme\Sony\Sony PC Companion\PCCService.exe (Avanquest Software) SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (SQLWriter) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) SRV - (MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ) -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) SRV - (SQLBrowser) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) SRV - (MSSQLServerADHelper) -- C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation) SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (Microsoft Office Groove Audit Service) -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation) SRV - (VAIO Event Service) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) SRV - (RtkAudioService) -- C:\Windows\RTKAUDIOSERVICE.EXE (Realtek Semiconductor) SRV - (NSUService) -- C:\Programme\Sony\Network Utility\NSUService.exe (Sony Corporation) SRV - (VCFw) -- C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) SRV - (Vcsw) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe (Sony Corporation) SRV - (VzCdbSvc) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation) SRV - (SOHDms) -- C:\Programme\Sony\VAIO Media plus\SOHDms.exe (Sony Corporation) SRV - (SOHCImp) -- C:\Programme\Sony\VAIO Media plus\SOHCImp.exe (Sony Corporation) SRV - (SOHDs) -- C:\Programme\Sony\VAIO Media plus\SOHDs.exe (Sony Corporation) SRV - (SPTISRV) -- C:\Programme\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation) SRV - (MSCSPTISRV) -- C:\Programme\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation) SRV - (PACSPTISVR) -- C:\Programme\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation) SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) SRV - (BcmSqlStartupSvc) -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation) SRV - (IviRegMgr) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (UIUSys) -- system32\DRIVERS\UIUSYS.SYS File not found DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found DRV - (igfx) -- system32\DRIVERS\igdkmd32.sys File not found DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications) DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications) DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia) DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia) DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia) DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia) DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia) DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia) DRV - (WsAudio_DeviceS(1)) WsAudio_DeviceS(1) -- C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys (Wondershare) DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC) DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation) DRV - (risdptsk) -- C:\Windows\System32\drivers\risdptsk.sys (REDC) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation) DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation) DRV - (SFEP) -- C:\Windows\System32\drivers\SFEP.sys (Sony Corporation) DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.) DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo) DRV - (SE2Ebus) Sony Ericsson Device 046 Driver driver (WDM) -- C:\Windows\System32\drivers\SE2Ebus.sys (MCCI) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com IE - HKLM\..\SearchScopes,DefaultScope = {6C46687A-47DF-4C56-9E42-77258AB738EB} IE - HKLM\..\SearchScopes\{6C46687A-47DF-4C56-9E42-77258AB738EB}: "URL" = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta= IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\SearchScopes,DefaultScope = {6C46687A-47DF-4C56-9E42-77258AB738EB} IE - HKCU\..\SearchScopes\{6C46687A-47DF-4C56-9E42-77258AB738EB}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SNYK_de IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://127.0.0.1:4664/search&s=OhbH8nbOWyo3efD8e39YurKqHS8?q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Seeigel\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Seeigel\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Seeigel\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Web Player\npdivx32.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Seeigel\AppData\Local\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Seeigel\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Users\Seeigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: YouTube = C:\Users\Seeigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\ CHR - Extension: Google mekl\u0113\u0161ana = C:\Users\Seeigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\ CHR - Extension: Google mekl\u0113\u0161ana = C:\Users\Seeigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Gmail = C:\Users\Seeigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\ CHR - Extension: Gmail = C:\Users\Seeigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Programme\TechSmith\SnagIt 9\SnagItBHO.dll (TechSmith Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Google BAE\BAE.dll (Your Company Name) O2 - BHO: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programme\TechSmith\SnagIt 9\SnagItIEAddin.dll (TechSmith Corporation) O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName}) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [CheckCU] C:\Programme\Tildes Birojs 2005\CheckCU.exe () O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MarketingTools] C:\Programme\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation) O4 - HKLM..\Run: [mdiction] C:\Programme\Tildes Birojs 2005\MDICTION.EXE (Sabiedrîba Tilde) O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKCU..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation) O4 - HKCU..\Run: [ScanSpyware] C:\Program Files\ScanSpyware v3.8.0.1\Scanner.exe (PC Security Center) O4 - HKCU..\Run: [Sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony) O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &Translate with Tilde Computer Dictionary - C:\Program Files\Tildes Birojs 2005\TDVLauncher.DLL () O8 - Extra context menu item: &Tulkot ar Tildes Datorvārdnīcu - C:\Program Files\Tildes Birojs 2005\TDVLauncher.DLL () O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: int.lan ([lv1msg02.am] https in Trusted sites) O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKCU\..Trusted Domains: mfa.gov.lv ([pasts] https in Trusted sites) O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://www.geni.com/ImageUploader5.cab (Image Uploader Control) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0) O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} hxxp://ax.emsisoft.com/emsisoft_webscan.cab (Emsisoft Web Malware Scan) O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab (EPUImageControl Class) O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1FF9E66F-9D0A-408E-8B29-31348A9B2ED0}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - File not found O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation) O24 - Desktop WallPaper: C:\Users\Seeigel\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Seeigel\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Autorun\Autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.05.18 19:58:05 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012.05.17 19:27:18 | 000,000,000 | ---D | C] -- C:\Users\Seeigel\AppData\Roaming\Malwarebytes [2012.05.17 19:26:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.05.17 19:26:54 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.05.17 19:26:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.05.17 19:26:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.05.16 01:38:49 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012.05.16 01:38:49 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012.05.16 01:28:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012.05.16 01:27:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2012.05.15 22:30:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2012.05.15 22:26:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012.05.15 22:23:58 | 000,637,848 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll [2012.05.15 22:23:58 | 000,224,136 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012.05.15 22:23:58 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2012.05.15 22:23:58 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe [2012.05.15 22:23:40 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012.05.15 22:02:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.05.15 18:39:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe(18) [2012.05.10 07:26:43 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2012.05.10 07:26:43 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2012.05.10 07:26:43 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2012.05.10 07:26:43 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2012.05.10 07:26:43 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2012.05.10 07:26:37 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2012.05.10 07:26:37 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2012.05.10 07:26:36 | 002,044,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012.05.01 08:05:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in [2012.05.01 08:05:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ========== Files - Modified Within 30 Days ========== [2012.05.21 21:36:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.05.21 21:32:00 | 000,000,956 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-90521188-4158982503-1986053845-1003UA.job [2012.05.21 21:23:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.05.21 21:16:10 | 000,000,474 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Seeigel.job [2012.05.21 20:13:09 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.05.21 20:13:09 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.05.21 18:15:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.05.21 18:15:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-90521188-4158982503-1986053845-1003Core.job [2012.05.21 18:12:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.05.18 19:19:59 | 000,000,198 | ---- | M] () -- C:\PSLOG [2012.05.18 19:17:26 | 3218,116,608 | -HS- | M] () -- C:\hiberfil.sys [2012.05.17 19:26:55 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.05.16 07:26:59 | 000,455,304 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.05.16 01:38:49 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012.05.16 01:38:49 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012.05.16 01:05:48 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.05.15 22:30:16 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2012.05.15 22:23:44 | 000,637,848 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll [2012.05.15 22:23:44 | 000,567,696 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll [2012.05.15 22:23:44 | 000,224,136 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012.05.15 22:23:44 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2012.05.15 22:23:44 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe [2012.05.15 22:12:31 | 000,684,246 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.05.15 22:12:31 | 000,651,938 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.05.15 22:12:31 | 000,153,848 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.05.15 22:12:31 | 000,125,892 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.05.15 22:02:13 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.05.15 08:38:50 | 000,001,356 | ---- | M] () -- C:\Users\Seeigel\AppData\Local\d3d9caps.dat [2012.05.14 20:01:42 | 000,720,888 | ---- | M] () -- C:\Users\Seeigel\Desktop\22+6.JPG [2012.05.08 19:53:50 | 000,137,928 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2012.05.08 19:53:50 | 000,083,392 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2012.05.08 07:38:16 | 000,713,851 | ---- | M] () -- C:\Users\Seeigel\Desktop\21+6b.JPG [2012.05.08 07:38:05 | 000,675,804 | ---- | M] () -- C:\Users\Seeigel\Desktop\21+6a.JPG ========== Files Created - No Company Name ========== [2012.05.17 19:26:55 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.05.16 07:26:37 | 000,455,304 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2012.05.16 01:38:50 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.05.15 22:30:16 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2012.05.15 22:30:16 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012.05.15 19:09:18 | 3218,116,608 | -HS- | C] () -- C:\hiberfil.sys [2012.05.14 20:01:42 | 000,720,888 | ---- | C] () -- C:\Users\Seeigel\Desktop\22+6.JPG [2012.05.08 07:38:16 | 000,713,851 | ---- | C] () -- C:\Users\Seeigel\Desktop\21+6b.JPG [2012.05.08 07:38:04 | 000,675,804 | ---- | C] () -- C:\Users\Seeigel\Desktop\21+6a.JPG ========== Alternate Data Streams ========== @Alternate Data Stream - 211 bytes -> C:\ProgramData\TEMP:D282699C < End of report > [/code] |
|
22.05.2012, 10:36
| #8 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-neinZitat:
 Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.05.2012, 18:17
| #9 |
| | Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein Danke für den Hinweis. Hoffentlich habe ich diesmal alles richtig gemacht. Hier der OTL Log OTL Logfile: Code:
ATTFilter OTL logfile created on: 2012.05.22. 18:41:12 - Run 2 OTL by OldTimer - Version 3.2.43.1 Folder = c:\Users\Seeigel\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000426 | Country: *** | Language: *** | Date Format: yyyy.MM.dd. 3,00 Gb Total Physical Memory | 1,11 Gb Available Physical Memory | 36,95% Memory free 6,20 Gb Paging File | 3,85 Gb Available in Paging File | 62,08% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 224,77 Gb Total Space | 147,39 Gb Free Space | 65,57% Space Free | Partition Type: NTFS Drive D: | 3,72 Gb Total Space | 2,34 Gb Free Space | 62,95% Space Free | Partition Type: FAT32 Computer Name: SEEIGEL-PC | User Name: Seeigel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - c:\Users\Seeigel\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Windows\System32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe (Adobe Systems Incorporated) PRC - C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Programme\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName}) PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) PRC - C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia) PRC - C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia) PRC - C:\Programme\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) PRC - C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\conime.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) PRC - C:\Programme\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation) PRC - C:\Windows\RTKAUDIOSERVICE.EXE (Realtek Semiconductor) PRC - C:\Programme\Sony\Network Utility\NSUService.exe (Sony Corporation) PRC - C:\Programme\Sony\Network Utility\LANUtil.exe (Sony Corporation) PRC - C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) PRC - C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Update 4\VAIOUpdt.exe (Sony Corporation) PRC - C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) PRC - C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) PRC - C:\Programme\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) PRC - C:\Programme\Tildes Birojs 2005\MDICTION.EXE (Sabiedrîba Tilde) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\75df548d77c2833a48c5da51424c93f1\System.IdentityModel.Selectors.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\32983e3f4c5c20053e6673f37a58a874\System.IdentityModel.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1619144e1a9eaca847e53b952b21820b\System.Runtime.Serialization.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\521fb04fdfbb0039a34cc91111d11804\SMDiagnostics.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\1dac5ff29f483e19c77b23b00ba533f9\System.ServiceModel.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\675632907c226b0c67a2407f2ddd4bf7\System.ServiceProcess.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ef684a2ee2f7276eec3973a0654d2bd4\System.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4d54640bacd18e047a4573cb4611bd3\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5d8696f15e49aedf883dd945806a7049\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll () MOD - C:\Programme\Google\Google Desktop Search\gzlib.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Programme\WinRAR\RarExt.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3020.36958__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3020.36966__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3020.36925__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3020.36980__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3020.37156__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3020.37121__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3020.37076__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3020.36945__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3020.37184__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3020.37129__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3020.37190__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3020.37135__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3020.36939__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3020.37128__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3020.37085__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3020.36992__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3020.36947__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3020.37148__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3020.36985__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3020.37100__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3020.37084__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3020.36997__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3020.37100__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3020.37078__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3020.37114__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3020.36998__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3020.37077__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3020.37084__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3020.37114__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.dll () MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll () MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2965.22300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2939.23740__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.3020.37169_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3020.36952__90ba9c70f846762e\CLI.Component.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3020.37169__90ba9c70f846762e\CLI.Component.Systemtray.dll () MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3020.37176__90ba9c70f846762e\MOM.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3020.37175__90ba9c70f846762e\LOG.Foundation.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3020.37200__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3020.37210__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3020.36917__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3020.36918__90ba9c70f846762e\CLI.Component.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3020.36932__90ba9c70f846762e\CLI.Component.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3020.37176__90ba9c70f846762e\CCC.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3020.36918__90ba9c70f846762e\ATIDEMOS.dll () MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3020.36916__90ba9c70f846762e\APM.Server.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3020.36917__90ba9c70f846762e\AEM.Server.dll () MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll () MOD - C:\Windows\assembly\GAC_MSIL\SPMCommon\3.1.0.6020__e3c7096ba83f9295\SPMCommon.dll () MOD - C:\Windows\assembly\GAC_MSIL\SPMDam\3.1.0.6020__1b3c579b6925895f\SPMDam.dll () MOD - C:\Windows\System32\atitmmxx.dll () MOD - C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll () MOD - C:\Programme\Tildes Birojs 2005\ld1062.dll () ========== Win32 Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (Sony PC Companion) -- C:\Programme\Sony\Sony PC Companion\PCCService.exe (Avanquest Software) SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation) SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (SQLWriter) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) SRV - (MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ) -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) SRV - (SQLBrowser) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) SRV - (MSSQLServerADHelper) -- C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation) SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (Microsoft Office Groove Audit Service) -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation) SRV - (VAIO Event Service) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) SRV - (RtkAudioService) -- C:\Windows\RTKAUDIOSERVICE.EXE (Realtek Semiconductor) SRV - (NSUService) -- C:\Programme\Sony\Network Utility\NSUService.exe (Sony Corporation) SRV - (VCFw) -- C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) SRV - (Vcsw) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe (Sony Corporation) SRV - (VzCdbSvc) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation) SRV - (SOHDms) -- C:\Programme\Sony\VAIO Media plus\SOHDms.exe (Sony Corporation) SRV - (SOHCImp) -- C:\Programme\Sony\VAIO Media plus\SOHCImp.exe (Sony Corporation) SRV - (SOHDs) -- C:\Programme\Sony\VAIO Media plus\SOHDs.exe (Sony Corporation) SRV - (SPTISRV) -- C:\Programme\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation) SRV - (MSCSPTISRV) -- C:\Programme\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation) SRV - (PACSPTISVR) -- C:\Programme\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation) SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) SRV - (BcmSqlStartupSvc) -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation) SRV - (IviRegMgr) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (UIUSys) -- system32\DRIVERS\UIUSYS.SYS File not found DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found DRV - (igfx) -- system32\DRIVERS\igdkmd32.sys File not found DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications) DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications) DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia) DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia) DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia) DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia) DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia) DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia) DRV - (WsAudio_DeviceS(1)) WsAudio_DeviceS(1) -- C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys (Wondershare) DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC) DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation) DRV - (risdptsk) -- C:\Windows\System32\drivers\risdptsk.sys (REDC) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation) DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation) DRV - (SFEP) -- C:\Windows\System32\drivers\SFEP.sys (Sony Corporation) DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.) DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo) DRV - (SE2Ebus) Sony Ericsson Device 046 Driver driver (WDM) -- C:\Windows\System32\drivers\SE2Ebus.sys (MCCI) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com IE - HKLM\..\SearchScopes,DefaultScope = {6C46687A-47DF-4C56-9E42-77258AB738EB} IE - HKLM\..\SearchScopes\{6C46687A-47DF-4C56-9E42-77258AB738EB}: "URL" = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta= IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com IE - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes] IE - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\..\SearchScopes,DefaultScope = {6C46687A-47DF-4C56-9E42-77258AB738EB} IE - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\..\SearchScopes\{6C46687A-47DF-4C56-9E42-77258AB738EB}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SNYK_de IE - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://127.0.0.1:4664/search&s=OhbH8nbOWyo3efD8e39YurKqHS8?q={searchTerms} IE - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Seeigel\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Seeigel\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Seeigel\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Web Player\npdivx32.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Seeigel\AppData\Local\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Seeigel\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Users\Seeigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: YouTube = C:\Users\Seeigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\ CHR - Extension: Google mekl\u0113\u0161ana = C:\Users\Seeigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\ CHR - Extension: Google mekl\u0113\u0161ana = C:\Users\Seeigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Gmail = C:\Users\Seeigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\ CHR - Extension: Gmail = C:\Users\Seeigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Programme\TechSmith\SnagIt 9\SnagItBHO.dll (TechSmith Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Google BAE\BAE.dll (Your Company Name) O2 - BHO: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programme\TechSmith\SnagIt 9\SnagItIEAddin.dll (TechSmith Corporation) O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found. O3 - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName}) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [CheckCU] C:\Programme\Tildes Birojs 2005\CheckCU.exe () O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MarketingTools] C:\Programme\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation) O4 - HKLM..\Run: [mdiction] C:\Programme\Tildes Birojs 2005\MDICTION.EXE (Sabiedrîba Tilde) O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-90521188-4158982503-1986053845-1003..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation) O4 - HKU\S-1-5-21-90521188-4158982503-1986053845-1003..\Run: [ScanSpyware] C:\Program Files\ScanSpyware v3.8.0.1\Scanner.exe (PC Security Center) O4 - HKU\S-1-5-21-90521188-4158982503-1986053845-1003..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O7 - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &Translate with Tilde Computer Dictionary - C:\Program Files\Tildes Birojs 2005\TDVLauncher.DLL () O8 - Extra context menu item: &Tulkot ar Tildes Datorvārdnīcu - C:\Program Files\Tildes Birojs 2005\TDVLauncher.DLL () O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\..Trusted Domains: int.lan ([lv1msg02.am] https in Trusted sites) O15 - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\..Trusted Domains: mfa.gov.lv ([pasts] https in Trusted sites) O15 - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://www.geni.com/ImageUploader5.cab (Image Uploader Control) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0) O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} hxxp://ax.emsisoft.com/emsisoft_webscan.cab (Emsisoft Web Malware Scan) O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab (EPUImageControl Class) O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1FF9E66F-9D0A-408E-8B29-31348A9B2ED0}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - File not found O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - VESWinlogon.dll (Sony Corporation) O24 - Desktop WallPaper: C:\Users\Seeigel\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Seeigel\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Autorun\Autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\Microsoft ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\Microsoft ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - C:\Windows\System32\Adobe ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: aux - wdmaud.drv (Microsoft Corporation) Drivers32: midi - wdmaud.drv (Microsoft Corporation) Drivers32: midimapper - midimap.dll (Microsoft Corporation) Drivers32: mixer - wdmaud.drv (Microsoft Corporation) Drivers32: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation) Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.msadpcm - msadp32.acm (Microsoft Corporation) Drivers32: msacm.msg711 - msg711.acm (Microsoft Corporation) Drivers32: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation) Drivers32: MSVideo8 - VfWWDM32.dll (Microsoft Corporation) Drivers32: vidc.cvid - iccvid.dll (Radius Inc.) Drivers32: VIDC.dvsd - C:\Programme\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation) Drivers32: vidc.i420 - iyuv_32.dll (Microsoft Corporation) Drivers32: VIDC.IYUV - iyuv_32.dll (Microsoft Corporation) Drivers32: vidc.mrle - msrle32.dll (Microsoft Corporation) Drivers32: vidc.msvc - msvidc32.dll (Microsoft Corporation) Drivers32: VIDC.UYVY - msyuv.dll (Microsoft Corporation) Drivers32: VIDC.YUY2 - msyuv.dll (Microsoft Corporation) Drivers32: VIDC.YVU9 - tsbyuv.dll (Microsoft Corporation) Drivers32: VIDC.YVYU - msyuv.dll (Microsoft Corporation) Drivers32: wave - wdmaud.drv (Microsoft Corporation) Drivers32: wavemapper - msacm32.drv (Microsoft Corporation) CREATERESTOREPOINT System Restore Service not available. ========== Files/Folders - Created Within 30 Days ========== [2012.05.18 19:58:05 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012.05.17 19:27:18 | 000,000,000 | ---D | C] -- C:\Users\Seeigel\AppData\Roaming\Malwarebytes [2012.05.17 19:26:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.05.17 19:26:54 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.05.17 19:26:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.05.17 19:26:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.05.16 01:28:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012.05.16 01:27:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2012.05.15 22:30:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2012.05.15 22:26:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012.05.15 22:23:40 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012.05.15 22:02:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.05.15 18:39:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe(18) [2012.05.01 08:05:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in [2012.05.01 08:05:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ========== Files - Modified Within 30 Days ========== [2012.05.22 18:36:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.05.22 18:32:04 | 000,000,956 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-90521188-4158982503-1986053845-1003UA.job [2012.05.22 18:28:35 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.05.22 18:27:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.05.22 07:36:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.05.22 07:32:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-90521188-4158982503-1986053845-1003Core.job [2012.05.22 07:21:33 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.05.22 07:21:29 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.05.21 21:16:10 | 000,000,474 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Seeigel.job [2012.05.18 19:19:59 | 000,000,198 | ---- | M] () -- C:\PSLOG [2012.05.18 19:17:26 | 3218,116,608 | -HS- | M] () -- C:\hiberfil.sys [2012.05.17 19:26:55 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.05.16 07:26:59 | 000,455,304 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.05.16 01:05:48 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.05.15 22:30:16 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2012.05.15 22:12:31 | 000,684,246 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.05.15 22:12:31 | 000,651,938 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.05.15 22:12:31 | 000,153,848 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.05.15 22:12:31 | 000,125,892 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.05.15 22:02:13 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.05.15 08:38:50 | 000,001,356 | ---- | M] () -- C:\Users\Seeigel\AppData\Local\d3d9caps.dat [2012.05.14 20:01:42 | 000,720,888 | ---- | M] () -- C:\Users\Seeigel\Desktop\22+6.JPG [2012.05.08 19:53:50 | 000,137,928 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2012.05.08 19:53:50 | 000,083,392 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2012.05.08 07:38:16 | 000,713,851 | ---- | M] () -- C:\Users\Seeigel\Desktop\21+6b.JPG [2012.05.08 07:38:05 | 000,675,804 | ---- | M] () -- C:\Users\Seeigel\Desktop\21+6a.JPG ========== Files Created - No Company Name ========== [2012.05.17 19:26:55 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.05.16 07:26:37 | 000,455,304 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2012.05.16 01:38:50 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.05.15 22:30:16 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2012.05.15 22:30:16 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012.05.15 19:09:18 | 3218,116,608 | -HS- | C] () -- C:\hiberfil.sys [2012.05.14 20:01:42 | 000,720,888 | ---- | C] () -- C:\Users\Seeigel\Desktop\22+6.JPG [2012.05.08 07:38:16 | 000,713,851 | ---- | C] () -- C:\Users\Seeigel\Desktop\21+6b.JPG [2012.05.08 07:38:04 | 000,675,804 | ---- | C] () -- C:\Users\Seeigel\Desktop\21+6a.JPG ========== LOP Check ========== [2009.01.17 15:19:06 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\InterVideo [2012.03.11 16:20:57 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Marine Aquarium 3 [2010.04.13 22:00:23 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Maxthon2 [2012.05.18 21:21:55 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\MxBoost [2010.07.09 19:39:18 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Nokia [2009.09.24 17:56:50 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\PC Suite [2012.05.18 07:46:56 | 000,032,514 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2012.05.15 22:32:07 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Adobe [2008.12.24 19:12:08 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\ArcSoft [2008.08.12 05:13:41 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\ATI [2011.10.19 23:41:31 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Avira [2010.07.18 23:50:56 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\DivX [2010.08.05 07:37:02 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\dvdcss [2008.12.24 19:07:22 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Google [2008.01.21 03:43:07 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Identities [2008.08.12 04:27:41 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\InstallShield [2009.01.17 15:19:06 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\InterVideo [2008.08.12 04:45:51 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Macromedia [2012.05.17 19:27:18 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Malwarebytes [2012.03.11 16:20:57 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Marine Aquarium 3 [2010.04.13 22:00:23 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Maxthon2 [2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Media Center Programs [2012.05.15 22:32:07 | 000,000,000 | --SD | M] -- C:\Users\Seeigel\AppData\Roaming\Microsoft [2012.05.18 21:21:55 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\MxBoost [2010.07.09 19:39:18 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Nokia [2009.09.24 17:56:50 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\PC Suite [2011.12.30 14:47:52 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Skype [2011.12.30 14:01:25 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\skypePM [2009.01.26 19:13:56 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Sony Corporation [2010.07.22 21:36:00 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\vlc [2009.02.03 20:06:49 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\WinRAR < %APPDATA%\*.exe /s > [2010.04.01 06:45:32 | 003,761,560 | ---- | M] (Maxthon International ltd.) -- C:\Users\Seeigel\AppData\Roaming\Maxthon2\Maxthon.exe [2009.06.30 04:22:00 | 000,078,136 | ---- | M] () -- C:\Users\Seeigel\AppData\Roaming\Maxthon2\maxupdate.exe [2010.03.08 07:13:12 | 000,345,512 | ---- | M] (Maxthon International ltd.) -- C:\Users\Seeigel\AppData\Roaming\Maxthon2\Mx2UnInstall.exe [2010.04.01 06:45:26 | 000,148,888 | ---- | M] (Maxthon International ltd.) -- C:\Users\Seeigel\AppData\Roaming\Maxthon2\MxCrashReport.exe [2009.12.04 14:22:46 | 000,673,024 | ---- | M] (Maxthon International ltd.) -- C:\Users\Seeigel\AppData\Roaming\Maxthon2\Modules\MxDownloader\MxDownloadServer.exe [2009.12.23 07:27:38 | 000,181,656 | ---- | M] (Maxthon International ltd.) -- C:\Users\Seeigel\AppData\Roaming\Maxthon2\Modules\MxUpdate\MxUp.exe [2010.09.16 01:37:33 | 006,894,720 | ---- | M] (Maxthon International ltd.) -- C:\Users\Seeigel\AppData\Roaming\Maxthon2\Temp\MxSetup.exe [2008.08.12 04:39:49 | 000,010,134 | R--- | M] () -- C:\Users\Seeigel\AppData\Roaming\Microsoft\Installer\{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}\ARPPRODUCTICON.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys [2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: IASTOR.SYS > [2008.04.22 02:20:41 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\Drivers\INF\SATA Driver (Intel) (Non-RAID)\IaStor.sys [2008.04.22 02:20:41 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\drivers\iaStor.sys [2008.04.22 02:20:41 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_77c04a30\iaStor.sys [2008.04.22 02:20:41 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_054cd65f\iaStor.sys < MD5 for: IASTORV.SYS > [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll [2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll < MD5 for: NVSTOR.SYS > [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys < MD5 for: SCECLI.DLL > [2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll [2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll < MD5 for: USER32.DLL > [2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll [2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll [2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll < MD5 for: USERINIT.EXE > [2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe < MD5 for: WININIT.EXE > [2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe [2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe < MD5 for: WINLOGON.EXE > [2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < MD5 for: WS2IFSL.SYS > [2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys [2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2008.07.09 02:05:14 | 000,372,736 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 211 bytes -> C:\ProgramData\TEMP:D282699C < End of report > |
|
22.05.2012, 19:26
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!! Code:
ATTFilter :OTL
IE - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=OhbH8nbOWyo3efD8e39YurKqHS8?q={searchTerms}
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O3 - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Autorun\Autorun.exe
@Alternate Data Stream - 211 bytes -> C:\ProgramData\TEMP:D282699C
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.05.2012, 20:36
| #11 |
| | Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein Schöne Sch**** Hab in der Zwischenzeit Avira Scanner laufen lassen und er hat 2 Funde entdeckt. Es handelt sich offenbar um EXP/CVE-2012-0507.AX Lohnt es sich noch den OTL-Fix durchzuführen oder ist mein PC endgültig versifft? Hier der Avira Log Code:
ATTFilter Avira Free Antivirus
Erstellungsdatum der Reportdatei: Dienstag, 22. Mai 2012 19:40
Es wird nach 3727264 Virenstämmen gesucht.
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira AntiVir Personal - Free Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows Vista (TM) Home Premium
Windowsversion : (Service Pack 2) [6.0.6002]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : SEEIGEL-PC
Versionsinformationen:
BUILD.DAT : 12.0.0.1125 41829 Bytes 2012.05.02. 16:34:00
AVSCAN.EXE : 12.3.0.15 466896 Bytes 2012.05.08. 17:53:49
AVSCAN.DLL : 12.3.0.15 66256 Bytes 2012.05.08. 17:53:49
LUKE.DLL : 12.3.0.15 68304 Bytes 2012.05.08. 17:53:49
AVSCPLR.DLL : 12.3.0.14 97032 Bytes 2012.05.08. 17:53:50
AVREG.DLL : 12.3.0.17 232200 Bytes 2012.05.11. 05:12:40
VBASE000.VDF : 7.10.0.0 19875328 Bytes 2009.11.06. 18:18:34
VBASE001.VDF : 7.11.0.0 13342208 Bytes 2010.12.14. 09:07:39
VBASE002.VDF : 7.11.19.170 14374912 Bytes 2011.12.20. 08:24:30
VBASE003.VDF : 7.11.21.238 4472832 Bytes 2012.02.01. 10:51:40
VBASE004.VDF : 7.11.26.44 4329472 Bytes 2012.03.28. 17:57:32
VBASE005.VDF : 7.11.29.136 2166272 Bytes 2012.05.10. 05:12:36
VBASE006.VDF : 7.11.29.137 2048 Bytes 2012.05.10. 05:12:36
VBASE007.VDF : 7.11.29.138 2048 Bytes 2012.05.10. 05:12:36
VBASE008.VDF : 7.11.29.139 2048 Bytes 2012.05.10. 05:12:36
VBASE009.VDF : 7.11.29.140 2048 Bytes 2012.05.10. 05:12:36
VBASE010.VDF : 7.11.29.141 2048 Bytes 2012.05.10. 05:12:36
VBASE011.VDF : 7.11.29.142 2048 Bytes 2012.05.10. 05:12:36
VBASE012.VDF : 7.11.29.143 2048 Bytes 2012.05.10. 05:12:36
VBASE013.VDF : 7.11.29.144 2048 Bytes 2012.05.10. 05:12:36
VBASE014.VDF : 7.11.30.3 198144 Bytes 2012.05.14. 17:22:20
VBASE015.VDF : 7.11.30.69 186368 Bytes 2012.05.17. 17:22:45
VBASE016.VDF : 7.11.30.143 223744 Bytes 2012.05.21. 16:28:29
VBASE017.VDF : 7.11.30.144 2048 Bytes 2012.05.21. 16:28:29
VBASE018.VDF : 7.11.30.145 2048 Bytes 2012.05.21. 16:28:30
VBASE019.VDF : 7.11.30.146 2048 Bytes 2012.05.21. 16:28:30
VBASE020.VDF : 7.11.30.147 2048 Bytes 2012.05.21. 16:28:30
VBASE021.VDF : 7.11.30.148 2048 Bytes 2012.05.21. 16:28:30
VBASE022.VDF : 7.11.30.149 2048 Bytes 2012.05.21. 16:28:30
VBASE023.VDF : 7.11.30.150 2048 Bytes 2012.05.21. 16:28:31
VBASE024.VDF : 7.11.30.151 2048 Bytes 2012.05.21. 16:28:31
VBASE025.VDF : 7.11.30.152 2048 Bytes 2012.05.21. 16:28:31
VBASE026.VDF : 7.11.30.153 2048 Bytes 2012.05.21. 16:28:31
VBASE027.VDF : 7.11.30.154 2048 Bytes 2012.05.21. 16:28:31
VBASE028.VDF : 7.11.30.155 2048 Bytes 2012.05.21. 16:28:31
VBASE029.VDF : 7.11.30.156 2048 Bytes 2012.05.21. 16:28:31
VBASE030.VDF : 7.11.30.157 2048 Bytes 2012.05.21. 16:28:31
VBASE031.VDF : 7.11.30.182 50688 Bytes 2012.05.22. 16:28:32
Engineversion : 8.2.10.68
AEVDF.DLL : 8.1.2.2 106868 Bytes 2011.10.25. 17:50:06
AESCRIPT.DLL : 8.1.4.19 455034 Bytes 2012.05.11. 05:12:40
AESCN.DLL : 8.1.8.2 131444 Bytes 2012.01.27. 10:33:50
AESBX.DLL : 8.2.5.5 606579 Bytes 2012.03.12. 17:38:05
AERDL.DLL : 8.1.9.15 639348 Bytes 2011.09.08. 21:16:06
AEPACK.DLL : 8.2.16.13 807287 Bytes 2012.05.11. 05:12:40
AEOFFICE.DLL : 8.1.2.28 201082 Bytes 2012.04.30. 04:36:29
AEHEUR.DLL : 8.1.4.28 4800886 Bytes 2012.05.16. 17:22:45
AEHELP.DLL : 8.1.21.0 254326 Bytes 2012.05.11. 05:12:37
AEGEN.DLL : 8.1.5.28 422260 Bytes 2012.04.30. 04:36:15
AEEXP.DLL : 8.1.0.40 82292 Bytes 2012.05.16. 17:22:45
AEEMU.DLL : 8.1.3.0 393589 Bytes 2011.09.01. 21:46:01
AECORE.DLL : 8.1.25.6 201078 Bytes 2012.03.15. 18:08:08
AEBB.DLL : 8.1.1.0 53618 Bytes 2011.09.01. 21:46:01
AVWINLL.DLL : 12.3.0.15 27344 Bytes 2012.05.08. 17:53:48
AVPREF.DLL : 12.3.0.15 51920 Bytes 2012.05.08. 17:53:49
AVREP.DLL : 12.3.0.15 179208 Bytes 2012.05.08. 17:53:50
AVARKT.DLL : 12.3.0.15 211408 Bytes 2012.05.08. 17:53:49
AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 2012.05.08. 17:53:49
SQLITE3.DLL : 3.7.0.1 398288 Bytes 2012.05.08. 17:53:49
AVSMTP.DLL : 12.3.0.15 63440 Bytes 2012.05.08. 17:53:49
NETNT.DLL : 12.3.0.15 17104 Bytes 2012.05.08. 17:53:49
RCIMAGE.DLL : 12.3.0.15 4447952 Bytes 2012.05.08. 17:53:48
RCTEXT.DLL : 12.3.0.15 98512 Bytes 2012.05.08. 17:53:48
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\program files\avira\antivir desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: ignorieren
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: ein
Optimierter Suchlauf..................: ein
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Abweichende Gefahrenkategorien........: +APPL,+GAME,+JOKE,+PCK,+PFS,+SPR,
Beginn des Suchlaufs: Dienstag, 22. Mai 2012 19:40
Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
[INFO] Es wurde kein Virus gefunden!
Masterbootsektor HD1
[INFO] Es wurde kein Virus gefunden!
Masterbootsektor HD2
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf nach versteckten Objekten wird begonnen.
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'UpdateTask.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'iexplore.exe' - '136' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashUtil32_11_2_202_235_ActiveX.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'iexplore.exe' - '144' Modul(e) wurden durchsucht
Durchsuche Prozess 'iexplore.exe' - '139' Modul(e) wurden durchsucht
Durchsuche Prozess 'iexplore.exe' - '137' Modul(e) wurden durchsucht
Durchsuche Prozess 'iexplore.exe' - '96' Modul(e) wurden durchsucht
Durchsuche Prozess 'NclRSSrv.exe' - '15' Modul(e) wurden durchsucht
Durchsuche Prozess 'NclUSBSrv.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'ServiceLayer.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'conime.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'CCC.exe' - '142' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '99' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleDesktop.exe' - '92' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnscfg.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleToolbarNotifier.exe' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'LANUtil.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamgui.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'Updater.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmdSync.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'NokiaMServer.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'MOM.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'MDICTION.EXE' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'GrooveMonitor.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'MarketingTools.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleDesktop.exe' - '96' Modul(e) wurden durchsucht
Durchsuche Prozess 'ISBMgr.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynTPEnh.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'MSASCui.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamservice.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCSW.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'AVWEBGRD.EXE' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'SPMgr.exe' - '88' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'VAIOUpdt.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'xaudio.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'VESMgrSub.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'VzCdbSvc.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCFw.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'SPMService.exe' - '94' Modul(e) wurden durchsucht
Durchsuche Prozess 'VESMgr.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'sqlwriter.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'sqlbrowser.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'RegSrvc.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'NSUService.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'iviRegMgr.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'EvtEng.exe' - '85' Modul(e) wurden durchsucht
Durchsuche Prozess 'BcmSqlStartupSvc.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '90' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLANExt.exe' - '87' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '100' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '173' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'Ati2evxx.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'RtkAudioService.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '86' Modul(e) wurden durchsucht
Durchsuche Prozess 'SLsvc.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '157' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '116' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'Ati2evxx.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Untersuchung der Systemdateien wird begonnen:
Signiert -> 'C:\Windows\system32\svchost.exe'
Signiert -> 'C:\Windows\system32\winlogon.exe'
Signiert -> 'C:\Windows\explorer.exe'
Signiert -> 'C:\Windows\system32\smss.exe'
Signiert -> 'C:\Windows\system32\wininet.DLL'
Signiert -> 'C:\Windows\system32\wsock32.DLL'
Signiert -> 'C:\Windows\system32\ws2_32.DLL'
Signiert -> 'C:\Windows\system32\services.exe'
Signiert -> 'C:\Windows\system32\lsass.exe'
Signiert -> 'C:\Windows\system32\csrss.exe'
Signiert -> 'C:\Windows\system32\drivers\kbdclass.sys'
Signiert -> 'C:\Windows\system32\spoolsv.exe'
Signiert -> 'C:\Windows\system32\alg.exe'
Signiert -> 'C:\Windows\system32\wuauclt.exe'
Signiert -> 'C:\Windows\system32\advapi32.DLL'
Signiert -> 'C:\Windows\system32\user32.DLL'
Signiert -> 'C:\Windows\system32\gdi32.DLL'
Signiert -> 'C:\Windows\system32\kernel32.DLL'
Signiert -> 'C:\Windows\system32\ntdll.DLL'
Signiert -> 'C:\Windows\system32\ntoskrnl.exe'
Signiert -> 'C:\Windows\system32\ctfmon.exe'
Die Systemdateien wurden durchsucht ('21' Dateien)
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '2527' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\'
C:\Program Files\WinRAR\rarnew.dat
[WARNUNG] Das Archiv ist unbekannt oder defekt
C:\Users\Seeigel\avira_free_antivirus_de.exe
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\05F33C45E3ED18A07929732FF2459B82.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\0AD63133711A935712128033F590C544.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\13A8A2ACCDC05B4F8ACAFE78086668A3.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\157EBB867B9034EA4BA2231A8F491539.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\19B969A67E6385D141621CD3BC8A480B.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\36783810FB379E099576519E80001E07.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\369679B3CE6BFAD5FB3E9296CBBE7115.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\371A74F2049D3607DA195F2E2E0115AE.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\3A457BAA50B205A2B29E5540C24A743E.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\43D48D11D3BBFC6949D2E6119E1956A0.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\45D16E1F1CC84CC3DCD7BD04AA15474F.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\486734D32D4E5ED3F53358DAFB648AC4.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\52C0C192E52345519B764B47C2C4DA51.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\56112427BE2D17EFC1DA4979ECA26D28.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\599EA219442D485FFA0121CA351813E4.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\5A9DBDC40B357F1C0E3EE16AD39B2A8F.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\5EC643B694FA7419EADD270839CC29F4.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\63191EF3119A8B5CFDB3CB5DEDC953CE.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\632AD0874E720DBCBBE497222EA4627F.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\667FF57840634106C370D33163742EAE.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\6839BEDDBC90389E3712B5D144771B38.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\6A9D6D6C3C5A7D99502D91B8581034C1.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\6F4357C63FC5EB01892A045AC5A1A58D.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\704039EB62CD8A8C5B3CD0E7D50EA640.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\72540D7EE1AEB2B4DCABB8BE86ADC898.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\7680BBE5596B8E9F2E77A0592CA20BC2.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\81D50DE056EFFF54D9B813318E02CC6D.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\81F524DD991F7AB5CE9030206E141D43.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\95A6FB92D539D19817B08763D5A815C3.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\9960E8F4DAC170AB1C3FB708FADED47F.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\9F9767B76CDC78256C8AE04D0A1EFF60.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\A633A3189DFA85A82FE343BA86A7BCA1.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\A7FE6B222D9BD5B81571658B0F6CE53F.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\A901889E408C1A06E386DC27946F2134.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\B3FF7BEE61C8D87C3A8BEFFA87A443DB.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\B7AE27BFB1AC098CD044ACFFDB78B39B.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\B99F07053D57B973A92C49BF3CD9E148.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\BF153F7DE4D05CB9419870D10C04D964.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\C38C1B669BB15D030D6D0FD7BEA496EA.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\C9AF9E1886D4D0FD166F69FD37E793CD.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\D32E2395DF947026E38AF9479B9C19B8.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\DA7B3859183F1F45308D5E0AF2AC3920.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\E3ED64A2D30848E43E06C87B1B53E0FD.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\E984FEEC4B3DEF2EAF3CA0B783C51FF4.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\F2190DE1D9927A0BA6842CAB9C0A3DA1.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\F7EA9B053267800B01F51B2E96527DFB.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\FAF1FBDF744F8C1349FE5B24B75E5820.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\08DC925D65D37A1E5E720513BFB5F2B1.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\0B32406C4EC31D4FE754EE05F9A0E5D1.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\0BBBF39F12908A92FE986E7970A5E6B1.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\15F391575141D2493465DF7136A9E8EE.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\16608724B61CA30DF037CB9CA6F9E46A.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\1B035350D2954904D20A35C665E2AA6D.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\24425CC3A1E644576F687DEC5CF680D4.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\2EDCF5791FA136F0105A9DB6C61750DF.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\3619E98DF666C73B3AA5E4CB2160F427.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\3F2C6437DACB7DC23FF3E8781126D95C.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\41652B55D5193D8F013F51323FE0B00B.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\4BDA9B1D055BB53BA7C4455376A38285.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\4E92DCCC4EDDD4F9DD71DF7C95077D7A.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\5A384048C699CB588B5C9FA7F49A9408.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\5A6CCCF57E166563F5005E0FABD591DC.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\5CAF1ED9DC311777E1E9595E9A5908A6.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\7A9634AC7D2DBA7B40AEC636A13FEE23.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\7E5E15DF164A94B951170A4B4CD604F1.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\80F8183A5BE37D391959B203D0DE8ECF.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\816D261E5B496D2A287DB0164D1EE9F3.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\823846F4129CF95DE98CD7CCC5186F63.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\83B82B58179BE12EE1B2D481BADDCDC9.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\85163600F3D414235A608898F05930B6.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\86D319BB9068F4615B8E34069C31641A.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\8858E7CB91CD5BE8B5790056478D0485.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\8BE6E2038B92957B595464B0845C4E4F.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\8C0D339A2A7B530E1A51C7851F4389CD.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\99C0ACCBEFE07338B147777B194DE87B.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\99ED84B5AC254D59891600144E36BA88.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\9A3631E84ED683D28982626A97009E99.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\A1AAEEAAFF8C3741B0AA619DD8124CCA.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\ABB943EA98BB6EFCD95D1876272D05FE.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\BA2DC8FE60FB6FC46446C14704D11202.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\CC2DD26DD56024673BEA7146C3F0EC8A.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\CC969CAF124CB80845468755C95FA463.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\CF966079B2B181C40A6B310E781AFDF2.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\D1E03B67B0074042F43B7DB7573EBA5E.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\D38C83195C5C3CE3A0F40B363FA434C0.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\D3C57E6BF2A07BF4AFAB23209D68E070.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\D6056AB98165F64B077DD7FC6C0E0D9E.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\E4D97F48D79F81EE9060C950FEE5FB4A.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\EC032D639919EC7B5136A6CCB2E7DDCF.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\F08232CAC76C15906EA099B0F97065BD.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\F0E772764F3B3BDDFFD5BB34FBF2E8FE.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\F478CF8F7BE66515178046DE1EE3B735.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\F5CA30B4DF8909C71A736DF93189E659.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\F9A25C38EB2E67A2C5A27E53250038BC.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\02A771C81BFCFE96FCD64EF456E57B87.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\0E65442A8B2543F14C039A7F6211CFA2.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\0E89413B24362059681230E46A31638F.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\12DE6FB70F7D6DE1D0C61AC16E0E0F1B.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\22BD46E6B80785D57C910BA74C501BE8.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\22E2CCD748C9D738BD33B01DCC1A409A.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\2D8C4378B055692FC45C2F7A324D8796.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\2E48E1381B5034968469F80ABF59A673.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\338D233ED35F5DFFD29F82C4B3FC66EC.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\34DAE2C6561049DC60EB8C30E37AAB9E.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\3594BACE2FF1B5B77572700A14C5A12E.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\3A3DD2616A5EF1F1CF32F6AA4342AD18.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\3F29B5E30BAAA30E01475C6FA0BCB4D1.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\41326415CB23D6108C79FAA8084EAB2F.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\4C797D04125DCFC7057FB3C20032D89D.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\52376A71BED8CA2B4173C7B8A6F644A3.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\5392D58AB99648299F6E4267E3DF39D3.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\556E85AAC48591DDA6CC21C59D25DF14.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\6D26E9262442A8C2E0200ED752BD03BF.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\6F096D9307C2C171F90BB81074DA4412.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\6F0C0C691CFDD2053A7DBDCF725F4064.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\74F278D84B80049BF685464757CDA786.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\75600C381324A459B8C591094724228E.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\782689F241225C30734C8786BD860923.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\7C7227FA4CB4CD1CB09DE9DC2334FC51.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\7F4A6EF3E34F89302F4E93A3B41D75B6.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\866FB36720BE3A0FD1989ED2D146E644.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\8C17EA6D4CD7787177C416D4ABF5D930.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\98ED91BD502B86CCE32D2FDD1F8DEB76.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\99AD5B5A1FFA9DD4543E9669C538FFFA.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\9B122978030FEB48F471C5CAE29DF2A5.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\A08A90E7CB20C12AB13885A150323337.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\AE80B3CDBA8B4C671A8D88C41BA04307.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\B152E529DE6D00499321C928ACE5BEAB.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\BECAC13A878A67EED4E0FDD51BE91937.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\C069AAE701EC592F36F92338D20AAAAA.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\CA645B75CFBC89FAF3531C40EC4619BD.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\CF722E44C3888EDAA55BF2FECABE514C.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\DAB1782B31E783149F6836ED3E08EC41.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\E370078990470651F62077ADDC41BC08.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\E463207BC1808F240BF4C7D1DE8E0D32.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\E662D549052480B12239BBFF5A435316.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\E785E81FA3EDE8669CA7FC719606D08C.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\E7F94E51F4110A36FCC77CF060E21F06.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\E8EF8DC3215D403A8471C1A53146A15F.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\ECD316FA28FE9A8087DCE972CCF51089.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\0467984D893A9A7BAE5CFFC380036ACC.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\0F356F2590139C5C51DA5F793514C522.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\10F73B1E5DA7CBFDFD9A1901409C353F.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\1957B8D1E29A8756930B78EF3F9418D4.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\20E5FE7F27BF46E071E7781BE845060D.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\2CF9A154EC58860F10CA2EA14E414C0C.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\403DC754BE42CA371629D4BB14EC5C64.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\417D55C734D63A87B67564237A1A83A7.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\42E05DA9CBEE72B8B06D79E5B9CBB358.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\46BDB65F08EAD8C01ED345FAD2C9F3D0.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\4A9F834EEBE33F53CDEB65195C66EEB3.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\50209A97843156DF97B0F18A0174367A.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\53D1D501BC8C9F5EFDD6D98A3948CDC4.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\575E304AB4E3257FA15F7F3D20C00EC0.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\5B9FF09C9025BDF8A9BEE2693A0B36A8.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\5E2339F557AB7A2D9F224A48A4B16E80.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\67E285F87E9E78AA8B5C6DF7AFF297BA.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\6BF1A606FA0FE940F3FF479E90091BF7.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\70BC7560BF3664EFC5246781481A53EF.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\731485191A4C7257A5007BA8F9AEB0D0.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\7778FE66042837F268B6EF0C7B0F9CF8.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\7B197E35B4995B0F0098A69861BD7974.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\7D5BACF9657DFB161533C53D50E3D306.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\81A208C04923ACAF6EBCDAEB0ED0AEC8.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\8FE69A3536C4D39DF67F1946367C0DEB.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\917E45338A68E3F6C82F3634B4FF7395.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\92A4134F1F3AF1DBD3858A6AD551E48C.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\94852BBF2CE4790A4BCC6DEA3F0EDB4A.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\9D7C844792AA395AEA3BE58AC21390B3.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\9F03B6FD6B2CA0B040C0E7901B60E04D.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\AE42C94CBB138B7E6A63D0ADE8A90128.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\C1FC34FD390C64B129EA4666C20C2E87.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\C69703C7920E0C812CB38C8CC3981BB7.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\C74C7FAC3E717CAA9EC8756796D2DE0D.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\CEC4B0C245FB77773B06EF46CE9AFCC2.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\CF2D95FC2897590B3030D6CD6CC48C2C.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\D129FA510C66B0A19FB92B0D7690B5CA.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\D2D74259944E9F7028B7600D9B32FFDA.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\D70B2C591EF34010C9D2AEC19EFB087E.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\D892328D4D434424E2F8A656007C89C5.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\DAB1AD7F05759259BCD6DC9FDB114CBF.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\E26075C861A2508267835DB7B020D9E3.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\E72EB2A787FE0B5822298A014B1F9F6E.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\E8E574B4369AA79C57E4F33AB15065D1.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\E988AFBCA45E20067F18CCCD92458C71.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\FAD8C9F7FEAE0B88C9F7779D6BBA2DF2.zip[1].dat
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Temp\jar_cache643409545496383150.tmp
[0] Archivtyp: ZIP
[HINWEIS] Eine Sicherungskopie wurde unter dem Namen 56337d24.qua erstellt ( QUARANTÄNE )
--> expl3it/hpss.class
[FUND] Enthält Erkennungsmuster des Exploits EXP/CVE-2012-0507.AX
C:\Users\Seeigel\AppData\Local\Temp\jar_cache7808269618175213824.tmp
[0] Archivtyp: ZIP
[HINWEIS] Eine Sicherungskopie wurde unter dem Namen 4ea45283.qua erstellt ( QUARANTÄNE )
--> expl3it/hpss.class
[FUND] Enthält Erkennungsmuster des Exploits EXP/CVE-2012-0507.AX
C:\Users\Seeigel\Downloads\avira_free_antivirus_de.exe
[WARNUNG] Die Datei ist kennwortgeschützt
Ende des Suchlaufs: Dienstag, 22. Mai 2012 21:25
Benötigte Zeit: 1:44:24 Stunde(n)
Der Suchlauf wurde vollständig durchgeführt.
25988 Verzeichnisse wurden überprüft
605729 Dateien wurden geprüft
2 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
2 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
605727 Dateien ohne Befall
3328 Archive wurden durchsucht
189 Warnungen
2 Hinweise
657205 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden
|
|
22.05.2012, 20:40
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein mach bitte den OTL-Fix
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.05.2012, 21:08
| #13 |
| | Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein Danke für die rasche Antwort. Alles erledigt. Hier der Log: Code:
ATTFilter All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-90521188-4158982503-1986053845-1003\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Programme\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-90521188-4158982503-1986053845-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3}\ not found.
Registry value HKEY_USERS\S-1-5-21-90521188-4158982503-1986053845-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully.
C:\Programme\Ask.com\Updater\Updater.exe moved successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ deleted successfully.
File G:\Autorun\Autorun.exe not found.
ADS C:\ProgramData\TEMP:D282699C deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 16384 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 198 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Seeigel
->Temp folder emptied: 140975788 bytes
->Temporary Internet Files folder emptied: 259555948 bytes
->Java cache emptied: 85189317 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 13616 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1676334 bytes
RecycleBin emptied: 70996 bytes
Total Files Cleaned = 465,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Seeigel
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.43.1 log created on 05222012_215829
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
|
|
22.05.2012, 21:36
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.05.2012, 06:23
| #15 |
| | Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein Morgen! Erledigt. Und bei "verdächtigen" Skip geklickt. Hier der Log: Code:
ATTFilter 07:10:46.0052 4676 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
07:10:47.0062 4676 ============================================================
07:10:47.0062 4676 Current date / time: 2012/05/23 07:10:47.0062
07:10:47.0062 4676 SystemInfo:
07:10:47.0062 4676
07:10:47.0063 4676 OS Version: 6.0.6002 ServicePack: 2.0
07:10:47.0063 4676 Product type: Workstation
07:10:47.0063 4676 ComputerName: SEEIGEL-PC
07:10:47.0063 4676 UserName: Seeigel
07:10:47.0063 4676 Windows directory: C:\Windows
07:10:47.0063 4676 System windows directory: C:\Windows
07:10:47.0064 4676 Processor architecture: Intel x86
07:10:47.0064 4676 Number of processors: 2
07:10:47.0064 4676 Page size: 0x1000
07:10:47.0064 4676 Boot type: Normal boot
07:10:47.0064 4676 ============================================================
07:10:47.0702 4676 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
07:10:47.0717 4676 Drive \Device\Harddisk1\DR1 - Size: 0xEE200000 (3.72 Gb), SectorSize: 0x200, Cylinders: 0x1E3CF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x1, Type 'W'
07:10:47.0719 4676 ============================================================
07:10:47.0719 4676 \Device\Harddisk0\DR0:
07:10:47.0719 4676 MBR partitions:
07:10:47.0719 4676 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1038800, BlocksNum 0x1C18C970
07:10:47.0719 4676 \Device\Harddisk1\DR1:
07:10:47.0720 4676 MBR partitions:
07:10:47.0720 4676 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x771000
07:10:47.0720 4676 ============================================================
07:10:47.0753 4676 C: <-> \Device\Harddisk0\DR0\Partition0
07:10:47.0754 4676 ============================================================
07:10:47.0754 4676 Initialize success
07:10:47.0754 4676 ============================================================
07:11:27.0166 4652 ============================================================
07:11:27.0167 4652 Scan started
07:11:27.0167 4652 Mode: Manual; SigCheck; TDLFS;
07:11:27.0167 4652 ============================================================
07:11:27.0858 4652 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
07:11:28.0124 4652 ACPI - ok
07:11:28.0338 4652 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
07:11:28.0369 4652 AdobeARMservice - ok
07:11:28.0491 4652 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
07:11:28.0526 4652 AdobeFlashPlayerUpdateSvc - ok
07:11:28.0624 4652 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
07:11:28.0679 4652 adp94xx - ok
07:11:28.0721 4652 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
07:11:28.0762 4652 adpahci - ok
07:11:28.0787 4652 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
07:11:28.0823 4652 adpu160m - ok
07:11:28.0860 4652 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
07:11:28.0901 4652 adpu320 - ok
07:11:28.0973 4652 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
07:11:29.0087 4652 AeLookupSvc - ok
07:11:29.0174 4652 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
07:11:29.0251 4652 AFD - ok
07:11:29.0321 4652 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
07:11:29.0353 4652 agp440 - ok
07:11:29.0426 4652 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
07:11:29.0464 4652 aic78xx - ok
07:11:29.0491 4652 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
07:11:29.0674 4652 ALG - ok
07:11:29.0751 4652 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
07:11:29.0782 4652 aliide - ok
07:11:29.0855 4652 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
07:11:29.0886 4652 amdagp - ok
07:11:29.0925 4652 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
07:11:29.0956 4652 amdide - ok
07:11:30.0024 4652 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
07:11:30.0110 4652 AmdK7 - ok
07:11:30.0136 4652 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
07:11:30.0246 4652 AmdK8 - ok
07:11:30.0407 4652 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files\Avira\AntiVir Desktop\sched.exe
07:11:30.0463 4652 AntiVirSchedulerService - ok
07:11:30.0531 4652 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
07:11:30.0543 4652 AntiVirService - ok
07:11:30.0589 4652 AntiVirWebService (676894fa57b671fec5c3f05f8929e03b) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
07:11:30.0618 4652 AntiVirWebService - ok
07:11:30.0696 4652 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
07:11:30.0743 4652 Appinfo - ok
07:11:30.0780 4652 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
07:11:30.0813 4652 arc - ok
07:11:30.0879 4652 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
07:11:30.0921 4652 arcsas - ok
07:11:30.0972 4652 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
07:11:31.0053 4652 AsyncMac - ok
07:11:31.0130 4652 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
07:11:31.0162 4652 atapi - ok
07:11:31.0284 4652 athr (600efe56f37adbd65a0fb076b50d1b8d) C:\Windows\system32\DRIVERS\athr.sys
07:11:31.0371 4652 athr - ok
07:11:31.0468 4652 Ati External Event Utility (3c105ae4cc005ab67907add9dff2e192) C:\Windows\system32\Ati2evxx.exe
07:11:31.0587 4652 Ati External Event Utility - ok
07:11:31.0925 4652 atikmdag (a4e212f45b2457b39d59d4972a67af47) C:\Windows\system32\DRIVERS\atikmdag.sys
07:11:32.0207 4652 atikmdag - ok
07:11:32.0377 4652 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
07:11:32.0454 4652 AudioEndpointBuilder - ok
07:11:32.0473 4652 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
07:11:32.0533 4652 Audiosrv - ok
07:11:32.0652 4652 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
07:11:32.0723 4652 avgntflt - ok
07:11:32.0782 4652 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
07:11:32.0813 4652 avipbb - ok
07:11:32.0854 4652 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
07:11:32.0881 4652 avkmgr - ok
07:11:33.0017 4652 BcmSqlStartupSvc (6163664c7e9cd110af70180c126c3fdc) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
07:11:33.0046 4652 BcmSqlStartupSvc - ok
07:11:33.0123 4652 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
07:11:33.0197 4652 Beep - ok
07:11:33.0284 4652 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
07:11:33.0404 4652 BFE - ok
07:11:33.0586 4652 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
07:11:33.0703 4652 BITS - ok
07:11:33.0726 4652 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
07:11:33.0816 4652 blbdrive - ok
07:11:33.0849 4652 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
07:11:33.0931 4652 bowser - ok
07:11:34.0009 4652 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
07:11:34.0072 4652 BrFiltLo - ok
07:11:34.0102 4652 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
07:11:34.0163 4652 BrFiltUp - ok
07:11:34.0193 4652 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
07:11:34.0279 4652 Browser - ok
07:11:34.0337 4652 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
07:11:34.0592 4652 Brserid - ok
07:11:34.0674 4652 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
07:11:34.0809 4652 BrSerWdm - ok
07:11:34.0832 4652 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
07:11:34.0996 4652 BrUsbMdm - ok
07:11:35.0046 4652 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
07:11:35.0170 4652 BrUsbSer - ok
07:11:35.0230 4652 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
07:11:35.0373 4652 BTHMODEM - ok
07:11:35.0459 4652 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
07:11:35.0541 4652 cdfs - ok
07:11:35.0610 4652 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
07:11:35.0689 4652 cdrom - ok
07:11:35.0786 4652 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
07:11:35.0876 4652 CertPropSvc - ok
07:11:35.0928 4652 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
07:11:35.0994 4652 circlass - ok
07:11:36.0054 4652 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
07:11:36.0102 4652 CLFS - ok
07:11:36.0239 4652 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:11:36.0272 4652 clr_optimization_v2.0.50727_32 - ok
07:11:36.0518 4652 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:11:36.0555 4652 clr_optimization_v4.0.30319_32 - ok
07:11:36.0636 4652 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
07:11:36.0717 4652 CmBatt - ok
07:11:36.0750 4652 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
07:11:36.0781 4652 cmdide - ok
07:11:36.0819 4652 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
07:11:36.0850 4652 Compbatt - ok
07:11:36.0858 4652 COMSysApp - ok
07:11:36.0909 4652 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
07:11:36.0940 4652 crcdisk - ok
07:11:36.0982 4652 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
07:11:37.0081 4652 Crusoe - ok
07:11:37.0196 4652 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
07:11:37.0262 4652 CryptSvc - ok
07:11:37.0369 4652 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
07:11:37.0470 4652 DcomLaunch - ok
07:11:37.0520 4652 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
07:11:37.0592 4652 DfsC - ok
07:11:37.0950 4652 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
07:11:38.0354 4652 DFSR - ok
07:11:38.0537 4652 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
07:11:38.0684 4652 Dhcp - ok
07:11:38.0849 4652 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
07:11:38.0883 4652 disk - ok
07:11:38.0940 4652 DMICall (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys
07:11:38.0964 4652 DMICall - ok
07:11:39.0028 4652 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
07:11:39.0100 4652 Dnscache - ok
07:11:39.0148 4652 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
07:11:39.0223 4652 dot3svc - ok
07:11:39.0291 4652 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
07:11:39.0379 4652 DPS - ok
07:11:39.0437 4652 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
07:11:39.0557 4652 drmkaud - ok
07:11:39.0647 4652 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
07:11:39.0716 4652 DXGKrnl - ok
07:11:39.0828 4652 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
07:11:39.0935 4652 E1G60 - ok
07:11:40.0015 4652 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
07:11:40.0082 4652 EapHost - ok
07:11:40.0189 4652 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
07:11:40.0229 4652 Ecache - ok
07:11:40.0315 4652 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
07:11:40.0352 4652 ehRecvr - ok
07:11:40.0377 4652 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
07:11:40.0419 4652 ehSched - ok
07:11:40.0439 4652 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
07:11:40.0484 4652 ehstart - ok
07:11:40.0561 4652 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
07:11:40.0657 4652 elxstor - ok
07:11:40.0763 4652 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
07:11:40.0893 4652 EMDMgmt - ok
07:11:40.0958 4652 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
07:11:41.0048 4652 ErrDev - ok
07:11:41.0157 4652 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
07:11:41.0202 4652 EventSystem - ok
07:11:41.0428 4652 EvtEng (306ac856622864c761cbdb5e816bb9d8) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
07:11:41.0508 4652 EvtEng ( UnsignedFile.Multi.Generic ) - warning
07:11:41.0508 4652 EvtEng - detected UnsignedFile.Multi.Generic (1)
07:11:41.0606 4652 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
07:11:41.0684 4652 exfat - ok
07:11:41.0724 4652 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
07:11:41.0790 4652 fastfat - ok
07:11:41.0858 4652 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
07:11:41.0924 4652 fdc - ok
07:11:41.0996 4652 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
07:11:42.0066 4652 fdPHost - ok
07:11:42.0138 4652 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
07:11:42.0243 4652 FDResPub - ok
07:11:42.0318 4652 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
07:11:42.0333 4652 FileInfo - ok
07:11:42.0374 4652 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
07:11:42.0468 4652 Filetrace - ok
07:11:42.0526 4652 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
07:11:42.0612 4652 flpydisk - ok
07:11:42.0664 4652 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
07:11:42.0705 4652 FltMgr - ok
07:11:42.0846 4652 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
07:11:42.0914 4652 FontCache - ok
07:11:43.0070 4652 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
07:11:43.0100 4652 FontCache3.0.0.0 - ok
07:11:43.0136 4652 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
07:11:43.0189 4652 Fs_Rec - ok
07:11:43.0245 4652 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
07:11:43.0280 4652 gagp30kx - ok
07:11:43.0354 4652 ggflt (007aea2e06e7cef7372e40c277163959) C:\Windows\system32\DRIVERS\ggflt.sys
07:11:43.0379 4652 ggflt - ok
07:11:43.0397 4652 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\Windows\system32\DRIVERS\ggsemc.sys
07:11:43.0420 4652 ggsemc - ok
07:11:43.0584 4652 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
07:11:43.0608 4652 GoogleDesktopManager-051210-111108 - ok
07:11:43.0711 4652 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
07:11:43.0823 4652 gpsvc - ok
07:11:43.0910 4652 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
07:11:43.0920 4652 gupdate - ok
07:11:43.0924 4652 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
07:11:43.0942 4652 gupdatem - ok
07:11:44.0015 4652 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
07:11:44.0034 4652 gusvc - ok
07:11:44.0148 4652 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
07:11:44.0299 4652 HdAudAddService - ok
07:11:44.0425 4652 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
07:11:44.0534 4652 HDAudBus - ok
07:11:44.0555 4652 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
07:11:44.0668 4652 HidBth - ok
07:11:44.0706 4652 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
07:11:44.0833 4652 HidIr - ok
07:11:44.0897 4652 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
07:11:44.0985 4652 hidserv - ok
07:11:45.0037 4652 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
07:11:45.0098 4652 HidUsb - ok
07:11:45.0164 4652 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
07:11:45.0250 4652 hkmsvc - ok
07:11:45.0322 4652 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
07:11:45.0354 4652 HpCISSs - ok
07:11:45.0468 4652 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
07:11:45.0574 4652 HSFHWAZL - ok
07:11:45.0655 4652 HSF_DPV (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys
07:11:45.0880 4652 HSF_DPV - ok
07:11:45.0973 4652 HSXHWAZL (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
07:11:46.0043 4652 HSXHWAZL - ok
07:11:46.0136 4652 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
07:11:46.0233 4652 HTTP - ok
07:11:46.0285 4652 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
07:11:46.0323 4652 i2omp - ok
07:11:46.0392 4652 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
07:11:46.0478 4652 i8042prt - ok
07:11:46.0570 4652 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\Windows\system32\DRIVERS\iaStor.sys
07:11:46.0605 4652 iaStor - ok
07:11:46.0661 4652 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
07:11:46.0700 4652 iaStorV - ok
07:11:46.0856 4652 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
07:11:46.0902 4652 IDriverT ( UnsignedFile.Multi.Generic ) - warning
07:11:46.0902 4652 IDriverT - detected UnsignedFile.Multi.Generic (1)
07:11:47.0147 4652 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
07:11:47.0215 4652 idsvc - ok
07:11:47.0224 4652 igfx - ok
07:11:47.0254 4652 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
07:11:47.0286 4652 iirsp - ok
07:11:47.0357 4652 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
07:11:47.0447 4652 IKEEXT - ok
07:11:47.0699 4652 IntcAzAudAddService (4a0f260df9a5333c07f4ab40ca9d4f4b) C:\Windows\system32\drivers\RTKVHDA.sys
07:11:47.0844 4652 IntcAzAudAddService - ok
07:11:48.0108 4652 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
07:11:48.0139 4652 intelide - ok
07:11:48.0202 4652 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
07:11:48.0255 4652 intelppm - ok
07:11:48.0290 4652 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
07:11:48.0364 4652 IPBusEnum - ok
07:11:48.0391 4652 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:11:48.0441 4652 IpFilterDriver - ok
07:11:48.0472 4652 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
07:11:48.0557 4652 iphlpsvc - ok
07:11:48.0565 4652 IpInIp - ok
07:11:48.0631 4652 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
07:11:48.0730 4652 IPMIDRV - ok
07:11:48.0775 4652 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
07:11:48.0846 4652 IPNAT - ok
07:11:48.0892 4652 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
07:11:48.0952 4652 IRENUM - ok
07:11:48.0998 4652 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
07:11:49.0031 4652 isapnp - ok
07:11:49.0113 4652 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
07:11:49.0152 4652 iScsiPrt - ok
07:11:49.0170 4652 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
07:11:49.0201 4652 iteatapi - ok
07:11:49.0242 4652 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
07:11:49.0254 4652 iteraid - ok
07:11:49.0366 4652 IviRegMgr (213822072085b5bbad9af30ab577d817) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
07:11:49.0384 4652 IviRegMgr - ok
07:11:49.0409 4652 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
07:11:49.0438 4652 kbdclass - ok
07:11:49.0483 4652 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
07:11:49.0524 4652 kbdhid - ok
07:11:49.0565 4652 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
07:11:49.0618 4652 KeyIso - ok
07:11:49.0695 4652 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
07:11:49.0751 4652 KSecDD - ok
07:11:49.0879 4652 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
07:11:49.0964 4652 KtmRm - ok
07:11:49.0998 4652 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
07:11:50.0024 4652 LanmanServer - ok
07:11:50.0089 4652 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
07:11:50.0147 4652 LanmanWorkstation - ok
07:11:50.0183 4652 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
07:11:50.0265 4652 lltdio - ok
07:11:50.0337 4652 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
07:11:50.0365 4652 lltdsvc - ok
07:11:50.0393 4652 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
07:11:50.0455 4652 lmhosts - ok
07:11:50.0511 4652 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
07:11:50.0532 4652 LSI_FC - ok
07:11:50.0563 4652 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
07:11:50.0585 4652 LSI_SAS - ok
07:11:50.0627 4652 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
07:11:50.0650 4652 LSI_SCSI - ok
07:11:50.0674 4652 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
07:11:50.0753 4652 luafv - ok
07:11:50.0814 4652 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
07:11:50.0836 4652 MBAMProtector - ok
07:11:51.0003 4652 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
07:11:51.0058 4652 MBAMService - ok
07:11:51.0138 4652 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
07:11:51.0198 4652 Mcx2Svc - ok
07:11:51.0243 4652 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
07:11:51.0269 4652 mdmxsdk - ok
07:11:51.0342 4652 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
07:11:51.0373 4652 megasas - ok
07:11:51.0453 4652 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
07:11:51.0502 4652 MegaSR - ok
07:11:51.0672 4652 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
07:11:51.0701 4652 Microsoft Office Groove Audit Service - ok
07:11:51.0833 4652 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
07:11:51.0932 4652 MMCSS - ok
07:11:51.0968 4652 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
07:11:52.0077 4652 Modem - ok
07:11:52.0141 4652 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
07:11:52.0223 4652 monitor - ok
07:11:52.0287 4652 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
07:11:52.0320 4652 mouclass - ok
07:11:52.0343 4652 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
07:11:52.0375 4652 mouhid - ok
07:11:52.0430 4652 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
07:11:52.0447 4652 MountMgr - ok
07:11:52.0501 4652 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
07:11:52.0520 4652 mpio - ok
07:11:52.0566 4652 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
07:11:52.0629 4652 mpsdrv - ok
07:11:52.0699 4652 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
07:11:52.0774 4652 MpsSvc - ok
07:11:52.0833 4652 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
07:11:52.0863 4652 Mraid35x - ok
07:11:52.0916 4652 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
07:11:52.0987 4652 MRxDAV - ok
07:11:53.0049 4652 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
07:11:53.0094 4652 mrxsmb - ok
07:11:53.0160 4652 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:11:53.0218 4652 mrxsmb10 - ok
07:11:53.0230 4652 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:11:53.0250 4652 mrxsmb20 - ok
07:11:53.0319 4652 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
07:11:53.0333 4652 msahci - ok
07:11:53.0650 4652 MSCSPTISRV (a99d2c7e30ad63ef920a894131caf5f7) C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
07:11:53.0660 4652 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - warning
07:11:53.0660 4652 MSCSPTISRV - detected UnsignedFile.Multi.Generic (1)
07:11:53.0766 4652 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
07:11:53.0800 4652 msdsm - ok
07:11:53.0877 4652 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
07:11:53.0945 4652 MSDTC - ok
07:11:54.0021 4652 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
07:11:54.0122 4652 Msfs - ok
07:11:54.0164 4652 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
07:11:54.0195 4652 msisadrv - ok
07:11:54.0259 4652 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
07:11:54.0347 4652 MSiSCSI - ok
Fortsetzung: Code:
ATTFilter 07:11:54.0353 4652 msiserver - ok
07:11:54.0407 4652 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
07:11:54.0475 4652 MSKSSRV - ok
07:11:54.0503 4652 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
07:11:54.0550 4652 MSPCLOCK - ok
07:11:54.0567 4652 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
07:11:54.0624 4652 MSPQM - ok
07:11:54.0693 4652 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
07:11:54.0719 4652 MsRPC - ok
07:11:54.0750 4652 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
07:11:54.0772 4652 mssmbios - ok
07:11:54.0853 4652 MSSQL$MSSMLBIZ - ok
07:11:54.0934 4652 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
07:11:54.0960 4652 MSSQLServerADHelper - ok
07:11:55.0025 4652 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
07:11:55.0051 4652 MSTEE - ok
07:11:55.0107 4652 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
07:11:55.0121 4652 Mup - ok
07:11:55.0252 4652 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
07:11:55.0351 4652 napagent - ok
07:11:55.0428 4652 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
07:11:55.0486 4652 NativeWifiP - ok
07:11:55.0589 4652 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
07:11:55.0653 4652 NDIS - ok
07:11:55.0737 4652 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
07:11:55.0805 4652 NdisTapi - ok
07:11:55.0836 4652 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
07:11:55.0899 4652 Ndisuio - ok
07:11:55.0972 4652 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
07:11:56.0023 4652 NdisWan - ok
07:11:56.0063 4652 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
07:11:56.0118 4652 NDProxy - ok
07:11:56.0138 4652 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
07:11:56.0172 4652 NetBIOS - ok
07:11:56.0212 4652 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
07:11:56.0248 4652 netbt - ok
07:11:56.0299 4652 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
07:11:56.0313 4652 Netlogon - ok
07:11:56.0359 4652 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
07:11:56.0396 4652 Netman - ok
07:11:56.0427 4652 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
07:11:56.0485 4652 netprofm - ok
07:11:56.0600 4652 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:11:56.0621 4652 NetTcpPortSharing - ok
07:11:56.0938 4652 NETw5v32 (e559ea9138c77b5d1fda8c558764a25f) C:\Windows\system32\DRIVERS\NETw5v32.sys
07:11:57.0197 4652 NETw5v32 - ok
07:11:57.0322 4652 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
07:11:57.0351 4652 nfrd960 - ok
07:11:57.0406 4652 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
07:11:57.0442 4652 NlaSvc - ok
07:11:57.0511 4652 nmwcd (c3963d85b721a7f80d8a55f4e2867a3a) C:\Windows\system32\drivers\ccdcmb.sys
07:11:57.0550 4652 nmwcd - ok
07:11:57.0631 4652 nmwcdc (3859c69a77793180548802dac9f34a38) C:\Windows\system32\drivers\ccdcmbo.sys
07:11:57.0687 4652 nmwcdc - ok
07:11:57.0765 4652 nmwcdnsu (338f83ee9cb9e15eeacf0cbb90218cbf) C:\Windows\system32\drivers\nmwcdnsu.sys
07:11:57.0809 4652 nmwcdnsu - ok
07:11:57.0832 4652 nmwcdnsuc (d15bac979144fb69ed28f97b2dd84d48) C:\Windows\system32\drivers\nmwcdnsuc.sys
07:11:57.0872 4652 nmwcdnsuc - ok
07:11:57.0944 4652 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
07:11:57.0991 4652 Npfs - ok
07:11:58.0016 4652 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
07:11:58.0089 4652 nsi - ok
07:11:58.0117 4652 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
07:11:58.0160 4652 nsiproxy - ok
07:11:58.0295 4652 NSUService (fd141d19f1392920a6a517316910d770) C:\Program Files\Sony\Network Utility\NSUService.exe
07:11:58.0337 4652 NSUService ( UnsignedFile.Multi.Generic ) - warning
07:11:58.0337 4652 NSUService - detected UnsignedFile.Multi.Generic (1)
07:11:58.0478 4652 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
07:11:58.0572 4652 Ntfs - ok
07:11:58.0622 4652 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
07:11:58.0667 4652 ntrigdigi - ok
07:11:58.0690 4652 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
07:11:58.0729 4652 Null - ok
07:11:58.0759 4652 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
07:11:58.0772 4652 nvraid - ok
07:11:58.0808 4652 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
07:11:58.0821 4652 nvstor - ok
07:11:58.0865 4652 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
07:11:58.0879 4652 nv_agp - ok
07:11:58.0884 4652 NwlnkFlt - ok
07:11:58.0890 4652 NwlnkFwd - ok
07:11:59.0094 4652 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
07:11:59.0126 4652 odserv - ok
07:11:59.0171 4652 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
07:11:59.0196 4652 ohci1394 - ok
07:11:59.0225 4652 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:11:59.0239 4652 ose - ok
07:11:59.0325 4652 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
07:11:59.0408 4652 p2pimsvc - ok
07:11:59.0430 4652 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
07:11:59.0489 4652 p2psvc - ok
07:11:59.0555 4652 PACSPTISVR (41c33fb4fd929fed732a00d2daef5be0) C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
07:11:59.0612 4652 PACSPTISVR ( UnsignedFile.Multi.Generic ) - warning
07:11:59.0612 4652 PACSPTISVR - detected UnsignedFile.Multi.Generic (1)
07:11:59.0645 4652 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
07:11:59.0741 4652 Parport - ok
07:11:59.0777 4652 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
07:11:59.0793 4652 partmgr - ok
07:11:59.0836 4652 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
07:11:59.0920 4652 Parvdm - ok
07:11:59.0951 4652 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
07:11:59.0983 4652 PcaSvc - ok
07:12:00.0063 4652 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
07:12:00.0087 4652 pccsmcfd - ok
07:12:00.0146 4652 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
07:12:00.0184 4652 pci - ok
07:12:00.0229 4652 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
07:12:00.0260 4652 pciide - ok
07:12:00.0300 4652 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
07:12:00.0322 4652 pcmcia - ok
07:12:00.0444 4652 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
07:12:00.0512 4652 PEAUTH - ok
07:12:00.0634 4652 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
07:12:00.0766 4652 pla - ok
07:12:00.0902 4652 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
07:12:00.0971 4652 PlugPlay - ok
07:12:01.0037 4652 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
07:12:01.0097 4652 PNRPAutoReg - ok
07:12:01.0120 4652 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
07:12:01.0190 4652 PNRPsvc - ok
07:12:01.0238 4652 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
07:12:01.0339 4652 PolicyAgent - ok
07:12:01.0443 4652 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
07:12:01.0526 4652 PptpMiniport - ok
07:12:01.0563 4652 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
07:12:01.0626 4652 Processor - ok
07:12:01.0674 4652 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
07:12:01.0698 4652 ProfSvc - ok
07:12:01.0733 4652 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
07:12:01.0757 4652 ProtectedStorage - ok
07:12:01.0787 4652 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
07:12:01.0815 4652 PSched - ok
07:12:01.0870 4652 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys
07:12:01.0883 4652 PxHelp20 - ok
07:12:02.0023 4652 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
07:12:02.0118 4652 ql2300 - ok
07:12:02.0155 4652 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
07:12:02.0186 4652 ql40xx - ok
07:12:02.0241 4652 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
07:12:02.0285 4652 QWAVE - ok
07:12:02.0305 4652 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
07:12:02.0335 4652 QWAVEdrv - ok
07:12:02.0444 4652 RapiMgr (70dbdab246c18b78e2200d6401d038be) C:\Windows\WindowsMobile\rapimgr.dll
07:12:02.0486 4652 RapiMgr - ok
07:12:02.0497 4652 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
07:12:02.0550 4652 RasAcd - ok
07:12:02.0589 4652 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
07:12:02.0642 4652 RasAuto - ok
07:12:02.0677 4652 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
07:12:02.0733 4652 Rasl2tp - ok
07:12:02.0780 4652 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
07:12:02.0838 4652 RasMan - ok
07:12:02.0945 4652 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
07:12:02.0994 4652 RasPppoe - ok
07:12:03.0019 4652 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
07:12:03.0069 4652 RasSstp - ok
07:12:03.0133 4652 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
07:12:03.0219 4652 rdbss - ok
07:12:03.0265 4652 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
07:12:03.0343 4652 RDPCDD - ok
07:12:03.0381 4652 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
07:12:03.0434 4652 rdpdr - ok
07:12:03.0441 4652 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
07:12:03.0497 4652 RDPENCDD - ok
07:12:03.0548 4652 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
07:12:03.0593 4652 RDPWD - ok
07:12:03.0671 4652 regi (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
07:12:03.0693 4652 regi - ok
07:12:03.0811 4652 RegSrvc (b33c88df3588acf250b87a004526c31a) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
07:12:03.0889 4652 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
07:12:03.0889 4652 RegSrvc - detected UnsignedFile.Multi.Generic (1)
07:12:03.0962 4652 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
07:12:04.0042 4652 RemoteAccess - ok
07:12:04.0081 4652 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
07:12:04.0178 4652 RemoteRegistry - ok
07:12:04.0258 4652 rimsptsk (d0c2a0ce1091e08efb7ccba6cea4c3f9) C:\Windows\system32\DRIVERS\rimsptsk.sys
07:12:04.0314 4652 rimsptsk - ok
07:12:04.0365 4652 risdptsk (c22e4e27ccdf9aa5fe8143104f28cde3) C:\Windows\system32\DRIVERS\risdptsk.sys
07:12:04.0428 4652 risdptsk - ok
07:12:04.0484 4652 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
07:12:04.0531 4652 RpcLocator - ok
07:12:04.0611 4652 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
07:12:04.0688 4652 RpcSs - ok
07:12:04.0733 4652 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
07:12:04.0768 4652 rspndr - ok
07:12:04.0836 4652 RtkAudioService (65330e78c17db8a99a7ff1ba3c8824b6) C:\Windows\RtkAudioService.exe
07:12:04.0853 4652 RtkAudioService - ok
07:12:04.0900 4652 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
07:12:04.0929 4652 SamSs - ok
07:12:04.0949 4652 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
07:12:04.0971 4652 sbp2port - ok
07:12:05.0032 4652 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
07:12:05.0069 4652 SCardSvr - ok
07:12:05.0132 4652 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
07:12:05.0195 4652 Schedule - ok
07:12:05.0232 4652 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
07:12:05.0265 4652 SCPolicySvc - ok
07:12:05.0307 4652 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
07:12:05.0379 4652 sdbus - ok
07:12:05.0413 4652 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
07:12:05.0446 4652 SDRSVC - ok
07:12:05.0492 4652 SE2Ebus (97ec6c60112ebd40c07fe295a38ab1ea) C:\Windows\system32\DRIVERS\SE2Ebus.sys
07:12:05.0511 4652 SE2Ebus - ok
07:12:05.0545 4652 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
07:12:05.0664 4652 secdrv - ok
07:12:05.0703 4652 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
07:12:05.0769 4652 seclogon - ok
07:12:05.0803 4652 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
07:12:05.0876 4652 SENS - ok
07:12:05.0906 4652 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
07:12:06.0024 4652 Serenum - ok
07:12:06.0072 4652 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
07:12:06.0115 4652 Serial - ok
07:12:06.0149 4652 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
07:12:06.0174 4652 sermouse - ok
07:12:06.0358 4652 ServiceLayer (2d841b7b7f6dec32162edfcc69d61f42) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
07:12:06.0454 4652 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
07:12:06.0454 4652 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
07:12:06.0584 4652 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
07:12:06.0612 4652 SessionEnv - ok
07:12:06.0680 4652 SFEP (8b7c1768d2cde2e02e09a66563ddfd16) C:\Windows\system32\DRIVERS\SFEP.sys
07:12:06.0702 4652 SFEP - ok
07:12:06.0733 4652 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
07:12:06.0757 4652 sffdisk - ok
07:12:06.0813 4652 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
07:12:06.0878 4652 sffp_mmc - ok
07:12:06.0911 4652 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
07:12:06.0973 4652 sffp_sd - ok
07:12:07.0018 4652 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys
07:12:07.0090 4652 sfloppy - ok
07:12:07.0130 4652 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
07:12:07.0181 4652 SharedAccess - ok
07:12:07.0226 4652 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
07:12:07.0243 4652 ShellHWDetection - ok
07:12:07.0313 4652 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
07:12:07.0333 4652 sisagp - ok
07:12:07.0359 4652 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
07:12:07.0376 4652 SiSRaid2 - ok
07:12:07.0395 4652 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
07:12:07.0412 4652 SiSRaid4 - ok
07:12:07.0690 4652 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
07:12:07.0872 4652 slsvc - ok
07:12:08.0097 4652 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
07:12:08.0161 4652 SLUINotify - ok
07:12:08.0230 4652 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
07:12:08.0303 4652 Smb - ok
07:12:08.0345 4652 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
07:12:08.0415 4652 SNMPTRAP - ok
07:12:08.0516 4652 SOHCImp (dc826affa608f50c385bca4c71ef1bdd) C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe
07:12:08.0542 4652 SOHCImp - ok
07:12:08.0594 4652 SOHDms (1ec739f65c51fa1c7ac4502464a3c3a8) C:\Program Files\Sony\VAIO Media plus\SOHDms.exe
07:12:08.0661 4652 SOHDms - ok
07:12:08.0703 4652 SOHDs (ec8fab4ac684445d6032aa5c6e77ca2e) C:\Program Files\Sony\VAIO Media plus\SOHDs.exe
07:12:08.0726 4652 SOHDs - ok
07:12:08.0863 4652 Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Program Files\Sony\Sony PC Companion\PCCService.exe
07:12:08.0888 4652 Sony PC Companion - ok
07:12:08.0950 4652 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
07:12:08.0981 4652 spldr - ok
07:12:09.0026 4652 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
07:12:09.0086 4652 Spooler - ok
07:12:09.0205 4652 SPTISRV (f63102f289ae2039940b22e9b2a8e0bd) C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
07:12:09.0216 4652 SPTISRV ( UnsignedFile.Multi.Generic ) - warning
07:12:09.0216 4652 SPTISRV - detected UnsignedFile.Multi.Generic (1)
07:12:09.0325 4652 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
07:12:09.0358 4652 SQLBrowser - ok
07:12:09.0410 4652 SQLWriter (d89083c4eb02daca8f944b0e05e57f9d) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
07:12:09.0439 4652 SQLWriter - ok
07:12:09.0492 4652 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
07:12:09.0557 4652 srv - ok
07:12:09.0591 4652 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
07:12:09.0623 4652 srv2 - ok
07:12:09.0646 4652 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
07:12:09.0685 4652 srvnet - ok
07:12:09.0746 4652 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
07:12:09.0830 4652 SSDPSRV - ok
07:12:09.0865 4652 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
07:12:09.0889 4652 ssmdrv - ok
07:12:09.0935 4652 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
07:12:10.0007 4652 SstpSvc - ok
07:12:10.0097 4652 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
07:12:10.0156 4652 stisvc - ok
07:12:10.0196 4652 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
07:12:10.0227 4652 swenum - ok
07:12:10.0274 4652 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
07:12:10.0349 4652 swprv - ok
07:12:10.0370 4652 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
07:12:10.0401 4652 Symc8xx - ok
07:12:10.0439 4652 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
07:12:10.0484 4652 Sym_hi - ok
07:12:10.0519 4652 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
07:12:10.0530 4652 Sym_u3 - ok
07:12:10.0570 4652 SynTP (99da94793332aadbb17bbb521ae56e21) C:\Windows\system32\DRIVERS\SynTP.sys
07:12:10.0583 4652 SynTP - ok
07:12:10.0635 4652 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
07:12:10.0690 4652 SysMain - ok
07:12:10.0736 4652 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
07:12:10.0793 4652 TabletInputService - ok
07:12:10.0848 4652 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
07:12:10.0935 4652 TapiSrv - ok
07:12:10.0969 4652 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
07:12:11.0056 4652 TBS - ok
07:12:11.0158 4652 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
07:12:11.0248 4652 Tcpip - ok
07:12:11.0293 4652 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
07:12:11.0341 4652 Tcpip6 - ok
07:12:11.0391 4652 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
07:12:11.0405 4652 tcpipreg - ok
07:12:11.0433 4652 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
07:12:11.0471 4652 TDPIPE - ok
07:12:11.0484 4652 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
07:12:11.0509 4652 TDTCP - ok
07:12:11.0569 4652 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
07:12:11.0610 4652 tdx - ok
07:12:11.0651 4652 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
07:12:11.0669 4652 TermDD - ok
07:12:11.0786 4652 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
07:12:11.0874 4652 TermService - ok
07:12:11.0927 4652 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
07:12:11.0958 4652 Themes - ok
07:12:11.0989 4652 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
07:12:12.0034 4652 THREADORDER - ok
07:12:12.0107 4652 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
07:12:12.0138 4652 TrkWks - ok
07:12:12.0195 4652 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
07:12:12.0217 4652 TrustedInstaller - ok
07:12:12.0262 4652 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
07:12:12.0299 4652 tssecsrv - ok
07:12:12.0321 4652 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
07:12:12.0355 4652 tunmp - ok
07:12:12.0377 4652 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
07:12:12.0406 4652 tunnel - ok
07:12:12.0423 4652 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
07:12:12.0438 4652 uagp35 - ok
07:12:12.0504 4652 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
07:12:12.0534 4652 udfs - ok
07:12:12.0584 4652 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
07:12:12.0618 4652 UI0Detect - ok
07:12:12.0623 4652 UIUSys - ok
07:12:12.0700 4652 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
07:12:12.0724 4652 uliagpkx - ok
07:12:12.0767 4652 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
07:12:12.0787 4652 uliahci - ok
07:12:12.0812 4652 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
07:12:12.0828 4652 UlSata - ok
07:12:12.0864 4652 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
07:12:12.0881 4652 ulsata2 - ok
07:12:12.0915 4652 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
07:12:12.0951 4652 umbus - ok
07:12:13.0005 4652 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
07:12:13.0048 4652 upnphost - ok
07:12:13.0069 4652 upperdev (0ccadc7391021376edbb8aa649d04e68) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
07:12:13.0120 4652 upperdev - ok
07:12:13.0165 4652 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
07:12:13.0206 4652 usbccgp - ok
07:12:13.0251 4652 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
07:12:13.0314 4652 usbcir - ok
07:12:13.0369 4652 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
07:12:13.0403 4652 usbehci - ok
07:12:13.0451 4652 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
07:12:13.0474 4652 usbhub - ok
07:12:13.0493 4652 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
07:12:13.0546 4652 usbohci - ok
07:12:13.0567 4652 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
07:12:13.0613 4652 usbprint - ok
07:12:13.0684 4652 usbser (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\drivers\usbser.sys
07:12:13.0710 4652 usbser - ok
07:12:13.0741 4652 UsbserFilt (68b4f83cccf70a2ff32ee142c234332a) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
07:12:13.0768 4652 UsbserFilt - ok
07:12:13.0807 4652 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:12:13.0844 4652 USBSTOR - ok
07:12:13.0875 4652 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
07:12:13.0918 4652 usbuhci - ok
07:12:13.0965 4652 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
07:12:14.0007 4652 usbvideo - ok
07:12:14.0041 4652 usb_rndisx (35c9095fa7076466afbfc5b9ec4b779e) C:\Windows\system32\DRIVERS\usb8023x.sys
07:12:14.0088 4652 usb_rndisx - ok
07:12:14.0133 4652 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
07:12:14.0163 4652 UxSms - ok
07:12:14.0303 4652 VAIO Entertainment TV Device Arbitration Service (2a640dc735cb0112ac1dcd1e1549b27e) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
07:12:14.0307 4652 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - warning
07:12:14.0307 4652 VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic (1)
07:12:14.0397 4652 VAIO Event Service (693a3fdd279c345105fff9dde277849b) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
07:12:14.0411 4652 VAIO Event Service - ok
07:12:14.0465 4652 VAIO Power Management (43cec9bf5a4f2917982ad01d92e0f44d) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
07:12:14.0487 4652 VAIO Power Management - ok
07:12:14.0589 4652 VCFw (cbcbe2233d21e9b278f95f5cb28bc8ae) C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
07:12:14.0652 4652 VCFw ( UnsignedFile.Multi.Generic ) - warning
07:12:14.0652 4652 VCFw - detected UnsignedFile.Multi.Generic (1)
07:12:14.0801 4652 VcmIAlzMgr (27888f132d2ee0b72b28093a5f5f20eb) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
07:12:14.0822 4652 VcmIAlzMgr - ok
07:12:14.0911 4652 VcmXmlIfHelper (ee9abfc2f8f2dcdc624b6a9d5cf3b19d) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
07:12:14.0922 4652 VcmXmlIfHelper - ok
07:12:14.0932 4652 Vcsw - ok
07:12:15.0069 4652 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
07:12:15.0108 4652 vds - ok
07:12:15.0154 4652 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
07:12:15.0186 4652 vga - ok
07:12:15.0223 4652 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
07:12:15.0260 4652 VgaSave - ok
07:12:15.0293 4652 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
07:12:15.0306 4652 viaagp - ok
07:12:15.0338 4652 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
07:12:15.0364 4652 ViaC7 - ok
07:12:15.0383 4652 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
07:12:15.0397 4652 viaide - ok
07:12:15.0426 4652 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
07:12:15.0440 4652 volmgr - ok
07:12:15.0484 4652 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
07:12:15.0505 4652 volmgrx - ok
07:12:15.0548 4652 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
07:12:15.0570 4652 volsnap - ok
07:12:15.0615 4652 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
07:12:15.0633 4652 vsmraid - ok
07:12:15.0716 4652 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
07:12:15.0825 4652 VSS - ok
07:12:15.0968 4652 VzCdbSvc (071634532066c2e29350d450c3412837) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
07:12:15.0975 4652 VzCdbSvc ( UnsignedFile.Multi.Generic ) - warning
07:12:15.0975 4652 VzCdbSvc - detected UnsignedFile.Multi.Generic (1)
07:12:16.0020 4652 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
07:12:16.0069 4652 W32Time - ok
07:12:16.0117 4652 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
07:12:16.0190 4652 WacomPen - ok
07:12:16.0209 4652 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
07:12:16.0245 4652 Wanarp - ok
07:12:16.0253 4652 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
07:12:16.0274 4652 Wanarpv6 - ok
07:12:16.0349 4652 WcesComm (779f9c90d3fe9c70b6ffd8ef035f3e83) C:\Windows\WindowsMobile\wcescomm.dll
07:12:16.0430 4652 WcesComm - ok
07:12:16.0493 4652 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
07:12:16.0542 4652 wcncsvc - ok
07:12:16.0597 4652 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
07:12:16.0669 4652 WcsPlugInService - ok
07:12:16.0710 4652 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
07:12:16.0728 4652 Wd - ok
07:12:16.0794 4652 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
07:12:16.0820 4652 Wdf01000 - ok
07:12:16.0841 4652 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
07:12:16.0914 4652 WdiServiceHost - ok
07:12:16.0922 4652 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
07:12:16.0951 4652 WdiSystemHost - ok
07:12:16.0992 4652 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
07:12:17.0025 4652 WebClient - ok
07:12:17.0066 4652 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
07:12:17.0093 4652 Wecsvc - ok
07:12:17.0123 4652 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
07:12:17.0147 4652 wercplsupport - ok
07:12:17.0196 4652 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
07:12:17.0219 4652 WerSvc - ok
07:12:17.0253 4652 WimFltr (090a2b8f055343815556a01f725f6c35) C:\Windows\system32\DRIVERS\wimfltr.sys
07:12:17.0267 4652 WimFltr - ok
07:12:17.0317 4652 winachsf (5a77ac34a0ffb70ce8b35b524fede9ba) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
07:12:17.0381 4652 winachsf - ok
07:12:17.0486 4652 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
07:12:17.0503 4652 WinDefend - ok
07:12:17.0516 4652 WinHttpAutoProxySvc - ok
07:12:17.0588 4652 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
07:12:17.0610 4652 Winmgmt - ok
07:12:17.0699 4652 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
07:12:17.0759 4652 WinRM - ok
07:12:17.0851 4652 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
07:12:17.0902 4652 Wlansvc - ok
07:12:17.0963 4652 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
07:12:17.0998 4652 WmiAcpi - ok
07:12:18.0079 4652 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
07:12:18.0145 4652 wmiApSrv - ok
07:12:18.0328 4652 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
07:12:18.0496 4652 WMPNetworkSvc - ok
07:12:18.0571 4652 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
07:12:18.0636 4652 WPCSvc - ok
07:12:18.0697 4652 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
07:12:18.0733 4652 WPDBusEnum - ok
07:12:18.0790 4652 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
07:12:18.0804 4652 WpdUsb - ok
07:12:19.0043 4652 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
07:12:19.0089 4652 WPFFontCache_v0400 - ok
07:12:19.0140 4652 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
07:12:19.0166 4652 ws2ifsl - ok
07:12:19.0242 4652 WsAudio_DeviceS(1) (a75dc063c9f0b787cce296c8ccad9c30) C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys
07:12:19.0246 4652 WsAudio_DeviceS(1) ( UnsignedFile.Multi.Generic ) - warning
07:12:19.0247 4652 WsAudio_DeviceS(1) - detected UnsignedFile.Multi.Generic (1)
07:12:19.0311 4652 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
07:12:19.0328 4652 wscsvc - ok
07:12:19.0338 4652 WSearch - ok
07:12:19.0466 4652 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
07:12:19.0738 4652 wuauserv - ok
07:12:19.0958 4652 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
07:12:20.0009 4652 WudfPf - ok
07:12:20.0072 4652 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
07:12:20.0108 4652 WUDFRd - ok
07:12:20.0135 4652 wudfsvc (2c0206ff8d2c75ac027d1096fa2fafda) C:\Windows\System32\WUDFSvc.dll
07:12:20.0182 4652 wudfsvc - ok
07:12:20.0254 4652 XAudio (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys
07:12:20.0265 4652 XAudio - ok
07:12:20.0330 4652 XAudioService (15a317674a08df26be65164d959e9203) C:\Windows\system32\DRIVERS\xaudio.exe
07:12:20.0385 4652 XAudioService - ok
07:12:20.0432 4652 yukonwlh (7d4cca3659fa0780603206e3d12a993f) C:\Windows\system32\DRIVERS\yk60x86.sys
07:12:20.0473 4652 yukonwlh - ok
07:12:20.0551 4652 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
07:12:21.0633 4652 \Device\Harddisk0\DR0 - ok
07:12:21.0659 4652 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
07:12:21.0832 4652 \Device\Harddisk1\DR1 - ok
07:12:21.0935 4652 Boot (0x1200) (5c64891cba38a56957fc8e8ae32a709b) \Device\Harddisk0\DR0\Partition0
07:12:21.0936 4652 \Device\Harddisk0\DR0\Partition0 - ok
07:12:21.0946 4652 Boot (0x1200) (328a5e908ddc0f988dc6814779b827b5) \Device\Harddisk1\DR1\Partition0
07:12:21.0948 4652 \Device\Harddisk1\DR1\Partition0 - ok
07:12:21.0951 4652 ============================================================
07:12:21.0951 4652 Scan finished
07:12:21.0951 4652 ============================================================
07:12:21.0964 3472 Detected object count: 12
07:12:21.0964 3472 Actual detected object count: 12
07:12:42.0365 3472 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
07:12:42.0365 3472 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:12:42.0365 3472 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
07:12:42.0365 3472 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:12:42.0366 3472 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
07:12:42.0366 3472 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:12:42.0366 3472 NSUService ( UnsignedFile.Multi.Generic ) - skipped by user
07:12:42.0366 3472 NSUService ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:12:42.0367 3472 PACSPTISVR ( UnsignedFile.Multi.Generic ) - skipped by user
07:12:42.0367 3472 PACSPTISVR ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:12:42.0370 3472 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
07:12:42.0370 3472 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:12:42.0370 3472 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
07:12:42.0370 3472 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:12:42.0375 3472 SPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
07:12:42.0375 3472 SPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:12:42.0376 3472 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - skipped by user
07:12:42.0376 3472 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:12:42.0377 3472 VCFw ( UnsignedFile.Multi.Generic ) - skipped by user
07:12:42.0377 3472 VCFw ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:12:42.0380 3472 VzCdbSvc ( UnsignedFile.Multi.Generic ) - skipped by user
07:12:42.0380 3472 VzCdbSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:12:42.0380 3472 WsAudio_DeviceS(1) ( UnsignedFile.Multi.Generic ) - skipped by user
07:12:42.0380 3472 WsAudio_DeviceS(1) ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:13:37.0612 5520 ============================================================
07:13:37.0612 5520 Scan started
07:13:37.0612 5520 Mode: Manual; SigCheck; TDLFS;
07:13:37.0612 5520 ============================================================
07:13:37.0847 5520 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
07:13:37.0903 5520 ACPI - ok
07:13:38.0076 5520 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
07:13:38.0098 5520 AdobeARMservice - ok
07:13:38.0171 5520 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
07:13:38.0186 5520 AdobeFlashPlayerUpdateSvc - ok
07:13:38.0236 5520 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
07:13:38.0271 5520 adp94xx - ok
07:13:38.0311 5520 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
07:13:38.0331 5520 adpahci - ok
07:13:38.0358 5520 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
07:13:38.0377 5520 adpu160m - ok
07:13:38.0409 5520 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
07:13:38.0426 5520 adpu320 - ok
07:13:38.0467 5520 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
07:13:38.0489 5520 AeLookupSvc - ok
07:13:38.0530 5520 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
07:13:38.0548 5520 AFD - ok
07:13:38.0576 5520 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
07:13:38.0590 5520 agp440 - ok
07:13:38.0619 5520 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
07:13:38.0637 5520 aic78xx - ok
07:13:38.0674 5520 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
07:13:38.0700 5520 ALG - ok
07:13:38.0723 5520 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
07:13:38.0736 5520 aliide - ok
07:13:38.0759 5520 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
07:13:38.0774 5520 amdagp - ok
07:13:38.0795 5520 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
07:13:38.0807 5520 amdide - ok
07:13:38.0896 5520 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
07:13:38.0923 5520 AmdK7 - ok
07:13:38.0952 5520 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
07:13:38.0984 5520 AmdK8 - ok
07:13:39.0088 5520 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files\Avira\AntiVir Desktop\sched.exe
07:13:39.0101 5520 AntiVirSchedulerService - ok
07:13:39.0138 5520 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
07:13:39.0154 5520 AntiVirService - ok
07:13:39.0196 5520 AntiVirWebService (676894fa57b671fec5c3f05f8929e03b) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
07:13:39.0220 5520 AntiVirWebService - ok
07:13:39.0257 5520 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
07:13:39.0271 5520 Appinfo - ok
07:13:39.0306 5520 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
07:13:39.0320 5520 arc - ok
07:13:39.0350 5520 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
07:13:39.0367 5520 arcsas - ok
07:13:39.0389 5520 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
07:13:39.0422 5520 AsyncMac - ok
07:13:39.0446 5520 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
07:13:39.0459 5520 atapi - ok
07:13:39.0542 5520 athr (600efe56f37adbd65a0fb076b50d1b8d) C:\Windows\system32\DRIVERS\athr.sys
07:13:39.0577 5520 athr - ok
07:13:39.0667 5520 Ati External Event Utility (3c105ae4cc005ab67907add9dff2e192) C:\Windows\system32\Ati2evxx.exe
07:13:39.0693 5520 Ati External Event Utility - ok
07:13:39.0952 5520 atikmdag (a4e212f45b2457b39d59d4972a67af47) C:\Windows\system32\DRIVERS\atikmdag.sys
07:13:40.0054 5520 atikmdag - ok
07:13:40.0210 5520 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
07:13:40.0234 5520 AudioEndpointBuilder - ok
07:13:40.0240 5520 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
07:13:40.0266 5520 Audiosrv - ok
07:13:40.0357 5520 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
07:13:40.0372 5520 avgntflt - ok
07:13:40.0397 5520 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
07:13:40.0412 5520 avipbb - ok
07:13:40.0437 5520 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
07:13:40.0450 5520 avkmgr - ok
07:13:40.0533 5520 BcmSqlStartupSvc (6163664c7e9cd110af70180c126c3fdc) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
07:13:40.0548 5520 BcmSqlStartupSvc - ok
07:13:40.0617 5520 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
07:13:40.0656 5520 Beep - ok
07:13:40.0706 5520 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
07:13:40.0738 5520 BFE - ok
07:13:40.0804 5520 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
07:13:40.0845 5520 BITS - ok
07:13:40.0876 5520 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
07:13:40.0902 5520 blbdrive - ok
07:13:40.0943 5520 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
07:13:40.0968 5520 bowser - ok
07:13:41.0001 5520 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
07:13:41.0022 5520 BrFiltLo - ok
07:13:41.0042 5520 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
07:13:41.0061 5520 BrFiltUp - ok
07:13:41.0099 5520 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
07:13:41.0126 5520 Browser - ok
07:13:41.0155 5520 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
07:13:41.0203 5520 Brserid - ok
07:13:41.0234 5520 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
07:13:41.0280 5520 BrSerWdm - ok
07:13:41.0304 5520 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
07:13:41.0348 5520 BrUsbMdm - ok
07:13:41.0374 5520 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
07:13:41.0425 5520 BrUsbSer - ok
07:13:41.0457 5520 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
07:13:41.0504 5520 BTHMODEM - ok
07:13:41.0542 5520 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
07:13:41.0571 5520 cdfs - ok
07:13:41.0628 5520 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
07:13:41.0649 5520 cdrom - ok
07:13:41.0703 5520 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
07:13:41.0726 5520 CertPropSvc - ok
07:13:41.0766 5520 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
07:13:41.0792 5520 circlass - ok
07:13:41.0838 5520 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
07:13:41.0857 5520 CLFS - ok
07:13:41.0932 5520 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:13:41.0946 5520 clr_optimization_v2.0.50727_32 - ok
07:13:42.0033 5520 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:13:42.0049 5520 clr_optimization_v4.0.30319_32 - ok
07:13:42.0075 5520 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
07:13:42.0102 5520 CmBatt - ok
07:13:42.0122 5520 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
07:13:42.0137 5520 cmdide - ok
07:13:42.0157 5520 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
07:13:42.0171 5520 Compbatt - ok
07:13:42.0181 5520 COMSysApp - ok
07:13:42.0203 5520 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
07:13:42.0217 5520 crcdisk - ok
07:13:42.0243 5520 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
07:13:42.0270 5520 Crusoe - ok
07:13:42.0343 5520 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
07:13:42.0364 5520 CryptSvc - ok
07:13:42.0418 5520 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
07:13:42.0457 5520 DcomLaunch - ok
07:13:42.0491 5520 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
07:13:42.0518 5520 DfsC - ok
07:13:42.0651 5520 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
07:13:42.0765 5520 DFSR - ok
07:13:42.0882 5520 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
07:13:42.0906 5520 Dhcp - ok
07:13:42.0976 5520 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
07:13:42.0991 5520 disk - ok
07:13:43.0034 5520 DMICall (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys
07:13:43.0045 5520 DMICall - ok
07:13:43.0087 5520 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
07:13:43.0115 5520 Dnscache - ok
07:13:43.0153 5520 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
07:13:43.0176 5520 dot3svc - ok
07:13:43.0216 5520 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
07:13:43.0244 5520 DPS - ok
07:13:43.0275 5520 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
07:13:43.0296 5520 drmkaud - ok
07:13:43.0353 5520 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
07:13:43.0388 5520 DXGKrnl - ok
07:13:43.0421 5520 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
07:13:43.0450 5520 E1G60 - ok
07:13:43.0486 5520 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
07:13:43.0508 5520 EapHost - ok
07:13:43.0548 5520 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
07:13:43.0565 5520 Ecache - ok
07:13:43.0628 5520 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
07:13:43.0646 5520 ehRecvr - ok
07:13:43.0669 5520 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
07:13:43.0684 5520 ehSched - ok
07:13:43.0703 5520 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
07:13:43.0726 5520 ehstart - ok
07:13:43.0771 5520 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
07:13:43.0792 5520 elxstor - ok
07:13:43.0868 5520 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
07:13:43.0907 5520 EMDMgmt - ok
07:13:43.0930 5520 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
07:13:43.0993 5520 ErrDev - ok
07:13:44.0063 5520 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
07:13:44.0087 5520 EventSystem - ok
07:13:44.0205 5520 EvtEng (306ac856622864c761cbdb5e816bb9d8) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
07:13:44.0239 5520 EvtEng ( UnsignedFile.Multi.Generic ) - warning
07:13:44.0239 5520 EvtEng - detected UnsignedFile.Multi.Generic (1)
07:13:44.0276 5520 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
07:13:44.0300 5520 exfat - ok
07:13:44.0360 5520 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
07:13:44.0394 5520 fastfat - ok
07:13:44.0430 5520 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
07:13:44.0473 5520 fdc - ok
07:13:44.0523 5520 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
07:13:44.0566 5520 fdPHost - ok
07:13:44.0599 5520 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
07:13:44.0671 5520 FDResPub - ok
07:13:44.0701 5520 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
07:13:44.0724 5520 FileInfo - ok
07:13:44.0745 5520 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
07:13:44.0801 5520 Filetrace - ok
07:13:44.0831 5520 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
07:13:44.0857 5520 flpydisk - ok
07:13:44.0922 5520 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
07:13:44.0939 5520 FltMgr - ok
07:13:45.0012 5520 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
07:13:45.0088 5520 FontCache - ok
07:13:45.0187 5520 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
07:13:45.0216 5520 FontCache3.0.0.0 - ok
07:13:45.0253 5520 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
07:13:45.0308 5520 Fs_Rec - ok
07:13:45.0350 5520 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
07:13:45.0362 5520 gagp30kx - ok
07:13:45.0403 5520 ggflt (007aea2e06e7cef7372e40c277163959) C:\Windows\system32\DRIVERS\ggflt.sys
07:13:45.0414 5520 ggflt - ok
07:13:45.0435 5520 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\Windows\system32\DRIVERS\ggsemc.sys
07:13:45.0450 5520 ggsemc - ok
07:13:45.0567 5520 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
07:13:45.0583 5520 GoogleDesktopManager-051210-111108 - ok
07:13:45.0650 5520 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
07:13:45.0700 5520 gpsvc - ok
07:13:45.0727 5520 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
07:13:45.0747 5520 gupdate - ok
07:13:45.0752 5520 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
07:13:45.0772 5520 gupdatem - ok
07:13:45.0811 5520 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
07:13:45.0829 5520 gusvc - ok
07:13:45.0895 5520 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
07:13:45.0978 5520 HdAudAddService - ok
07:13:46.0057 5520 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
07:13:46.0093 5520 HDAudBus - ok
07:13:46.0127 5520 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
07:13:46.0172 5520 HidBth - ok
07:13:46.0200 5520 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
07:13:46.0250 5520 HidIr - ok
07:13:46.0280 5520 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
07:13:46.0295 5520 hidserv - ok
07:13:46.0331 5520 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
07:13:46.0385 5520 HidUsb - ok
07:13:46.0424 5520 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
07:13:46.0453 5520 hkmsvc - ok
07:13:46.0494 5520 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
07:13:46.0512 5520 HpCISSs - ok
07:13:46.0569 5520 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
07:13:46.0600 5520 HSFHWAZL - ok
07:13:46.0678 5520 HSF_DPV (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys
07:13:46.0761 5520 HSF_DPV - ok
07:13:46.0818 5520 HSXHWAZL (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
07:13:46.0834 5520 HSXHWAZL - ok
07:13:46.0898 5520 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
07:13:46.0968 5520 HTTP - ok
07:13:47.0023 5520 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
07:13:47.0040 5520 i2omp - ok
07:13:47.0074 5520 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
07:13:47.0099 5520 i8042prt - ok
07:13:47.0149 5520 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\Windows\system32\DRIVERS\iaStor.sys
07:13:47.0164 5520 iaStor - ok
07:13:47.0196 5520 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
07:13:47.0214 5520 iaStorV - ok
07:13:47.0327 5520 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
07:13:47.0335 5520 IDriverT ( UnsignedFile.Multi.Generic ) - warning
07:13:47.0335 5520 IDriverT - detected UnsignedFile.Multi.Generic (1)
07:13:47.0488 5520 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
07:13:47.0541 5520 idsvc - ok
07:13:47.0547 5520 igfx - ok
07:13:47.0581 5520 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
07:13:47.0594 5520 iirsp - ok
07:13:47.0645 5520 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
|
|
| Themen zu Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein |
| anti-malware, antimalware, antworten, avira, bericht, ergebnis, forum, funktioniert, gelöscht, keine viren, laptop, log, malwarebytes, namen, neustart, nicht mehr, nicht sicher, problem, scan, speicher, spyware, system, test, trojaner, viren, virus, windows |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
