Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Polizei - Ihr Computer wurde gesperrt - Österreich

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 30.10.2012, 13:03   #1
victorynox
 
Polizei - Ihr Computer wurde gesperrt - Österreich - Standard

Polizei - Ihr Computer wurde gesperrt - Österreich



Hallo!

Mein Problem ist ähnlich wenn nicht gleich wie in diesem Thema:

der-computer-ist-fur-die-verletzung-der-gesetze-der-republik-osterreich-blockiert-worden??? (Mehrseitiges Thema 1 2 3)
defendermax
"...den Rechner hat's erwischt - bei einem user unter windows vista home kommt die meldung "der-computer-ist-fur-die-verletzung-der-gesetze-der-republik-osterreich-blockiert-worden" und dann geht gar nichts mehr. ein userwechsel mit STRG-ALT-ENTF ist allerdings möglich."

Allerdings bei mir nicht unter vista sonder windows 7.

Zurzeit läuft Malwarebytes und hat bereits einiges gefunden.

Bitte um Hilfe!
Vielen Dank!

Alt 30.10.2012, 13:05   #2
markusg
/// Malware-holic
 
Polizei - Ihr Computer wurde gesperrt - Österreich - Standard

Polizei - Ihr Computer wurde gesperrt - Österreich



hi
das nächste mal doch bitte ieinfach warten, bis alle logs vor liegen, ist doch sinnlos vorher nen thema aufzumachen und vor allem antwortest du dir dann selbst und dein thema ist markiert als, in bearbeitung und du wirst evtl. keine antwort bekommen
__________________

__________________

Alt 30.10.2012, 13:16   #3
victorynox
 
Polizei - Ihr Computer wurde gesperrt - Österreich - Standard

Polizei - Ihr Computer wurde gesperrt - Österreich



danke für deine antwort!

Leider kenn ich mich nicht wirklich mit aus... auch deine antwort versteh ich nicht wirklich!
Hab einige themen bezüglich dieses trojaners gelesen und hab mal mit Malwarebytes begonnen!

ich dachte ihr könntet mir hier mit meinem problem helfen?
__________________

Alt 30.10.2012, 13:40   #4
markusg
/// Malware-holic
 
Polizei - Ihr Computer wurde gesperrt - Österreich - Standard

Polizei - Ihr Computer wurde gesperrt - Österreich



ja, aber welchen sinn hat es, ein thema zu eröffnen, wo man sagt, ich lasse scan x laufen, dann ist das nicht beantwortet, das ist in ordnung, so, jetzt schreibst du deinen nächsten post, mit dem Malwarebytes log, dann hat das thema eine antwort, und wenn jetzt ein helfer, also ich zb, neue themen übernimmt, klickt er im forum auf, unbeantwortete beiträge, deiner taucht dort nicht mehr auf, und wenn du pech hast, musst du dadurch dann unnötig lange warten.
is aber jetzt wurscht :-)
lass Malwarebytes laufen, lösche nichts, poste erst mal nur den bericht.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 30.10.2012, 14:03   #5
victorynox
 
Polizei - Ihr Computer wurde gesperrt - Österreich - Standard

Polizei - Ihr Computer wurde gesperrt - Österreich



also nach ein bisschen verständigiungsschwierigkeiten... auch mit Malwarebytes 8)
sogenannter log wäre doch schon länger fertig gewesen...

hier das ergebnis:

Malwarebytes Anti-Malware (Test) 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.10.30.02

Windows 7 x64 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 8.0.7600.16385
neon :: NEON-VAIO [Administrator]

Schutz: Deaktiviert

30.10.2012 11:50:35
mbam-log-2012-10-30 (12-57-39).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 408298
Laufzeit: 1 Stunde(n), 5 Minute(n), 22 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 82
HKCR\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> Keine Aktion durchgeführt.
HKCR\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> Keine Aktion durchgeführt.
HKCR\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> Keine Aktion durchgeführt.
HKCR\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> Keine Aktion durchgeführt.
HKCR\CLSID\{09325003-167C-483d-A4BA-8B3122ABB432} (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{F1A1892C-2A6C-4817-98B4-FF81443CBA20} (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A} (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.HbGuru.1 (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.HbGuru (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\CLSID\{20EA9658-6BC3-4599-A87D-6371FE9295FC} (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{E343EDFC-1E6C-4cb5-AA29-E9C922641C80} (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082} (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.HbAx.1 (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.HbAx (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\CLSID\{2721A8E5-BFDB-4562-9912-9E0531CA616C} (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{5FE0CEAE-CB69-40af-A323-40F94257DACB} (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\Interface\{65A16874-2ED0-460E-A547-5FE2EC3A13A7} (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.MozillaPSExecuter.1 (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.MozillaPSExecuter (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\CLSID\{396CFC12-932D-496b-A0A8-5D7201E105E1} (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{573F4ABB-A1A2-44ed-9BA9-A8DAD40AAC46} (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\Interface\{71E02280-5212-45C3-B174-4D5A35DA254F} (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.MozillaNvgtnTrpr.1 (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.MozillaNvgtnTrpr (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\CLSID\{6DD76B7B-6423-4df0-9A07-84A6CAD973A0} (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.Dwnldr.1 (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.Dwnldr (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\CLSID\{74C22317-5B90-471f-9AD2-FEC049870A16} (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.Scopes.1 (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.Scopes (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\CLSID\{7F6CFB6A-9227-4bb8-B941-F2B067E76F51} (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.TriggerImmidiateOrRandomTS.1 (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.TriggerImmidiateOrRandomTS (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\CLSID\{AB0EE208-DF60-4fa7-A617-C4269760033E} (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.Reporter.1 (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.Reporter (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\CLSID\{E12AEAB6-7D12-4c07-8E36-5892EFB4DAFB} (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.TriggerImmidiate.1 (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.TriggerImmidiate (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\CLSID\{E2F2C137-A782-4fb5-81AF-086156F5EB0A} (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.AsyncReporter.1 (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.AsyncReporter (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\CLSID\{F1D06C9F-51F0-4476-BEDE-5DDF91BE304E} (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.ReportData.1 (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.ReportData (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\CLSID\{F3A32DF2-7413-4fb1-B575-1AC920A17B76} (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.TriggerOnceInDay.1 (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.TriggerOnceInDay (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\Typelib\{ACC62306-9A63-4864-BD2F-C8825D2D7EA6} (Adware.ClickPotato) -> Keine Aktion durchgeführt.
HKCR\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226} (Adware.ClickPotato) -> Keine Aktion durchgeführt.
HKCR\Typelib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2} (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB} (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\Typelib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF} (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4d03-A0CF-8203604C3DA6} (Adware.Hotbar) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483c-A137-731E8F113DD5} (Adware.Hotbar) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4} (PUP.BFlix) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.HbInfoBand (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.HbInfoBand.1 (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.IEButton (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.IEButton.1 (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.IEButtonA (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.IEButtonA.1 (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.RprtCtrl (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.RprtCtrl.1 (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.Stock (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShopperReports.Stock.1 (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\AppID\BRNstIE.DLL (Adware.ClickPotato) -> Keine Aktion durchgeführt.
HKCR\AppID\CmndFF.DLL (Adware.ClickPotato) -> Keine Aktion durchgeführt.
HKCR\AppID\mozillaps.dll (Adware.ClickPotato) -> Keine Aktion durchgeführt.
HKCR\AppID\Pltfrm.DLL (Adware.ClickPotato) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperReportsSA (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C8A27BFC-9262-4007-B4DD-A68D6BD4FBF0} (PUP.BFlix) -> Keine Aktion durchgeführt.
HKCR\CLSID\{C8A27BFC-9262-4007-B4DD-A68D6BD4FBF0} (PUP.BFlix) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C8A27BFC-9262-4007-B4DD-A68D6BD4FBF0} (PUP.BFlix) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C8A27BFC-9262-4007-B4DD-A68D6BD4FBF0} (PUP.BFlix) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|ShopperReports 3.1.69.0 (Adware.HotBar) -> Daten: -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|SRS_IT_E879077EB7765B5737AD95 (Malware.Trace) -> Daten: -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Mozilla\Firefox\extensions|ShopperReports@ShopperReports.com (ShopperReports) -> Daten: C:\Program Files (x86)\ShopperReports3\bin\3.1.69.0\firefox\firefoxtoolbar\extensions -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 13
C:\ProgramData\TheBflix (PUP.BFlix) -> Keine Aktion durchgeführt.
C:\ProgramData\TheBflix\data (PUP.BFlix) -> Keine Aktion durchgeführt.
C:\Users\neon\AppData\Roaming\ShopperReports3 (Adware.ShopperReports) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\ShopperReports3 (Adware.ShopperReports) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\ShopperReports3\bin (Adware.ShopperReports) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\ShopperReports3\bin\3.1.69.0 (Adware.ShopperReports) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\ShopperReports3\bin\3.1.69.0\firefox (Adware.ShopperReports) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\ShopperReports3\bin\3.1.69.0\firefox\firefoxtoolbar (Adware.ShopperReports) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\ShopperReports3\bin\3.1.69.0\firefox\firefoxtoolbar\extensions (Adware.ShopperReports) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\ShopperReports3\bin\3.1.69.0\firefox\firefoxtoolbar\extensions\chrome (Adware.ShopperReports) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\ShopperReports3\bin\3.1.69.0\firefox\firefoxtoolbar\extensions\chrome\content (Adware.ShopperReports) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\ShopperReports3\bin\3.1.69.0\firefox\firefoxtoolbar\extensions\components (Adware.ShopperReports) -> Keine Aktion durchgeführt.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports (Adware.ShopperReports) -> Keine Aktion durchgeführt.

Infizierte Dateien: 21
C:\Users\neon\AppData\Local\Temp\wgsdgsdgdsgsd.exe (Trojan.Agent) -> Keine Aktion durchgeführt.
C:\Users\neon\AppData\Local\Temp\IXP000.TMP\ADOBE_~1.EXE (Trojan.Agent.CK) -> Keine Aktion durchgeführt.
C:\ProgramData\lsass.exe (Trojan.Delf) -> Keine Aktion durchgeführt.
C:\ProgramData\TheBflix\background.html (PUP.BFlix) -> Keine Aktion durchgeführt.
C:\ProgramData\TheBflix\content.js (PUP.BFlix) -> Keine Aktion durchgeführt.
C:\ProgramData\TheBflix\ekdjfcdinekpfcedakhpngcnaamhiihn.crx (PUP.BFlix) -> Keine Aktion durchgeführt.
C:\ProgramData\TheBflix\settings.ini (PUP.BFlix) -> Keine Aktion durchgeführt.
C:\ProgramData\TheBflix\uninstall.exe (PUP.BFlix) -> Keine Aktion durchgeführt.
C:\ProgramData\TheBflix\data\content.js (PUP.BFlix) -> Keine Aktion durchgeführt.
C:\ProgramData\TheBflix\data\jsondb.js (PUP.BFlix) -> Keine Aktion durchgeführt.
C:\Users\neon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk (Trojan.Ransom.Gen) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\ShopperReports3\bin\3.1.69.0\link.ico (Adware.ShopperReports) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\ShopperReports3\bin\3.1.69.0\firefox\firefoxtoolbar\extensions\chrome.manifest (Adware.ShopperReports) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\ShopperReports3\bin\3.1.69.0\firefox\firefoxtoolbar\extensions\install.rdf (Adware.ShopperReports) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\ShopperReports3\bin\3.1.69.0\firefox\firefoxtoolbar\extensions\chrome\content\infopane.js (Adware.ShopperReports) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\ShopperReports3\bin\3.1.69.0\firefox\firefoxtoolbar\extensions\chrome\content\InfoPane.xul (Adware.ShopperReports) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\ShopperReports3\bin\3.1.69.0\firefox\firefoxtoolbar\extensions\components\BrowserExtensionFF.dll (Adware.ShopperReports) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\ShopperReports3\bin\3.1.69.0\firefox\firefoxtoolbar\extensions\components\BrowserExtensionFF.xpt (Adware.ShopperReports) -> Keine Aktion durchgeführt.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports\About Us.lnk (Adware.ShopperReports) -> Keine Aktion durchgeführt.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports\Customer Support.lnk (Adware.ShopperReports) -> Keine Aktion durchgeführt.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports\ShopperReports Uninstall Instructions.lnk (Adware.ShopperReports) -> Keine Aktion durchgeführt.

(Ende)

Hoffe ihr könnt damit etwas anfangen!?


Alt 30.10.2012, 15:20   #6
markusg
/// Malware-holic
 
Polizei - Ihr Computer wurde gesperrt - Österreich - Standard

Polizei - Ihr Computer wurde gesperrt - Österreich



ok, dann mal bitte funde löschen, und in den betroffenen account starten, das sollte klappen.
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________
--> Polizei - Ihr Computer wurde gesperrt - Österreich

Alt 30.10.2012, 16:32   #7
victorynox
 
Polizei - Ihr Computer wurde gesperrt - Österreich - Standard

Polizei - Ihr Computer wurde gesperrt - Österreich



Also hier das Ergebnis des OTL - Quickscans

OTL.txt:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 30.10.2012 16:08:20 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\neon\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 2,20 Gb Available Physical Memory | 56,99% Memory free
7,71 Gb Paging File | 5,79 Gb Available in Paging File | 75,01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,18 Gb Total Space | 312,83 Gb Free Space | 69,18% Space Free | Partition Type: NTFS
 
Computer Name: NEON-VAIO | User Name: neon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.30 16:05:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\neon\Desktop\OTL.exe
PRC - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.05.08 17:29:21 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.08 17:29:21 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.03.28 10:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.02.14 13:23:50 | 000,044,736 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCService.exe
PRC - [2011.01.29 05:36:18 | 000,081,016 | ---- | M] (Sony of America Corporation) -- C:\Programme\Sony\VAIO Care\listener.exe
PRC - [2010.06.01 02:01:56 | 000,367,456 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2010.05.31 18:18:32 | 000,217,968 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2010.05.28 21:02:57 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.05.28 21:02:38 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.03.04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2011.01.29 05:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2010.06.24 21:06:19 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.10.30 13:15:23 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.13 14:35:57 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.05.08 17:29:21 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.08 17:29:21 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.01.13 09:55:10 | 001,256,040 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent)
SRV - [2012.01.08 12:32:06 | 000,419,624 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.10.01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.07.26 03:18:04 | 001,371,104 | ---- | M] (NETGEAR) [Auto | Running] -- C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe -- (NETGEARGenieDaemon)
SRV - [2011.04.01 10:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [Disabled | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.03.28 20:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011.03.28 10:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011.02.14 13:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Care\VCService.exe -- (VCService)
SRV - [2010.10.26 09:54:17 | 000,867,080 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.09.22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.06.21 17:00:52 | 000,575,856 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV - [2010.06.20 20:47:18 | 000,108,400 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2010.06.20 20:47:16 | 000,067,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2010.06.18 06:07:12 | 000,423,280 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2010.06.17 11:44:10 | 000,851,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2010.06.09 14:57:16 | 000,101,232 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV - [2010.06.09 14:56:02 | 000,384,880 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV - [2010.06.09 14:55:00 | 000,537,456 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2010.06.08 22:55:14 | 000,952,096 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2010.06.08 16:00:04 | 000,836,608 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV - [2010.06.06 21:13:46 | 000,304,496 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV - [2010.06.01 02:01:56 | 000,367,456 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2010.05.31 18:18:32 | 000,217,968 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2010.05.28 21:02:57 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.05.28 21:02:38 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.03.04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.09.20 11:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.09.18 09:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2007.07.24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007.01.04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.09.29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.07.09 12:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.05.08 17:29:21 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.08 17:29:21 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.03.08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2011.12.04 12:43:25 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2011.10.01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011.10.01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011.10.01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011.10.01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011.09.16 16:08:07 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.03.11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.07.29 00:25:10 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ivusb.sys -- (ivusb)
DRV:64bit: - [2010.07.21 16:58:50 | 000,045,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2010.07.12 19:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010.06.24 21:34:53 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010.06.24 21:33:43 | 010,326,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010.06.24 21:06:24 | 006,107,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010.06.23 21:04:45 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.06.23 21:04:43 | 000,342,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010.06.23 21:04:43 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.06.23 21:04:43 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.06.23 21:04:09 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.06.23 21:03:07 | 000,078,848 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe)
DRV:64bit: - [2010.06.23 21:02:59 | 000,094,208 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)
DRV:64bit: - [2010.05.31 22:36:54 | 000,299,568 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2010.05.31 22:36:48 | 000,402,720 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2010.05.31 22:36:41 | 001,573,888 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.05.31 21:10:13 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2010.05.28 21:03:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010.05.28 21:02:36 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2010.04.26 21:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2010.04.19 20:29:18 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2010.03.04 03:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.12.17 23:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2009.10.10 03:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.08.09 22:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.26 13:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2008.06.27 06:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2007.04.17 10:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.telekom.at/suche
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ask.com/?l=dis&o=15095
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {66bd2442-241b-44cd-8c7a-b51037053cdb} - No CLSID value found
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
IE - HKCU\..\SearchScopes\{317F6C70-5156-416A-A39F-66DF6A060771}: "URL" = hxxp://rover.ebay.com/rover/1/5221-29898-16445-15/4?satitle={searchTerms}
IE - HKCU\..\SearchScopes\{5036187C-C3A3-4D1B-AC67-A14B2A99D546}: "URL" = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb119/?search={searchTerms}&loc=IB_DS&a=6R8oq6MFqX&i=26
IE - HKCU\..\SearchScopes\{E54B0FE8-20A0-44F1-97A6-63EB70DFD202}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=MNC&o=15092&src=crm&q={searchTerms}&locale=&apn_ptnrs=MF&apn_dtid=YYYYYYYYAT&apn_uid=79976be7-2914-4405-9810-d71e72945407&apn_sauid=55AE2106-FAA9-4CB2-8F2E-48E61539E500
IE - HKCU\..\SearchScopes\{EBF9F874-6F1D-41CF-BBFB-8D7A929C691B}: "URL" = hxxp://at.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=302398&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentBar_DE Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "Search Results"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.at"
FF - prefs.js..extensions.enabledAddons: {3e0e7d2a-070f-4a47-b019-91fe5385ba79}:3.5.9
FF - prefs.js..extensions.enabledAddons: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.68
FF - prefs.js..extensions.enabledAddons: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.5
FF - prefs.js..extensions.enabledAddons: {2b6788a0-0ccd-11e1-be50-0800200c9a66}:2.3.3
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: canitbecheaper@trafficbroker.co.uk:3.0.2
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.2.44172
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1
FF - prefs.js..extensions.enabledItems: {53A03D43-5363-4669-8190-99061B2DEBA5}:1.4.3
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.49
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: anttoolbar@ant.com:2.3.0
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.5
FF - prefs.js..extensions.enabledItems: {35379F86-8CCB-4724-AE33-4278DE266C70}:1.0.5
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.51
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..extensions.enabledItems: {3e0e7d2a-070f-4a47-b019-91fe5385ba79}:3.1.1
FF - prefs.js..extensions.enabledItems: sam@samfind.com:2.2.1
FF - prefs.js..extensions.enabledItems: {6d011910-c4fe-11df-851a-0800200c9a66}:0.921
FF - prefs.js..extensions.enabledItems: {b41cb5f0-2e52-11de-8c30-0800200c9a66}:2.1
FF - prefs.js..extensions.enabledItems: {de5809e0-2b07-11dd-bd0b-0800200c9a66}:1.2.0
FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&sr=0&q="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Users\neon\AppData\Local\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\neon\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\neon\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.01.23 12:47:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.01.23 12:47:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.03.19 18:21:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.30 13:15:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.30 13:15:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4\components [2012.05.28 16:21:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4\plugins [2012.05.28 16:21:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.03.19 18:21:41 | 000,000,000 | ---D | M]
 
[2012.10.03 17:04:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\neon\AppData\Roaming\mozilla\Extensions
[2012.10.30 11:53:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\neon\AppData\Roaming\mozilla\Firefox\Profiles\nu2paupq.default\extensions
[2011.01.22 18:44:31 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\neon\AppData\Roaming\mozilla\Firefox\Profiles\nu2paupq.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2012.10.16 20:02:36 | 000,000,000 | ---D | M] (8 Ultimo) -- C:\Users\neon\AppData\Roaming\mozilla\Firefox\Profiles\nu2paupq.default\extensions\{2b6788a0-0ccd-11e1-be50-0800200c9a66}
[2012.08.31 17:40:54 | 000,000,000 | ---D | M] (AddThis) -- C:\Users\neon\AppData\Roaming\mozilla\Firefox\Profiles\nu2paupq.default\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79}
[2012.10.30 11:53:15 | 000,000,000 | ---D | M] (FT DeepDark) -- C:\Users\neon\AppData\Roaming\mozilla\Firefox\Profiles\nu2paupq.default\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
[2012.10.03 17:04:45 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\neon\AppData\Roaming\mozilla\Firefox\Profiles\nu2paupq.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2011.03.26 09:10:41 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\neon\AppData\Roaming\mozilla\Firefox\Profiles\nu2paupq.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.01.22 19:21:12 | 000,000,000 | ---D | M] (Black Stratini) -- C:\Users\neon\AppData\Roaming\mozilla\Firefox\Profiles\nu2paupq.default\extensions\{b41cb5f0-2e52-11de-8c30-0800200c9a66}
[2011.01.22 19:20:17 | 000,000,000 | ---D | M] (Gradient iCool) -- C:\Users\neon\AppData\Roaming\mozilla\Firefox\Profiles\nu2paupq.default\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}
[2012.10.30 11:53:15 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Users\neon\AppData\Roaming\mozilla\Firefox\Profiles\nu2paupq.default\extensions\anttoolbar@ant.com
[2012.03.30 20:10:31 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Users\neon\AppData\Roaming\mozilla\Firefox\Profiles\nu2paupq.default\extensions\ffxtlbr@incredibar.com
[2012.03.30 20:10:30 | 000,000,000 | ---D | M] (TheBflix) -- C:\Users\neon\AppData\Roaming\mozilla\Firefox\Profiles\nu2paupq.default\extensions\info@bflix.info
[2012.07.10 16:55:50 | 000,000,000 | ---D | M] (samfind Bookmarks Bar) -- C:\Users\neon\AppData\Roaming\mozilla\Firefox\Profiles\nu2paupq.default\extensions\sam@samfind.com
[2012.10.05 17:42:15 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\neon\AppData\Roaming\mozilla\Firefox\Profiles\nu2paupq.default\extensions\toolbar@ask.com
[2012.08.24 19:01:00 | 000,070,902 | ---- | M] () (No name found) -- C:\Users\neon\AppData\Roaming\mozilla\firefox\profiles\nu2paupq.default\extensions\canitbecheaper@trafficbroker.co.uk.xpi
[2012.08.31 17:40:54 | 000,399,504 | ---- | M] () (No name found) -- C:\Users\neon\AppData\Roaming\mozilla\firefox\profiles\nu2paupq.default\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi
[2012.05.12 19:11:56 | 001,489,356 | ---- | M] () (No name found) -- C:\Users\neon\AppData\Roaming\mozilla\firefox\profiles\nu2paupq.default\extensions\{6d011910-c4fe-11df-851a-0800200c9a66}.xpi
[2012.01.21 09:43:52 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\neon\AppData\Roaming\mozilla\firefox\profiles\nu2paupq.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2012.09.14 14:11:02 | 000,698,867 | ---- | M] () (No name found) -- C:\Users\neon\AppData\Roaming\mozilla\firefox\profiles\nu2paupq.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2012.03.28 10:46:11 | 000,685,019 | ---- | M] () (No name found) -- C:\Users\neon\AppData\Roaming\mozilla\firefox\profiles\nu2paupq.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
[2012.10.05 17:42:14 | 000,002,323 | ---- | M] () -- C:\Users\neon\AppData\Roaming\mozilla\firefox\profiles\nu2paupq.default\searchplugins\askcom.xml
[2011.06.20 13:07:20 | 000,000,931 | ---- | M] () -- C:\Users\neon\AppData\Roaming\mozilla\firefox\profiles\nu2paupq.default\searchplugins\conduit.xml
[2012.03.30 20:10:26 | 000,002,203 | ---- | M] () -- C:\Users\neon\AppData\Roaming\mozilla\firefox\profiles\nu2paupq.default\searchplugins\MyStart Search.xml
[2012.10.03 17:04:42 | 000,002,515 | ---- | M] () -- C:\Users\neon\AppData\Roaming\mozilla\firefox\profiles\nu2paupq.default\searchplugins\Search_Results.xml
[2012.10.30 13:15:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.10.30 13:15:23 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.12.09 11:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012.06.23 14:55:07 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.14 18:40:51 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.23 14:55:07 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.23 14:55:07 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.03 17:04:42 | 000,002,515 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
[2012.06.23 14:55:07 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.23 14:55:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.searchnu.com/410
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: hxxp://www.searchnu.com/410
CHR - Extension: No name found = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.0.900_0\
CHR - Extension: No name found = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.0.900_0\
 
O1 HOSTS File: ([2012.04.05 19:10:19 | 000,002,065 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1                   practivate.adobe.newoa
O1 - Hosts: 127.0.0.1                   practivate.adobe.ntp
O1 - Hosts: 127.0.0.1                   practivate.adobe.ipp
O1 - Hosts: 127.0.0.1				ereg.adobe.com
O1 - Hosts: 127.0.0.1				ereg.wip.adobe.com
O1 - Hosts: 127.0.0.1				ereg.wip1.adobe.com
O1 - Hosts: 127.0.0.1				ereg.wip2.adobe.com
O1 - Hosts: 127.0.0.1				ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1				ereg.wip4.adobe.com
O1 - Hosts: 127.0.0.1				adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1				3dns-1.adobe.com
O1 - Hosts: 11 more lines...
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll ()
O3 - HKLM\..\Toolbar: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar_DE Toolbar) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [NETGEARGenie] C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe ()
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\neon\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\neon\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Free YouTube Download - C:\Users\neon\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\neon\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2D1D8B61-4E41-4C16-8737-B71A233A8640}: DhcpNameServer = 81.3.216.100 194.24.128.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{423D4F55-13A2-4D2E-BBDA-A1774A136043}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F3593B11-7940-4EF9-BF6F-C86A919D5698}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll) - C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\x64\datamngr.dll (Bandoo Media, inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\x64\IEBHO.dll) - C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\datamngr.dll) - C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\IEBHO.dll) - C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1ea38c0a-8597-11e1-9930-18f46aee5e83}\Shell - "" = AutoRun
O33 - MountPoints2\{1ea38c0a-8597-11e1-9930-18f46aee5e83}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{41a17b61-2899-11e0-b0a0-544249f76733}\Shell - "" = AutoRun
O33 - MountPoints2\{41a17b61-2899-11e0-b0a0-544249f76733}\Shell\AutoRun\command - "" = E:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - 
ActiveX:64bit: >{DC97B3CB-9D9A-4A30-A0B8-F53B13D6D088} - RunDLL32 IEDKCS32.DLL,BrandIE4 CUSTOM
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker 2.6
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
 
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: AdobeAAMUpdater-1.0 - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: AdobeCS5.5ServiceManager - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: ApnUpdater - hkey= - key= - C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
MsConfig:64bit - StartUpReg: Apoint - hkey= - key= - C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
MsConfig:64bit - StartUpReg: AppleSyncNotifier - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: DivX Download Manager - hkey= - key= - C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MsConfig:64bit - StartUpReg: Google Update - hkey= - key= - C:\Users\neon\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig:64bit - StartUpReg: GrooveMonitor - hkey= - key= - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: MobileDocuments - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: Norton Online Backup - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: Optimizer Pro - hkey= - key= - C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe (PC Utilities Pro)
MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: SearchSettings - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: Steam - hkey= - key= - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
MsConfig:64bit - StartUpReg: SwitchBoard - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: uTorrent - hkey= - key= - C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
MsConfig:64bit - StartUpReg: VirtualCloneDrive - hkey= - key= - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
MsConfig:64bit - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
MsConfig:64bit - State: "services" - Reg Error: Key error.
MsConfig:64bit - State: "startup" - Reg Error: Key error.
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.30 16:05:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\neon\Desktop\OTL.exe
[2012.10.30 13:15:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.10.30 11:49:33 | 000,000,000 | ---D | C] -- C:\Users\neon\AppData\Roaming\Malwarebytes
[2012.10.30 11:49:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.30 11:49:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.10.30 11:49:30 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.10.30 11:49:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.10.13 14:36:55 | 000,000,000 | ---D | C] -- C:\Users\neon\AppData\Local\Macromedia
[2012.10.13 14:35:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.10.05 17:42:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2012.10.05 17:42:04 | 000,000,000 | ---D | C] -- C:\Users\neon\AppData\Local\APN
[2012.10.05 17:41:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free M4a to MP3 Converter
[2012.10.05 17:41:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free M4a to MP3 Converter
[2012.10.03 17:04:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Searchqu Toolbar
[2012.10.03 17:04:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Audio Pack
[2012.10.03 17:04:42 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012.10.03 17:04:41 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudFile.dll
[2012.10.03 17:04:41 | 001,212,416 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudioInfos.dll
[2012.10.03 17:04:41 | 000,479,232 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudioVisu.dll
[2012.10.03 17:04:41 | 000,458,752 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudPlayer.dll
[2012.10.03 17:04:41 | 000,454,656 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudioRecord.dll
[2012.10.03 17:04:41 | 000,417,792 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudDisplay.dll
[2012.10.03 17:04:41 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\WMAFile.dll
[2012.10.03 17:04:40 | 002,084,864 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudDesign.dll
[2012.10.03 17:04:40 | 000,000,000 | ---D | C] -- C:\Users\neon\AppData\Roaming\FreeAudioPack
[2012.10.03 17:04:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free mp3 Wma Converter
[6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.30 16:12:10 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.30 16:12:10 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.30 16:07:39 | 001,508,682 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.10.30 16:07:39 | 000,658,120 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.10.30 16:07:39 | 000,619,356 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.10.30 16:07:39 | 000,131,202 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.10.30 16:07:39 | 000,107,418 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.10.30 16:05:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\neon\Desktop\OTL.exe
[2012.10.30 16:02:18 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.30 16:01:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.30 16:01:06 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.30 12:23:41 | 001,527,572 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.10.30 11:49:31 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.30 11:42:09 | 083,023,306 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012.10.30 11:00:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.30 10:56:10 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1782537640-528498122-1240110950-1000UA.job
[2012.10.30 10:51:50 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.21 16:56:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1782537640-528498122-1240110950-1000Core.job
[6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.10.30 11:49:31 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.22 21:19:59 | 083,023,306 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012.10.13 14:35:57 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.03 17:04:41 | 000,116,296 | ---- | C] () -- C:\Windows\SysWow64\NCTWMAProfiles.prx
[2012.10.03 17:04:40 | 000,484,352 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2012.02.12 20:10:50 | 000,004,608 | ---- | C] () -- C:\Users\neon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.09.20 14:47:20 | 000,000,000 | ---- | C] () -- C:\Users\neon\AppData\Local\{5B3A9368-D10C-44CF-BD0B-5A012924CAD8}
[2011.08.19 13:21:43 | 000,164,864 | ---- | C] () -- C:\Windows\SysWow64\UNWISE.EXE
[2011.08.19 13:21:43 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\hlduinst.exe
[2011.03.19 18:16:12 | 000,245,227 | ---- | C] () -- C:\Windows\hpoins19.dat
[2011.03.19 18:16:12 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2011.02.27 20:00:15 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2011.02.27 17:43:26 | 001,527,572 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.02.01 18:35:07 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.01.04 10:59:19 | 014,164,480 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.01.04 10:03:45 | 012,868,096 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2011.05.03 16:12:49 | 000,000,000 | ---D | M] -- C:\Users\neon\AppData\Roaming\Auslogics
[2012.02.19 15:43:04 | 000,000,000 | ---D | M] -- C:\Users\neon\AppData\Roaming\Canneverbe Limited
[2012.02.16 17:34:07 | 000,000,000 | ---D | M] -- C:\Users\neon\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.02.12 20:50:42 | 000,000,000 | ---D | M] -- C:\Users\neon\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011.01.25 19:05:45 | 000,000,000 | ---D | M] -- C:\Users\neon\AppData\Roaming\DAEMON Tools Lite
[2012.03.09 18:07:52 | 000,000,000 | ---D | M] -- C:\Users\neon\AppData\Roaming\DVDVideoSoft
[2012.03.09 18:07:34 | 000,000,000 | ---D | M] -- C:\Users\neon\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.10.03 17:04:48 | 000,000,000 | ---D | M] -- C:\Users\neon\AppData\Roaming\FreeAudioPack
[2011.03.05 19:46:48 | 000,000,000 | ---D | M] -- C:\Users\neon\AppData\Roaming\GrabPro
[2011.01.23 12:47:24 | 000,000,000 | ---D | M] -- C:\Users\neon\AppData\Roaming\Local
[2011.05.13 15:46:59 | 000,000,000 | ---D | M] -- C:\Users\neon\AppData\Roaming\mquadr.at
[2011.08.04 18:07:20 | 000,000,000 | ---D | M] -- C:\Users\neon\AppData\Roaming\NCH Swift Sound
[2012.03.31 18:23:59 | 000,000,000 | ---D | M] -- C:\Users\neon\AppData\Roaming\No Company Name
[2011.04.01 17:41:46 | 000,000,000 | ---D | M] -- C:\Users\neon\AppData\Roaming\OpenCandy
[2012.03.30 20:10:58 | 000,000,000 | ---D | M] -- C:\Users\neon\AppData\Roaming\Optimizer Pro
[2011.03.30 08:41:10 | 000,000,000 | ---D | M] -- C:\Users\neon\AppData\Roaming\Orbit
[2011.03.05 19:46:54 | 000,000,000 | ---D | M] -- C:\Users\neon\AppData\Roaming\ProgSense
[2011.02.27 19:59:52 | 000,000,000 | ---D | M] -- C:\Users\neon\AppData\Roaming\SoftGrid Client
[2012.04.06 19:38:40 | 000,000,000 | ---D | M] -- C:\Users\neon\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.02.27 17:44:22 | 000,000,000 | ---D | M] -- C:\Users\neon\AppData\Roaming\TP
[2012.10.30 11:41:14 | 000,000,000 | ---D | M] -- C:\Users\neon\AppData\Roaming\uTorrent
[2011.10.02 18:08:35 | 000,000,000 | ---D | M] -- C:\Users\neon\AppData\Roaming\XBMC
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.09.29 08:30:33 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.01.22 15:32:50 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.03.27 22:54:38 | 000,000,000 | ---D | M] -- C:\downloads
[2012.08.12 10:40:47 | 000,000,000 | ---D | M] -- C:\Festplatte
[2011.02.27 17:50:02 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2011.12.10 10:47:43 | 000,000,000 | ---D | M] -- C:\Netgear
[2011.01.23 12:24:13 | 000,000,000 | ---D | M] -- C:\Neuer Ordner
[2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.09.29 07:40:47 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.10.30 15:56:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)
[2012.10.30 14:20:13 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.01.22 15:32:51 | 000,000,000 | -HSD | M] -- C:\Programme
[2010.10.26 10:16:23 | 000,000,000 | -H-D | M] -- C:\SPLASH.000
[2010.10.26 10:16:10 | 000,000,000 | -H-D | M] -- C:\SPLASH.SYS
[2012.10.30 16:10:20 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.04.05 18:45:09 | 000,000,000 | ---D | M] -- C:\temp
[2012.04.01 20:03:50 | 000,000,000 | ---D | M] -- C:\Update
[2011.01.23 13:01:08 | 000,000,000 | R--D | M] -- C:\Users
[2012.10.22 21:26:56 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2009.07.14 02:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 02:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 02:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 02:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2009.07.14 02:14:11 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[6 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.10.26 10:03:53 | 000,001,120 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2010.10.26 10:03:53 | 000,001,124 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2011.04.08 18:33:30 | 000,001,064 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1782537640-528498122-1240110950-1000Core.job
[2011.04.08 18:33:31 | 000,001,116 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1782537640-528498122-1240110950-1000UA.job
[2012.10.13 14:35:57 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
 
< MD5 for: AGP440.SYS  >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2010.03.04 03:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\drivers\iaStor.sys
[2010.03.04 03:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_78ebae21a80aa2b4\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0033117673c16921\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\SysNative\user32.dll
[2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll
[2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012.09.29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
[6 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
 
< %USERPROFILE%\*.* >
[2012.03.29 14:14:36 | 000,002,253 | ---- | M] () -- C:\Users\neon\mixdtv_log.txt
[2012.10.30 16:16:14 | 003,145,728 | -HS- | M] () -- C:\Users\neon\NTUSER.DAT
[2012.10.30 16:16:14 | 000,262,144 | -HS- | M] () -- C:\Users\neon\ntuser.dat.LOG1
[2011.01.22 15:33:13 | 000,000,000 | -HS- | M] () -- C:\Users\neon\ntuser.dat.LOG2
[2011.01.22 21:22:16 | 000,065,536 | -HS- | M] () -- C:\Users\neon\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2011.01.22 21:22:16 | 000,524,288 | -HS- | M] () -- C:\Users\neon\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2011.01.22 21:22:16 | 000,524,288 | -HS- | M] () -- C:\Users\neon\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2011.01.22 15:33:13 | 000,000,020 | -HS- | M] () -- C:\Users\neon\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

< End of report >
         
--- --- ---

Alt 30.10.2012, 16:34   #8
victorynox
 
Polizei - Ihr Computer wurde gesperrt - Österreich - Standard

Polizei - Ihr Computer wurde gesperrt - Österreich



und EXTRA.txt:OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 30.10.2012 16:08:20 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\neon\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 2,20 Gb Available Physical Memory | 56,99% Memory free
7,71 Gb Paging File | 5,79 Gb Available in Paging File | 75,01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,18 Gb Total Space | 312,83 Gb Free Space | 69,18% Space Free | Partition Type: NTFS
 
Computer Name: NEON-VAIO | User Name: neon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10FA064E-ECBF-47A5-9FDA-636426CF3020}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{11D36384-3C55-4F39-8C72-E2D19EA1340B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{14AC0085-4995-4B48-A409-11FC43AA9E58}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{1736B55F-0BEF-4E0F-92FA-A5E796E6237F}" = lport=3390 | protocol=6 | dir=in | app=system | 
"{1D3A4F1A-F095-4567-AE3D-608CB8708540}" = lport=1723 | protocol=6 | dir=in | app=system | 
"{22A2195F-BF31-4BEC-A349-945DA6B23D1E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{242FE453-52AA-420B-97CD-09F83E410907}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{252C522B-1798-4E7F-9A19-7071FC2C32BE}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | 
"{2861CA4A-12EC-4FCA-8D77-D41704DE0169}" = rport=445 | protocol=6 | dir=out | app=system | 
"{29EDBCD2-10E2-4B3F-880E-801F8ABCCFD4}" = lport=137 | protocol=17 | dir=in | app=system | 
"{2E1F92A2-D425-49F0-A328-C9B37E88B725}" = rport=5358 | protocol=6 | dir=out | app=system | 
"{31969B07-D709-4A5C-8D39-DB46487E0532}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{34EE87AF-48C4-4AA2-93E2-C50CE29D21E5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{3A4B9C7A-F5A3-40B1-A242-9C76C981A988}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{3BCCE3B4-CFBB-4777-AAF4-5634884A3D7B}" = lport=5358 | protocol=6 | dir=in | app=system | 
"{40DBC23E-986C-4AE0-A8E8-09690BEBE7F6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{41830BF7-81F0-453C-9A3B-61EA5F1EEF90}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe | 
"{4ED14748-EE8C-4704-8119-85BABB9849A3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{562CF13C-EB53-48FE-BBEA-37A00FF5078F}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{588A140F-0FE3-4A06-BF8F-38829BA4BC7D}" = rport=137 | protocol=17 | dir=out | app=system | 
"{5D3DF021-7CF1-49D4-BF7A-E1716EF2B540}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{5E71EE7E-03B8-4AE1-A657-8E355F3643AC}" = lport=445 | protocol=6 | dir=in | app=system | 
"{62574E05-1794-47DC-8DE3-97D552E13DC8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{791E6D46-4086-46AC-AF7A-13EEB0F96C63}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{7D2FF90F-5227-454F-87D6-35F059141DBE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{7E579A32-34EE-43FD-93B9-8AD4DC3065E9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{80D60189-F4BC-4F95-847B-300C8FEDBE09}" = rport=139 | protocol=6 | dir=out | app=system | 
"{82A2096E-EE5E-43DE-9BCC-8B0A848323E4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{847B3CEF-BD6F-4DFC-8C6B-239811CB5A19}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe | 
"{865C5AE5-CEDC-4BDA-83F9-D5AD81B8118E}" = rport=1701 | protocol=17 | dir=out | app=system | 
"{94FD8B95-E03B-40B1-B66A-2971FA7F19FE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{95B9D2E1-A1DB-4A02-B80A-159BFE896967}" = rport=1723 | protocol=6 | dir=out | app=system | 
"{982EA245-17E3-4310-84CA-F3F2BCA76BC7}" = rport=5357 | protocol=6 | dir=out | app=system | 
"{9B618BFB-BFB3-4FEB-9484-3773E4CE772E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{9DE99484-1093-4C57-9E51-108DF70DBB5D}" = lport=1701 | protocol=17 | dir=in | app=system | 
"{9E69A6AC-4326-4D62-BBE9-D3E4762C9CC2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A32CA4C5-EED2-4B88-B9EC-657805C5BD86}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{A8833E2C-BD7D-43E7-A106-F60EB897779A}" = lport=138 | protocol=17 | dir=in | app=system | 
"{AA1312CF-9B33-46CC-8104-60442C9066E5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{AA777EA4-8EC5-421D-A7DA-62FDB4DE9FBF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{ADC50881-A948-419A-8B9F-5B882E377FCC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{B0E2F6D8-2079-4959-97AC-8795489A522F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{B265602D-EB43-4EB6-AF41-B9F3FA29D700}" = lport=5357 | protocol=6 | dir=in | app=system | 
"{B4A5897A-D4E8-4A6E-84CA-A474957AA63F}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{B6A84704-3F15-4DCB-BDC8-9CAFC3A921B9}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{BDDD4812-404C-46E5-9849-98AEFF6EB62C}" = lport=139 | protocol=6 | dir=in | app=system | 
"{E1DB861E-EFCE-47FD-8EDA-8FB1738E3313}" = lport=10244 | protocol=6 | dir=in | app=system | 
"{E23E1F5E-871A-46D6-84EF-5D4FC1474CD5}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{EDA2653F-B838-42C4-A097-CE31CAF62316}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{FAC96F24-3759-47C8-ABD9-7525B68D4DC8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | 
"{FB7A21C0-97E9-408C-A33E-66220F54038F}" = rport=138 | protocol=17 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10CE9E5A-AA31-4142-A68B-D26E3CC3389B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | 
"{13C2A625-8E05-4033-8B65-28207537F1F4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{19590B7A-8C5E-4C01-A4EA-F0D357DC3127}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
"{1C51F0DA-BEA3-4D8F-AD7C-6A7F03412A13}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{1F4FEA6D-D5CB-41A7-81BB-B86CB39A8AAC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{2000AD07-E72B-4FF7-8E3E-0019ABEB018D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{265AADB9-EB97-48D9-84AD-D9AEC47DEDA8}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{2A580837-5156-4A3F-88A1-0B454BB07346}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{2C61645F-B4F8-4421-81FA-9B820C5B8292}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe | 
"{2DDFF62E-798B-4C31-96CA-A054DA05474C}" = protocol=17 | dir=in | app=c:\program files (x86)\a1 telekom austria\breitband-internet-installation\fixnet installer\installer.exe | 
"{2F371750-0CB1-476B-B61A-DFC7F223E3F4}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{355C5DB5-EC6A-4C56-A054-BEC46E9A549B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{3567A57C-D272-4527-BAEA-C6F9A5F7BCD6}" = protocol=6 | dir=out | app=system | 
"{3637D0CC-9826-4FC6-9BF4-55513F8B880E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe | 
"{3696191F-85CE-4702-953D-F7E99E6238E8}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{38119E3D-E391-4BB2-B8F4-89EC91C7CF10}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{3B0BBB94-DE52-4E91-AE4F-8AB01264569F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{3B6AC2A7-B436-451E-9089-6FEE59D243DD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe | 
"{3BEB9C3C-E6B0-4E21-B693-8BD31218B83B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | 
"{3C7CEE9C-EC43-4524-982B-D1FD4AA90D9F}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
"{3D42A358-B1AD-46A1-8FD8-CAC47D8A79CE}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{402187DA-1932-4CEB-B4D1-002E8A841D16}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{41568DFC-1721-49C5-B2C3-98E0C416C7AF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | 
"{42BB05C6-EBB1-4CA9-AC96-BE0E464F03AE}" = protocol=17 | dir=in | app=c:\program files (x86)\a1 telekom austria\breitband-internet-installation\fixnet installer\installer.exe | 
"{44EE67B4-ADD6-4520-ADE2-FF174094BB95}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | 
"{4A820F99-3C51-4429-B4CE-E5E9E2A808BA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{4C8DAC15-E5F0-4D64-A48E-5275F89F01AD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{4E149DDB-6265-40C3-AA9A-2C1B5AD0E1FC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | 
"{4FE8057C-BA19-49C6-957F-8D15783DC323}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe | 
"{51DA1AD9-0352-49F3-9230-993FE99811DD}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{57795805-BCB7-4620-99A5-310B30355AE7}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | 
"{5B723150-9A86-4527-B2A6-D1D9D1962BAA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | 
"{63485711-C182-4F39-9DE0-1C0936B5972E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{662FF148-8CF8-42BA-9BA6-EE190F7E8555}" = protocol=6 | dir=in | app=c:\programdata\tversity\media server\mediaserver.exe | 
"{6A21B113-950E-4E61-AC32-BEC764AF7765}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{6AB2A256-EBA3-4555-BD45-5F18D4BBE258}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | 
"{6C9BDDD2-055C-45D3-B519-5649D65BC3C4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{6F2BC4F9-BC1E-44BD-BF8E-043FFA11DC1B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{75128DFD-4E24-4A18-B9C1-A489C6245CDD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{828FC8EE-714D-48D6-8705-F6234C394619}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe | 
"{83E94846-15DA-4E4F-A50E-D4AE602C7A5C}" = protocol=47 | dir=out | app=system | 
"{87B7C78D-1CD0-4B1F-829C-7B8C088C03F0}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{87D4DF27-F795-44B5-88D4-8BD76BC65323}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | 
"{8921A828-0A78-485E-907B-6E3D0296580B}" = protocol=6 | dir=in | app=c:\program files (x86)\windows searchqu toolbar\datamngr\toolbar\dtuser.exe | 
"{8A81BD66-F7DF-4669-A97C-63CDB4455A29}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe | 
"{8B12D219-C999-4E3E-AC6F-B042E2CF3F3F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{8DCBCC1E-C772-466C-9C8C-D6950D526678}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
"{92E7F1E6-F2BC-439C-961C-D1DA8E2DFEA8}" = protocol=6 | dir=in | app=c:\program files (x86)\ps3 media server\pms.exe | 
"{94A13993-A1AE-4414-8B33-D5B985EB3A96}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{9763C328-1D93-44A5-B0B3-23F0A8348103}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{9945F983-FF11-4A12-9A0C-755012753247}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{9C98C0C4-EFD8-4747-95B0-CAFE287B074E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{9D695CFE-CCCE-49E7-80BC-58824F1F29A5}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{A2001EA4-4759-4C04-AE5C-ABD813F50589}" = protocol=47 | dir=in | app=system | 
"{A3295243-13FA-4AE5-927C-B50455405A58}" = protocol=17 | dir=in | app=c:\program files (x86)\ps3 media server\pms.exe | 
"{A48B1E6E-CA2B-4890-BDF4-B48CE1DC1ABE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{A51C23F7-589A-43E4-80F1-D690859FA394}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe | 
"{A5784BD9-DC17-45EE-9CB8-5DBEBD507D8E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{A65A2C0C-1605-4874-9253-EDB3A4A2B5F2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe | 
"{A702D968-BCDC-44FD-A982-A52556276013}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe | 
"{A8CE80B3-3C7A-4298-9265-09EE6375D826}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{B20AF7FE-606F-4A46-8B75-49BD6BEA2A5B}" = protocol=6 | dir=in | app=c:\program files (x86)\a1 telekom austria\breitband-internet-installation\fixnet installer\installer.exe | 
"{B3AD1394-825A-40A0-8DD3-920EE39FF62A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{B41E69FA-93A0-47DE-A3E9-7A01B140B245}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{B6E27F9B-76FC-4CDF-B13A-13C70B00AD27}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{B87C2F6C-F3A7-44FD-A58D-338AF6037632}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe | 
"{B8E8F303-1141-4A4F-9FFF-BB6F60BE2E6E}" = protocol=17 | dir=in | app=c:\program files (x86)\windows searchqu toolbar\datamngr\toolbar\dtuser.exe | 
"{BBCCA2DF-B120-44BE-815C-05E1CAD52BB9}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | 
"{BFFDE0E6-4287-4429-9BA6-0DF40809BCB8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe | 
"{C2DE056C-90A3-416C-B92B-5124F4A5A9AA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{C652C0DC-BBD3-4312-8B06-CDE569146E6A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{D17B9E56-797D-437F-988B-5C0F6103DEB5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{D27EE5B8-342F-48D2-BCAF-DC9B3E330CE3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | 
"{D3BA425B-DD6A-4EB4-A1CC-F0AB54C9664D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe | 
"{DCA5D48E-2482-4860-8720-3A53CC1F6086}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{DE364A32-6332-4696-92CB-69D717CD682D}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe | 
"{DF1658AB-A398-4A1B-8678-F742A2A78313}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe | 
"{E46CC4FD-D5DE-4EFF-8965-2F95F99AAAC1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | 
"{EB40A436-3E0B-452B-A6F6-FBFEC5C5509A}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{EB9D1040-7922-49A2-BB23-122116724EA1}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{F2D0CF4C-463A-4EAA-8F57-B5D4D5D18CB4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{F31A4176-6545-493C-A159-9C245BDE6903}" = protocol=17 | dir=in | app=c:\programdata\tversity\media server\mediaserver.exe | 
"{F4835811-94DE-4F83-BADF-1D39840FCA60}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe | 
"{F552560A-0CC4-4AF0-B15B-980E23137477}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | 
"{F5A2D9FF-1754-4E3F-B249-131EE3019F8A}" = protocol=6 | dir=in | app=c:\program files (x86)\a1 telekom austria\breitband-internet-installation\fixnet installer\installer.exe | 
"{FA54830D-41CE-49CD-B46A-74E624D5AE9B}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe | 
"{FFBECDCD-59FB-4FD7-A434-5B1D55694684}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"TCP Query User{0B4C3235-8227-40C2-8595-33F4F2F26387}C:\program files (x86)\netgear genie\bin\netgeargenie.exe" = protocol=6 | dir=in | app=c:\program files (x86)\netgear genie\bin\netgeargenie.exe | 
"TCP Query User{3678C2F1-514A-41C6-ADF3-8DD32C65FAA9}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
"TCP Query User{3C71C757-AEB1-452D-9C28-1C9BF7813E8A}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"TCP Query User{5427BFE1-2426-4202-83C6-F677312963CB}C:\program files (x86)\netgear genie\bin\netgeargenie.exe" = protocol=6 | dir=in | app=c:\program files (x86)\netgear genie\bin\netgeargenie.exe | 
"TCP Query User{818200E0-596B-4D1D-9AB7-8847010D60E8}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | 
"TCP Query User{B40B282B-FF7E-4167-896F-9389E29BE964}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | 
"TCP Query User{CD2C4DAE-0128-44F3-9F97-10159CE29801}C:\users\neon\appdata\local\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\users\neon\appdata\local\google\google earth\plugin\geplugin.exe | 
"TCP Query User{FFF3695D-BB73-4436-A28E-113D06760235}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"UDP Query User{0958560A-AA0D-492A-B7CF-D53D33A0B789}C:\program files (x86)\netgear genie\bin\netgeargenie.exe" = protocol=17 | dir=in | app=c:\program files (x86)\netgear genie\bin\netgeargenie.exe | 
"UDP Query User{0F94CB48-6076-4F36-B4E9-39E00B250BB4}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | 
"UDP Query User{23CB8C38-5F0F-482B-9F06-6E13B00B51A2}C:\program files (x86)\netgear genie\bin\netgeargenie.exe" = protocol=17 | dir=in | app=c:\program files (x86)\netgear genie\bin\netgeargenie.exe | 
"UDP Query User{4EC9B221-48CE-4E6D-AA46-93957CD7D2B5}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | 
"UDP Query User{88793501-B54E-4976-B7D1-8296C11025ED}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"UDP Query User{B7E993BE-45CF-4150-84D2-BED0A541CE0B}C:\users\neon\appdata\local\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\users\neon\appdata\local\google\google earth\plugin\geplugin.exe | 
"UDP Query User{B90E4567-7157-4F54-8B77-595C941268CB}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
"UDP Query User{EA538E90-A55F-4F80-A9B8-11AC07F885DE}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{10E14C74-0638-4996-ABAD-BBF7A6CF1FAA}" = PMB VAIO Edition plug-in (Click to Disc)
"{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery
"{11D25EF7-85FC-4B58-8278-485939C8637F}" = VAIO Update Merge Module x64
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E37FC84-799E-481B-9462-3489861E36C9}" = PMB VAIO Edition plug-in (Click to Disc)
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{202B76AB-1B21-434E-A289-788D767D3A7C}" = Media Gallery
"{2128559D-BBCD-4744-87F0-7C0CD5CFB464}" = Windows Live Family Safety
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java(TM) 6 Update 20 (64-bit)
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{46261E1C-5E0D-484E-8CCC-7F770375FBA2}" = VU5x64
"{4BC310C4-B898-46E2-B5FB-B85A30AA7142}" = iCloud
"{4DABD2B3-B67A-41B0-86FE-C11AAF5D158A}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{563F041C-DFDB-437B-A1E8-E141E0906076}" = Microsoft IntelliPoint 8.0
"{5AC18E2C-7EAB-4F9E-BEEC-07FD722B28E3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{5AFD1F5C-8FDA-413C-AF38-F1E7BD10D72F}" = VAIO Media plus
"{687C26DE-9A70-B256-170A-717DFA8B360E}" = ATI Catalyst Install Manager
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{7C3AC18F-F19B-4082-8D13-7D603848E06C}" = VAIO Update Merge Module x64
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A3D964A6-411A-4817-9D58-5CB8808F494E}" = VAIO Media plus
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AF5020D9-116A-46AC-A922-087592F37EC9}" = MobileMe Control Panel
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E0156F98-8990-09B0-FCEC-1914C3281283}" = ccc-utility64
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E743BA71-5955-420B-AA52-67508054AD66}" = VAIO Update Merge Module x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Shop for HP Supplies" = Shop for HP Supplies
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00B03993-F5A1-47B1-9C54-EC8FBDDDE17E}" = VAIO Care
"{01BA7349-0270-8D01-279E-0960D158B9B0}" = Catalyst Control Center Graphics Full Existing
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07441A52-E208-478A-92B7-5C337CA8C131}" = Remote Play mit PlayStation®3
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09BF3083-B76F-B5A0-2446-CDCA707F5918}" = CCC Help Russian
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0F73537E-25F5-81B7-7CD8-517083B1F48D}" = CCC Help Chinese Traditional
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{16E107BF-24A3-28A5-91C9-556A0AA4875D}" = CCC Help Italian
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{177AF091-7854-4615-8327-AC7518F62782}" = VAIO Media plus
"{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1ED31028-6D65-4CFD-AD03-8E484A052FE7}" = aonUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20536917-E2DF-45D9-B41F-9AC0CAFFE48A}" = Media Gallery
"{2105804E-14A1-1B5C-DF13-FB04C4059972}" = CCC Help Thai
"{23CFDAC8-5CCE-1A02-581A-753B0A6BEEE1}" = CCC Help Spanish
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{275EA703-F9BD-0F41-F004-DB89011ED5A7}" = CCC Help Dutch
"{2B72AF5B-EC2D-25BD-2A38-5F3C0A727DA8}" = CCC Help Greek
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2F9D63BE-A891-4E39-AFB3-7402D486800C}" = VAIO Hardware Diagnostics
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B887224-2336-0699-917A-B38B5B99A254}" = CCC Help French
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3DB5EA77-4A14-4EC9-8BFC-73BC848BDE73}" = Media Gallery
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{449CE12D-E2C7-4B97-B19E-55D163EA9435}" = Bing Bar
"{4685A344-6718-4923-AA9D-158A0A2E1CFB}" = SmartSound Quicktracks for Premiere Elements 8.0
"{4767A89A-F6A5-41B1-903C-734483739882}" = Highspeed-Internet-Installation
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4B407A54-6CF2-42B5-B419-E900B2E36972}" = 1500
"{4B9DA746-5AE1-4BA0-9087-BDB162242890}" = VAIO Media plus
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4F527211-4FDF-76EA-61A5-91EE3161980B}" = Catalyst Control Center Core Implementation
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{52F9CDDA-26F6-4499-90E0-6DDDE6D2259C}" = VAIO Media plus
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data
"{5A92468F-3ED8-4F96-A9E1-4F176C80EC29}" = VAIO Quick Web Access
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{5D279843-4635-85CA-9201-3BD9E179E749}" = CCC Help Chinese Standard
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65B138AE-F636-4D4C-BA5D-A06E21E47C53}" = Remote-Tastatur mit PlayStation 3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}" = VoiceOver Kit
"{6B4E92B0-6691-E4A1-A86B-6600BD6972D4}" = CCC Help Turkish
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{70991E0A-1108-437E-BA7D-085702C670C0}" = 
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{734B6C6C-4740-476F-BB0C-F7AF469EDBB2}" = Remote Play with PlayStation 3
"{74B81E20-730A-F440-FB01-C7B3716CB80A}" = Catalyst Control Center Graphics Previews Common
"{77F38281-1BAC-80B3-D99E-AE11CE3A0924}" = Catalyst Control Center Graphics Full New
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{7D793D3E-C37E-4C1D-4ACF-D05878F5D480}" = CCC Help Japanese
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7FC454AE-6857-215B-33FF-D50835C32EF9}" = CCC Help Danish
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = 
"{8211C280-5B02-4E7E-B55F-845A207249BA}" = VAIO Data Restore Tool
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" = 
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" = 
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8F2DAC3B-E040-1B90-D882-EEF8033AA0A5}" = Catalyst Control Center Graphics Previews Vista
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{919FBC0E-93A3-445A-2055-BCB23AED1641}" = Catalyst Control Center Localization All
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{969E11AA-8F3A-F162-1A5A-0965E216B6CE}" = Adobe Download Assistant
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A20548C1-4B08-C41D-A3A8-FE8C933C2A00}" = Catalyst Control Center InstallProxy
"{A2101ACC-DC36-42AA-A576-6FD6A8D466DA}" = 1500_Help
"{A4C6B32D-5088-40AF-B74D-CDABEF144F04}" = 1500Trb
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = 
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.0 - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B19E486A-59E8-5585-CB2F-4DCB1B230368}" = CCC Help Czech
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B941F34C-F36A-4A6F-A97C-50B5948E451F}" = VAIO Media plus
"{B945DDC0-3213-4850-8B20-F2DA67FDFE9E}" = CCC Help Norwegian
"{BA1CA03B-8F13-12C6-BCE6-46C422B357AE}" = CCC Help German
"{BBF0B71F-F8F3-70FD-B558-7835894F40A5}" = CCC Help Portuguese
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE06114F-559D-11E0-B5A1-001D0926B1BF}" = Google Earth
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = 
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFB66DB0-00AC-4CBC-B99D-99EFEB03743C}" = PMB VAIO Edition plug-in (Click to Disc)
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4CE65B8-23C1-A51B-6739-AE6686DD6C6D}" = CCC Help Korean
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D7F08B1C-A956-3A0A-E891-83173A2F73BA}" = Catalyst Control Center Graphics Light
"{D8FF4505-5977-4116-8DE4-2AF7174E70AC}" = Media Gallery
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D9D30D77-E0E2-6B2F-3C7B-0D8C9A82C8DB}" = CCC Help English
"{DBE88A57-BD7B-E315-C07D-D203E514BB58}" = CCC Help Finnish
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DD256151-9EAC-9D83-8D60-A475F092CF03}" = CCC Help Hungarian
"{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = VAIO - Media Gallery
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F572C0E3-90D1-CC46-C163-4C4E50D3C220}" = ccc-core-static
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F93A233E-59A6-CBD2-68D3-4446D710EDA5}" = CCC Help Polish
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB33CE0D-D26D-86C3-9BD5-F58631EAE3C2}" = CCC Help Swedish
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" = 
"{FBB4411F-1328-4E36-A5B3-16AA8CFA8F9C}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Allplan 2004" = Nemetschek Allplan 2004
"aonUpdate" = aonUpdate
"Avira AntiVir Desktop" = Avira Free Antivirus
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"conduitEngine" = Conduit Engine
"DivX Setup.divx.com" = DivX-Setup
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ExpressBurn" = Express Burn CD DVD Blu-Ray Brenner
"ExpressRip" = Express Rip
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 7.0
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 2.2
"Free YouTube Download_is1" = Free YouTube Download version 3.0.22.221
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"Google Chrome" = Google Chrome
"Hardlock Device Driver" = Hardlock Device Driver
"Highspeed-Internet-Installation" = Highspeed-Internet-Installation
"incredibar" = Incredibar Toolbar  on IE
"InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer)
"InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}" = SmartSound Quicktracks for Premiere Elements 8.0
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = VAIO - PMB VAIO Edition plug-in (Click to Disc)
"InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = VAIO - PMB VAIO Edition Guide
"InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO - PMB VAIO Edition plug-in (VAIO Movie Story)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"mixdtv" = mixdtv
"MixPad" = MixPad Audiodatei-Mixer
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"Mozilla Firefox 4.0 (x86 de)" = Mozilla Firefox 4.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NETGEAR Genie" = NETGEAR Genie
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Optimizer Pro_is1" = Optimizer Pro v3.0
"Orbit_is1" = Orbit Downloader
"Searchqu Toolbar" = Windows Searchqu Toolbar
"splashtop" = VAIO Quick Web Access
"Steam App 440" = Team Fortress 2
"Switch" = Switch Audiodatei-Konverter
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"uTorrentBar_DE Toolbar" = uTorrentBar_DE Toolbar
"VAIO Help and Support" = 
"VAIO screensaver" = VAIO screensaver
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.5
"WavePad" = WavePad Audiobearbeitungs-Software
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"Winamp Detect" = Winamp Erkennungs-Plug-in
"XBMC" = XBMC
 
========== Last 20 Event Log Errors ==========
 
[ ACEEventLog Events ]
OTL encountered an error while reading this event log. It may be corrupt.
OTL encountered an error while reading this event log. It may be corrupt.
OTL encountered an error while reading this event log. It may be corrupt.
OTL encountered an error while reading this event log. It may be corrupt.
OTL encountered an error while reading this event log. It may be corrupt.
OTL encountered an error while reading this event log. It may be corrupt.
OTL encountered an error while reading this event log. It may be corrupt.
OTL encountered an error while reading this event log. It may be corrupt.
OTL encountered an error while reading this event log. It may be corrupt.
OTL encountered an error while reading this event log. It may be corrupt.
OTL encountered an error while reading this event log. It may be corrupt.
OTL encountered an error while reading this event log. It may be corrupt.
 
< End of report >
         
--- --- ---

Alt 30.10.2012, 17:59   #9
markusg
/// Malware-holic
 
Polizei - Ihr Computer wurde gesperrt - Österreich - Standard

Polizei - Ihr Computer wurde gesperrt - Österreich



hi
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 30.10.2012, 19:21   #10
victorynox
 
Polizei - Ihr Computer wurde gesperrt - Österreich - Standard

Polizei - Ihr Computer wurde gesperrt - Österreich



hallo nochmal!

hier der combofix log:
ist mein computer jetzt wieder virenfrei?

Combofix Logfile:
Code:
ATTFilter
ComboFix 12-10-30.03 - neon 30.10.2012  18:41:32.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.43.1031.18.3950.2222 [GMT 1:00]
ausgeführt von:: c:\users\neon\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\program files (x86)\Incredibar.com
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarApp.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarEng.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarsrv.exe
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
c:\program files (x86)\Windows Searchqu Toolbar
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\css\new-tab.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_amazon.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_ebay.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_facebook.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_fantastigames.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_ftalk.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_youtube.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\images\IDR_WEBSTORE_ICON.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\images\imesh_logo_128.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\images\imesh_logo_128.png__
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\new-tab.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ChromeExtension\lib\analytics.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ChromeExtension\lib\constant.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ChromeExtension\lib\default-config - Copy.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ChromeExtension\lib\default-config.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ChromeExtension\lib\jquery.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ChromeExtension\lib\localStorage.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ChromeExtension\lib\new-tab.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ChromeExtension\lib\preferences.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ChromeExtension\manifest.json
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ChromeExtension\OurLocalPage.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\datamngr.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\DnsBHO.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\chrome.manifest
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\chrome.manifest.alt
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlp.xpt
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF10.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF11.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF12.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF13.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF14.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF15.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF3.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF4.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF5.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF6.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF7.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF8.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF9.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\DataMngr.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\DnsBHO.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\Error404BHO.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\NewTabBHO.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\overlay.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\overlay.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\RelatedSearch.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\RequestPreserver.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\SearchBHO.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\SettingManager.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\Settings.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\install.rdf
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\installhelper.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\as_guid.dat
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\bandoocode.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search\engines.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search\search.xsl
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\about.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\bandoocode.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpanel.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpanelwin.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxprefwin.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxtransparentwin.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxwin.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\emailnotifierproviders.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\external.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\neterror.xhtml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\vmncode.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\wmpstreamer.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules\datastore.jsm
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules\nsDragAndDrop.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\partner.coupons.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\preferences.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\radiobeta.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\template.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\toolbar.htm
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\toolbar.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\vmncode.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\vmnrsswin.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\babylon_logo.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bandoo.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bluelite.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bluesky.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-search-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-search.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-settings-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-settings.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-widgets-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-widgets.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn_settings.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ca.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\dictionary.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\divider.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\downloadcom.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\dtxlogo.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ebay.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\email.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\email_on.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\facebook.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\games.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred0.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred0_5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred1.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred1_5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred2.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred2_5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred3.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred3_5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred4.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred4_5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphredna.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\grey.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ico-shield.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_amazon.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_games.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_radio_png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_seperator_png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_twitter.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_youtube.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\images.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\imesh.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\add.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\aol.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-dn.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-right-disabled.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-right.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-up.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-divider.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-end.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-start.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-divider.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-end.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-start.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\blank.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn-widgets-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn-widgets.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn_slider.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnback-down-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnback-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnleft-down-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnleft-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnright-down-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnright-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\button-splitter-down-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\button-splitter-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\checkmark.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\chevron.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\collapse.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\comcast.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\dtx.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\edit-back-hot.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\edit-back.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\expand.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\found.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\gmail.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_blue.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_cyan.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_lime.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_magenta.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_yellow.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\hotmail.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\ico-check.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\imap.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\loadingMid.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\lock.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\logo-separator.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\mailcom.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_bg-basic.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_separator_bar.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_separator_white.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitem-splitter.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemback-down-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemback-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-vista.png
c:\programdata\dsgsdgdsgdsgw.pad
c:\users\neon\AppData\Roaming\Local
c:\windows\IsUn0407.exe
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\wpcap.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-09-28 bis 2012-10-30  ))))))))))))))))))))))))))))))
.
.
2012-10-30 17:48 . 2012-10-30 17:48	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-10-30 10:49 . 2012-10-30 10:49	--------	d-----w-	c:\users\neon\AppData\Roaming\Malwarebytes
2012-10-30 10:49 . 2012-10-30 10:49	--------	d-----w-	c:\programdata\Malwarebytes
2012-10-30 10:49 . 2012-10-30 10:49	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-10-30 10:49 . 2012-09-29 18:54	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-10-13 13:36 . 2012-10-13 13:36	--------	d-----w-	c:\users\neon\AppData\Local\Macromedia
2012-10-13 13:35 . 2012-10-13 13:35	696760	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-13 13:35 . 2012-10-13 13:35	--------	d-----w-	c:\windows\system32\Macromed
2012-10-05 16:42 . 2012-10-05 16:42	--------	d-----w-	c:\program files (x86)\Ask.com
2012-10-05 16:42 . 2012-10-05 16:42	--------	d-----w-	c:\users\neon\AppData\Local\APN
2012-10-05 16:41 . 2012-10-05 16:41	--------	d-----w-	c:\program files (x86)\Free M4a to MP3 Converter
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-13 13:35 . 2011-10-03 16:28	73656	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-21 11:01 . 2012-09-29 06:41	33240	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2012-08-21 11:01 . 2011-01-25 18:52	125872	----a-w-	c:\windows\system32\GEARAspi64.dll
2012-08-21 11:01 . 2011-01-25 18:52	106928	----a-w-	c:\windows\SysWow64\GEARAspi.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-08-08 1527496]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files (x86)\DVDVideoSoftTB\prxtbDVDV.dll" [2011-01-17 175912]
"{c840e246-6b95-475e-9bd7-caa1c7eca9f2}"= "c:\program files (x86)\uTorrentBar_DE\prxtbuTor.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CLASSES_ROOT\clsid\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 15:54	175912	----a-w-	c:\program files (x86)\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2011-01-17 15:54	175912	----a-w-	c:\program files (x86)\DVDVideoSoftTB\prxtbDVDV.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}]
2011-03-28 16:22	176936	----a-w-	c:\program files (x86)\uTorrentBar_DE\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-08-08 16:15	1527496	----a-w-	c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files (x86)\DVDVideoSoftTB\prxtbDVDV.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
"{c840e246-6b95-475e-9bd7-caa1c7eca9f2}"= "c:\program files (x86)\uTorrentBar_DE\prxtbuTor.dll" [2011-03-28 176936]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-08-08 1527496]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NETGEARGenie"="c:\program files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" [2011-07-15 797152]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-06-23 639352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2010-05-31 673136]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-08 98304]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-06-01 600928]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-08-08 1644744]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-8 1128224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-26 136176]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-13 250808]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-06-23 342056]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-06-23 39464]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-26 136176]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-06-24 271872]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [2010-07-28 29720]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-30 115168]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2010-04-19 22528]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2010-07-21 45456]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-06-20 108400]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-06-18 423280]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-06-20 67952]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-06-06 304496]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-06-17 851824]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-06-09 537456]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-06-09 384880]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-06-09 101232]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-24 1255736]
R4 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560]
R4 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-07-12 55856]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-16 27760]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-06-24 202752]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
S2 NETGEARGenieDaemon;NETGEARGenieDaemon;c:\program files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [2011-07-26 1371104]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-06-01 367456]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 14112]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [2010-06-23 94208]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [2010-06-23 78848]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-05-28 2320920]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-06-21 575856]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-06-08 836608]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2010-05-28 56344]
S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-05-28 158976]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2010-04-26 12032]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2010-05-31 402720]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - NPF
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-10-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-13 13:35]
.
2012-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-26 09:03]
.
2012-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-26 09:03]
.
2012-10-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1782537640-528498122-1240110950-1000Core.job
- c:\users\neon\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-08 17:33]
.
2012-10-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1782537640-528498122-1240110950-1000UA.job
- c:\users\neon\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-08 17:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-05-31 10775584]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-05-31 2040352]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2010-07-21 2327952]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.ask.com/?l=dis&o=15095
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: &Download by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/202
IE: Free YouTube Download - c:\users\neon\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\neon\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\neon\AppData\Roaming\Mozilla\Firefox\Profiles\nu2paupq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Search Results
FF - prefs.js: browser.startup.homepage - google.at
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&sr=0&q=
FF - ExtSQL: 2012-10-03 18:04; {99079a25-328f-4bd4-be04-00955acaa0a7}; c:\users\neon\AppData\Roaming\Mozilla\Firefox\Profiles\nu2paupq.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
FF - ExtSQL: 2012-10-03 18:04; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension
FF - ExtSQL: 2012-10-05 18:42; toolbar@ask.com; c:\users\neon\AppData\Roaming\Mozilla\Firefox\Profiles\nu2paupq.default\extensions\toolbar@ask.com
FF - ExtSQL: 2049-12-31 15:00; {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}; c:\users\neon\AppData\Roaming\Mozilla\Firefox\Profiles\nu2paupq.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
FF - ExtSQL: !HIDDEN! 2011-03-19 18:21; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - ExtSQL: !HIDDEN! 2012-10-03 18:04; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6R8oq6MFqX&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - d2b09ace0000000000004a0f6ee6d88e
FF - user.js: extensions.incredibar_i.instlDay - 15429
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1421:10
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef - 
FF - user.js: extensions.incredibar_i.dfltLng - 
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id - 
FF - user.js: extensions.incredibar_i.upn2 - 6R8oq6MFqX
FF - user.js: extensions.incredibar_i.upn2n - 92824104915795147
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10606
FF - user.js: extensions.incredibar_i.ppd - 20%5F4
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{66bd2442-241b-44cd-8c7a-b51037053cdb} - (no file)
BHO-{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
BHO-{99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll
BHO-{9D717F81-9148-4f12-8568-69135F087DB0} - c:\progra~2\WIA6EB~1\Datamngr\BROWSE~1.DLL
Toolbar-{F9639E4A-801B-4843-AEE3-03D9DA199E77} - c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
Toolbar-{99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-DATAMNGR - c:\progra~2\WIA6EB~1\Datamngr\DATAMN~1.EXE
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
BHO-{9D717F81-9148-4f12-8568-69135F087DB0} - c:\progra~2\WIA6EB~1\Datamngr\x64\BROWSE~1.DLL
Toolbar-10 - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{872B5B88-9DB5-4310-BDD0-AC189557E5F5} - (no file)
WebBrowser-{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - (no file)
AddRemove-Allplan - c:\windows\ISUN0407.EXE
AddRemove-Allplan 2004 - c:\windows\IsUn0407.exe
AddRemove-Hardlock Device Driver - c:\windows\System32\UNWISE.EXE
AddRemove-incredibar - c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
AddRemove-Searchqu Toolbar - c:\program files (x86)\Windows Searchqu Toolbar\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\windows\SysWOW64\RunDll32.exe
c:\program files (x86)\NETGEAR Genie\bin\genie_tray.exe
c:\program files\Sony\VAIO Care\listener.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-10-30  18:57:55 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-10-30 17:57
.
Vor Suchlauf: 12 Verzeichnis(se), 337.246.642.176 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 338.791.723.008 Bytes frei
.
- - End Of File - - EABA7C494B61277F038DA4374E18EDEC
         
--- --- ---

Alt 30.10.2012, 19:38   #11
markusg
/// Malware-holic
 
Polizei - Ihr Computer wurde gesperrt - Österreich - Standard

Polizei - Ihr Computer wurde gesperrt - Österreich



hi
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 31.10.2012, 08:53   #12
victorynox
 
Polizei - Ihr Computer wurde gesperrt - Österreich - Standard

Polizei - Ihr Computer wurde gesperrt - Österreich



Guten Morgen!
Hier der Tdsslog:

08:53:31.0224 6980 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
08:53:31.0414 6980 ============================================================
08:53:31.0414 6980 Current date / time: 2012/10/31 08:53:31.0414
08:53:31.0414 6980 SystemInfo:
08:53:31.0414 6980
08:53:31.0414 6980 OS Version: 6.1.7600 ServicePack: 0.0
08:53:31.0414 6980 Product type: Workstation
08:53:31.0414 6980 ComputerName: NEON-VAIO
08:53:31.0414 6980 UserName: neon
08:53:31.0414 6980 Windows directory: C:\Windows
08:53:31.0414 6980 System windows directory: C:\Windows
08:53:31.0414 6980 Running under WOW64
08:53:31.0414 6980 Processor architecture: Intel x64
08:53:31.0414 6980 Number of processors: 4
08:53:31.0414 6980 Page size: 0x1000
08:53:31.0414 6980 Boot type: Normal boot
08:53:31.0414 6980 ============================================================
08:53:32.0934 6980 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:53:32.0944 6980 ============================================================
08:53:32.0944 6980 \Device\Harddisk0\DR0:
08:53:32.0944 6980 MBR partitions:
08:53:32.0944 6980 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1AF6800, BlocksNum 0x32000
08:53:32.0944 6980 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1B28800, BlocksNum 0x3885D030
08:53:32.0944 6980 ============================================================
08:53:32.0964 6980 C: <-> \Device\Harddisk0\DR0\Partition2
08:53:32.0964 6980 ============================================================
08:53:32.0964 6980 Initialize success
08:53:32.0964 6980 ============================================================
08:53:34.0784 6800 ============================================================
08:53:34.0784 6800 Scan started
08:53:34.0784 6800 Mode: Manual;
08:53:34.0784 6800 ============================================================
08:53:41.0985 6800 ================ Scan system memory ========================
08:53:41.0985 6800 System memory - ok
08:53:41.0985 6800 ================ Scan services =============================
08:53:42.0965 6800 [ 969C91060CBB5D17CB8440B5F78B4C51 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:53:42.0965 6800 1394ohci - ok
08:53:43.0175 6800 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
08:53:43.0185 6800 ACDaemon - ok
08:53:43.0265 6800 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:53:43.0275 6800 ACPI - ok
08:53:43.0425 6800 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:53:43.0435 6800 AcpiPmi - ok
08:53:43.0555 6800 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\Windows\system32\drivers\adfs.sys
08:53:43.0565 6800 adfs - ok
08:53:45.0015 6800 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:53:45.0025 6800 AdobeFlashPlayerUpdateSvc - ok
08:53:45.0155 6800 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
08:53:45.0165 6800 adp94xx - ok
08:53:45.0255 6800 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
08:53:45.0265 6800 adpahci - ok
08:53:45.0315 6800 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
08:53:45.0325 6800 adpu320 - ok
08:53:45.0345 6800 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:53:45.0355 6800 AeLookupSvc - ok
08:53:45.0425 6800 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
08:53:45.0435 6800 AFD - ok
08:53:45.0535 6800 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
08:53:45.0605 6800 agp440 - ok
08:53:46.0386 6800 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
08:53:46.0386 6800 ALG - ok
08:53:46.0496 6800 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
08:53:46.0496 6800 aliide - ok
08:53:46.0606 6800 [ 27429A457FCA8F50923863A965FE0C6C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
08:53:46.0606 6800 AMD External Events Utility - ok
08:53:46.0636 6800 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
08:53:46.0646 6800 amdide - ok
08:53:46.0703 6800 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
08:53:46.0703 6800 AmdK8 - ok
08:53:46.0719 6800 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
08:53:46.0719 6800 AmdPPM - ok
08:53:46.0750 6800 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:53:46.0750 6800 amdsata - ok
08:53:46.0797 6800 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
08:53:46.0797 6800 amdsbs - ok
08:53:46.0828 6800 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:53:46.0828 6800 amdxata - ok
08:53:47.0093 6800 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
08:53:47.0093 6800 AntiVirSchedulerService - ok
08:53:47.0155 6800 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
08:53:47.0155 6800 AntiVirService - ok
08:53:47.0327 6800 [ 2D45F2DFBC3D8F53DF7EBEFFA8C9BC38 ] ApfiltrService C:\Windows\system32\drivers\Apfiltr.sys
08:53:47.0358 6800 ApfiltrService - ok
08:53:47.0483 6800 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
08:53:47.0499 6800 AppID - ok
08:53:47.0514 6800 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:53:47.0514 6800 AppIDSvc - ok
08:53:47.0577 6800 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
08:53:47.0577 6800 Appinfo - ok
08:53:48.0357 6800 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:53:48.0357 6800 Apple Mobile Device - ok
08:53:48.0559 6800 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
08:53:48.0559 6800 arc - ok
08:53:48.0575 6800 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
08:53:48.0575 6800 arcsas - ok
08:53:48.0637 6800 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
08:53:48.0637 6800 ArcSoftKsUFilter - ok
08:53:48.0669 6800 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:53:48.0684 6800 AsyncMac - ok
08:53:48.0715 6800 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
08:53:48.0715 6800 atapi - ok
08:53:49.0121 6800 [ CCA705CDF038D5BC243203CE4416B345 ] athr C:\Windows\system32\DRIVERS\athrx.sys
08:53:49.0152 6800 athr - ok
08:53:49.0417 6800 [ EAEA2CE49DE0CCA80BEB9134107E5DD7 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
08:53:49.0589 6800 atikmdag - ok
08:53:49.0854 6800 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:53:49.0885 6800 AudioEndpointBuilder - ok
08:53:50.0026 6800 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:53:50.0026 6800 AudioSrv - ok
08:53:50.0291 6800 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
08:53:50.0307 6800 avgntflt - ok
08:53:50.0665 6800 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
08:53:50.0665 6800 avipbb - ok
08:53:50.0790 6800 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
08:53:50.0853 6800 avkmgr - ok
08:53:51.0336 6800 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:53:51.0352 6800 AxInstSV - ok
08:53:51.0867 6800 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
08:53:51.0913 6800 b06bdrv - ok
08:53:52.0007 6800 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:53:52.0007 6800 b57nd60a - ok
08:53:52.0241 6800 [ 0D1EA7509F394D8B705B239EE71F5118 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
08:53:52.0241 6800 BBSvc - ok
08:53:52.0303 6800 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
08:53:52.0303 6800 BDESVC - ok
08:53:52.0366 6800 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
08:53:52.0366 6800 Beep - ok
08:53:52.0491 6800 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
08:53:52.0522 6800 BFE - ok
08:53:52.0584 6800 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\system32\qmgr.dll
08:53:53.0427 6800 BITS - ok
08:53:53.0817 6800 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
08:53:53.0817 6800 blbdrive - ok
08:53:54.0581 6800 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:53:54.0597 6800 Bonjour Service - ok
08:53:54.0675 6800 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:53:54.0690 6800 bowser - ok
08:53:54.0753 6800 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
08:53:54.0753 6800 BrFiltLo - ok
08:53:54.0799 6800 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
08:53:54.0799 6800 BrFiltUp - ok
08:53:54.0940 6800 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
08:53:54.0955 6800 BridgeMP - ok
08:53:55.0018 6800 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
08:53:55.0018 6800 Browser - ok
08:53:55.0096 6800 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:53:55.0127 6800 Brserid - ok
08:53:55.0174 6800 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:53:55.0174 6800 BrSerWdm - ok
08:53:55.0252 6800 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:53:55.0252 6800 BrUsbMdm - ok
08:53:55.0299 6800 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:53:55.0299 6800 BrUsbSer - ok
08:53:55.0361 6800 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
08:53:55.0361 6800 BthEnum - ok
08:53:55.0423 6800 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
08:53:55.0423 6800 BTHMODEM - ok
08:53:55.0486 6800 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
08:53:55.0517 6800 BthPan - ok
08:53:55.0829 6800 [ A51FA9D0E85D5ADABEF72E67F386309C ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
08:53:55.0845 6800 BTHPORT - ok
08:53:56.0016 6800 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
08:53:56.0016 6800 bthserv - ok
08:53:56.0125 6800 [ F740B9A16B2C06700F2130E19986BF3B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
08:53:56.0125 6800 BTHUSB - ok
08:53:56.0235 6800 [ 59E3510784548C6939C1B3B985C232E3 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
08:53:56.0250 6800 btwampfl - ok
08:53:56.0359 6800 [ 1872074ED0A3FB22E3F1E3197B984BFA ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
08:53:56.0375 6800 btwaudio - ok
08:53:56.0453 6800 [ 691CF076C33AB1C3A5B2FD5450300733 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
08:53:56.0469 6800 btwavdt - ok
08:53:56.0718 6800 [ 8BA6E93A182126781952A7895EC1E4B2 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
08:53:56.0749 6800 btwdins - ok
08:53:56.0812 6800 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
08:53:56.0827 6800 btwl2cap - ok
08:53:56.0905 6800 [ C9273B20DEC8CE38DBCE5D29DE63C907 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
08:53:56.0921 6800 btwrchid - ok
08:53:57.0046 6800 catchme - ok
08:53:57.0093 6800 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:53:57.0093 6800 cdfs - ok
08:53:57.0233 6800 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:53:57.0233 6800 cdrom - ok
08:53:57.0342 6800 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
08:53:57.0342 6800 CertPropSvc - ok
08:53:57.0436 6800 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
08:53:57.0451 6800 circlass - ok
08:53:57.0483 6800 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
08:53:57.0514 6800 CLFS - ok
08:53:57.0951 6800 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:53:57.0951 6800 clr_optimization_v2.0.50727_32 - ok
08:53:58.0153 6800 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:53:58.0169 6800 clr_optimization_v2.0.50727_64 - ok
08:53:58.0450 6800 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:53:58.0606 6800 clr_optimization_v4.0.30319_32 - ok
08:53:58.0762 6800 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:53:58.0793 6800 clr_optimization_v4.0.30319_64 - ok
08:53:58.0918 6800 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
08:53:58.0918 6800 CmBatt - ok
08:53:58.0949 6800 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:53:58.0965 6800 cmdide - ok
08:53:59.0011 6800 [ 937BEB186A735ACA91D717044A49D17E ] CNG C:\Windows\system32\Drivers\cng.sys
08:53:59.0027 6800 CNG - ok
08:53:59.0105 6800 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
08:53:59.0105 6800 Compbatt - ok
08:53:59.0152 6800 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
08:53:59.0167 6800 CompositeBus - ok
08:53:59.0214 6800 COMSysApp - ok
08:53:59.0261 6800 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
08:53:59.0261 6800 crcdisk - ok
08:53:59.0386 6800 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:53:59.0386 6800 CryptSvc - ok
08:53:59.0979 6800 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
08:53:59.0979 6800 cvhsvc - ok
08:54:00.0166 6800 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:54:00.0197 6800 DcomLaunch - ok
08:54:00.0259 6800 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
08:54:00.0322 6800 defragsvc - ok
08:54:00.0415 6800 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:54:00.0415 6800 DfsC - ok
08:54:00.0509 6800 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
08:54:00.0525 6800 Dhcp - ok
08:54:00.0556 6800 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
08:54:00.0556 6800 discache - ok
08:54:00.0618 6800 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
08:54:00.0618 6800 Disk - ok
08:54:00.0665 6800 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:54:00.0665 6800 Dnscache - ok
08:54:00.0712 6800 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
08:54:00.0727 6800 dot3svc - ok
08:54:00.0805 6800 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
08:54:00.0805 6800 Dot4 - ok
08:54:00.0883 6800 [ 85135AD27E79B689335C08167D917CDE ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
08:54:00.0883 6800 Dot4Print - ok
08:54:00.0993 6800 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
08:54:00.0993 6800 dot4usb - ok
08:54:01.0024 6800 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
08:54:01.0024 6800 DPS - ok
08:54:01.0102 6800 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:54:01.0102 6800 drmkaud - ok
08:54:01.0164 6800 [ EBCE0B0924835F635F620D19F0529DCE ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:54:01.0211 6800 DXGKrnl - ok
08:54:01.0273 6800 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
08:54:01.0289 6800 EapHost - ok
08:54:01.0897 6800 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
08:54:01.0975 6800 ebdrv - ok
08:54:02.0022 6800 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
08:54:02.0038 6800 EFS - ok
08:54:02.0350 6800 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:54:02.0397 6800 ehRecvr - ok
08:54:02.0459 6800 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
08:54:02.0459 6800 ehSched - ok
08:54:02.0521 6800 [ 9A47AC3DFCF81D30922CDAAF1C2D579F ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
08:54:02.0537 6800 ElbyCDIO - ok
08:54:02.0662 6800 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
08:54:02.0709 6800 elxstor - ok
08:54:02.0740 6800 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:54:02.0740 6800 ErrDev - ok
08:54:02.0833 6800 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
08:54:02.0865 6800 EventSystem - ok
08:54:02.0880 6800 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
08:54:02.0880 6800 exfat - ok
08:54:02.0911 6800 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:54:02.0943 6800 fastfat - ok
08:54:03.0738 6800 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
08:54:03.0832 6800 Fax - ok
08:54:04.0487 6800 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
08:54:04.0503 6800 fdc - ok
08:54:04.0612 6800 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
08:54:04.0612 6800 fdPHost - ok
08:54:04.0690 6800 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
08:54:04.0705 6800 FDResPub - ok
08:54:04.0752 6800 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:54:04.0752 6800 FileInfo - ok
08:54:04.0768 6800 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:54:04.0768 6800 Filetrace - ok
08:54:04.0908 6800 [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
08:54:04.0971 6800 FLEXnet Licensing Service - ok
08:54:05.0064 6800 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
08:54:05.0080 6800 flpydisk - ok
08:54:05.0142 6800 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:54:05.0142 6800 FltMgr - ok
08:54:05.0361 6800 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
08:54:05.0407 6800 FontCache - ok
08:54:05.0501 6800 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:54:05.0532 6800 FontCache3.0.0.0 - ok
08:54:05.0548 6800 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:54:05.0563 6800 FsDepends - ok
08:54:05.0751 6800 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
08:54:05.0766 6800 fssfltr - ok
08:54:05.0922 6800 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
08:54:05.0969 6800 fsssvc - ok
08:54:06.0000 6800 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:54:06.0000 6800 Fs_Rec - ok
08:54:06.0078 6800 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:54:06.0078 6800 fvevol - ok
08:54:06.0125 6800 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
08:54:06.0125 6800 gagp30kx - ok
08:54:06.0172 6800 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:54:06.0187 6800 GEARAspiWDM - ok
08:54:06.0219 6800 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
08:54:06.0234 6800 gpsvc - ok
08:54:06.0265 6800 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:54:06.0265 6800 gupdate - ok
08:54:06.0297 6800 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:54:06.0297 6800 gupdatem - ok
08:54:06.0343 6800 hardlock - ok
08:54:06.0375 6800 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:54:06.0390 6800 hcw85cir - ok
08:54:06.0390 6800 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:54:06.0406 6800 HdAudAddService - ok
08:54:06.0468 6800 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
08:54:06.0468 6800 HDAudBus - ok
08:54:06.0531 6800 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\drivers\HECIx64.sys
08:54:06.0546 6800 HECIx64 - ok
08:54:06.0562 6800 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
08:54:06.0562 6800 HidBatt - ok
08:54:06.0577 6800 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
08:54:06.0577 6800 HidBth - ok
08:54:06.0593 6800 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
08:54:06.0593 6800 HidIr - ok
08:54:06.0671 6800 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
08:54:06.0671 6800 hidserv - ok
08:54:06.0718 6800 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:54:06.0733 6800 HidUsb - ok
08:54:06.0811 6800 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:54:06.0811 6800 hkmsvc - ok
08:54:06.0843 6800 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:54:06.0858 6800 HomeGroupListener - ok
08:54:06.0905 6800 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:54:06.0921 6800 HomeGroupProvider - ok
08:54:07.0248 6800 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
08:54:07.0264 6800 hpqcxs08 - ok
08:54:07.0342 6800 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
08:54:07.0342 6800 hpqddsvc - ok
08:54:07.0669 6800 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:54:07.0732 6800 HpSAMD - ok
08:54:08.0387 6800 [ 7F57926169C1B8ABA9274EA7D4B70F18 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
08:54:08.0527 6800 HPSLPSVC - ok
08:54:08.0683 6800 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:54:08.0730 6800 HTTP - ok
08:54:08.0746 6800 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:54:08.0761 6800 hwpolicy - ok
08:54:08.0808 6800 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
08:54:08.0808 6800 i8042prt - ok
08:54:08.0917 6800 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\drivers\iaStor.sys
08:54:08.0917 6800 iaStor - ok
08:54:09.0042 6800 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
08:54:09.0058 6800 IAStorDataMgrSvc - ok
08:54:09.0105 6800 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:54:09.0120 6800 iaStorV - ok
08:54:09.0307 6800 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:54:09.0354 6800 idsvc - ok
08:54:10.0509 6800 [ 2A22AB054F4630D2EF4BAB2853F6D5F6 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
08:54:10.0774 6800 igfx - ok
08:54:10.0836 6800 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
08:54:10.0852 6800 iirsp - ok
08:54:10.0930 6800 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
08:54:10.0945 6800 IKEEXT - ok
08:54:11.0055 6800 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\drivers\Impcd.sys
08:54:11.0070 6800 Impcd - ok
08:54:11.0164 6800 [ 526E482AFB586CB1CDD687869DECF686 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
08:54:11.0195 6800 IntcAzAudAddService - ok
08:54:11.0367 6800 [ 58CF58DEE26C909BD6F977B61D246295 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
08:54:11.0382 6800 IntcDAud - ok
08:54:11.0398 6800 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
08:54:11.0398 6800 intelide - ok
08:54:11.0445 6800 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
08:54:11.0460 6800 intelppm - ok
08:54:11.0679 6800 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:54:11.0694 6800 IPBusEnum - ok
08:54:11.0725 6800 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:54:11.0725 6800 IpFilterDriver - ok
08:54:11.0866 6800 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:54:11.0913 6800 iphlpsvc - ok
08:54:12.0599 6800 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:54:12.0615 6800 IPMIDRV - ok
08:54:12.0693 6800 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:54:12.0693 6800 IPNAT - ok
08:54:13.0473 6800 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:54:13.0504 6800 iPod Service - ok
08:54:14.0284 6800 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:54:14.0362 6800 IRENUM - ok
08:54:16.0733 6800 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:54:16.0733 6800 isapnp - ok
08:54:18.0090 6800 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:54:18.0231 6800 iScsiPrt - ok
08:54:19.0494 6800 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
08:54:19.0494 6800 IviRegMgr - ok
08:54:20.0524 6800 [ BD5BF20EC242E003A2F570B8754A56D1 ] ivusb C:\Windows\system32\DRIVERS\ivusb.sys
08:54:20.0539 6800 ivusb - ok
08:54:22.0006 6800 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:54:22.0661 6800 kbdclass - ok
08:54:24.0315 6800 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
08:54:24.0330 6800 kbdhid - ok
08:54:24.0408 6800 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
08:54:24.0408 6800 KeyIso - ok
08:54:24.0424 6800 [ 16C1B906FC5EAD84769F90B736B6BF0E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:54:24.0439 6800 KSecDD - ok
08:54:24.0502 6800 [ 0B711550C56444879D71C7DAABDA6C83 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:54:24.0517 6800 KSecPkg - ok
08:54:24.0705 6800 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:54:24.0767 6800 ksthunk - ok
08:54:24.0845 6800 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
08:54:24.0861 6800 KtmRm - ok
08:54:25.0173 6800 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\System32\srvsvc.dll
08:54:25.0204 6800 LanmanServer - ok
08:54:25.0469 6800 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:54:25.0485 6800 LanmanWorkstation - ok
08:54:25.0563 6800 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:54:25.0563 6800 lltdio - ok
08:54:26.0452 6800 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:54:26.0467 6800 lltdsvc - ok
08:54:26.0670 6800 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:54:26.0686 6800 lmhosts - ok
08:54:27.0247 6800 [ 3D23191672D83E90D1CF63927EE98136 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
08:54:27.0263 6800 LMS - ok
08:54:27.0450 6800 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
08:54:27.0466 6800 LSI_FC - ok
08:54:28.0027 6800 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
08:54:28.0043 6800 LSI_SAS - ok
08:54:28.0230 6800 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
08:54:28.0230 6800 LSI_SAS2 - ok
08:54:28.0261 6800 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
08:54:28.0261 6800 LSI_SCSI - ok
08:54:28.0324 6800 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
08:54:28.0324 6800 luafv - ok
08:54:28.0386 6800 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
08:54:28.0402 6800 MBAMProtector - ok
08:54:29.0447 6800 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
08:54:29.0509 6800 MBAMScheduler - ok
08:54:29.0572 6800 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
08:54:29.0665 6800 MBAMService - ok
08:54:29.0899 6800 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:54:29.0899 6800 Mcx2Svc - ok
08:54:29.0962 6800 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
08:54:29.0977 6800 megasas - ok
08:54:30.0040 6800 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
08:54:30.0055 6800 MegaSR - ok
08:54:30.0430 6800 [ 7C4C76B39D5525C4A465E0BE32528E19 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
08:54:30.0430 6800 Microsoft Office Groove Audit Service - ok
08:54:30.0477 6800 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
08:54:30.0508 6800 MMCSS - ok
08:54:30.0742 6800 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
08:54:30.0757 6800 Modem - ok
08:54:30.0835 6800 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:54:30.0851 6800 monitor - ok
08:54:30.0929 6800 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:54:30.0929 6800 mouclass - ok
08:54:31.0101 6800 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:54:31.0116 6800 mouhid - ok
08:54:31.0147 6800 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:54:31.0147 6800 mountmgr - ok
08:54:31.0225 6800 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:54:31.0241 6800 MozillaMaintenance - ok
08:54:31.0257 6800 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\drivers\mpio.sys
08:54:31.0257 6800 mpio - ok
08:54:31.0288 6800 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:54:31.0288 6800 mpsdrv - ok
08:54:31.0350 6800 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:54:31.0366 6800 MpsSvc - ok
08:54:31.0397 6800 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:54:31.0397 6800 MRxDAV - ok
08:54:31.0444 6800 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:54:31.0444 6800 mrxsmb - ok
08:54:31.0475 6800 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:54:31.0491 6800 mrxsmb10 - ok
08:54:31.0522 6800 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:54:31.0522 6800 mrxsmb20 - ok
08:54:31.0569 6800 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\drivers\msahci.sys
08:54:31.0569 6800 msahci - ok
08:54:31.0600 6800 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:54:31.0600 6800 msdsm - ok
08:54:31.0615 6800 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
08:54:31.0615 6800 MSDTC - ok
08:54:31.0662 6800 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:54:31.0662 6800 Msfs - ok
08:54:31.0693 6800 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:54:31.0693 6800 mshidkmdf - ok
08:54:31.0709 6800 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:54:31.0709 6800 msisadrv - ok
08:54:31.0740 6800 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:54:31.0740 6800 MSiSCSI - ok
08:54:31.0756 6800 msiserver - ok
08:54:31.0787 6800 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:54:31.0787 6800 MSKSSRV - ok
08:54:31.0803 6800 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:54:31.0803 6800 MSPCLOCK - ok
08:54:31.0803 6800 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:54:31.0818 6800 MSPQM - ok
08:54:31.0834 6800 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:54:31.0834 6800 MsRPC - ok
08:54:31.0865 6800 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
08:54:31.0865 6800 mssmbios - ok
08:54:31.0881 6800 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:54:31.0896 6800 MSTEE - ok
08:54:31.0927 6800 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
08:54:31.0927 6800 MTConfig - ok
08:54:31.0974 6800 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
08:54:31.0990 6800 Mup - ok
08:54:32.0083 6800 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
08:54:32.0115 6800 napagent - ok
08:54:32.0193 6800 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:54:32.0193 6800 NativeWifiP - ok
08:54:32.0224 6800 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
08:54:32.0239 6800 NDIS - ok
08:54:32.0271 6800 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:54:32.0271 6800 NdisCap - ok
08:54:32.0333 6800 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:54:32.0333 6800 NdisTapi - ok
08:54:32.0349 6800 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:54:32.0349 6800 Ndisuio - ok
08:54:32.0364 6800 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:54:32.0364 6800 NdisWan - ok
08:54:32.0380 6800 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:54:32.0380 6800 NDProxy - ok
08:54:32.0458 6800 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
08:54:32.0458 6800 Net Driver HPZ12 - ok
08:54:32.0489 6800 [ 307BC83250FC8E3B2878D81E7D760299 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
08:54:32.0505 6800 Netaapl - ok
08:54:32.0692 6800 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:54:32.0707 6800 NetBIOS - ok
08:54:32.0801 6800 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:54:32.0801 6800 NetBT - ok
08:54:32.0895 6800 [ 9E486CB6C435DF1BC34FAFCBBFE1778D ] NETGEARGenieDaemon C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
08:54:32.0926 6800 NETGEARGenieDaemon - ok
08:54:32.0941 6800 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
08:54:32.0941 6800 Netlogon - ok
08:54:32.0973 6800 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
08:54:32.0973 6800 Netman - ok
08:54:33.0004 6800 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
08:54:33.0019 6800 netprofm - ok
08:54:33.0051 6800 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:54:33.0051 6800 NetTcpPortSharing - ok
08:54:33.0097 6800 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
08:54:33.0097 6800 nfrd960 - ok
08:54:33.0144 6800 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:54:33.0144 6800 NlaSvc - ok
08:54:33.0238 6800 [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF C:\Windows\system32\drivers\NPF.sys
08:54:33.0238 6800 NPF - ok
08:54:33.0253 6800 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:54:33.0253 6800 Npfs - ok
08:54:33.0285 6800 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
08:54:33.0285 6800 nsi - ok
08:54:33.0300 6800 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:54:33.0300 6800 nsiproxy - ok
08:54:33.0378 6800 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:54:33.0425 6800 Ntfs - ok
08:54:33.0441 6800 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
08:54:33.0441 6800 Null - ok
08:54:33.0643 6800 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:54:33.0643 6800 nvraid - ok
08:54:33.0690 6800 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:54:33.0690 6800 nvstor - ok
08:54:33.0721 6800 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:54:33.0721 6800 nv_agp - ok
08:54:34.0127 6800 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:54:34.0127 6800 odserv - ok
08:54:34.0158 6800 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:54:34.0158 6800 ohci1394 - ok
08:54:34.0299 6800 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:54:34.0299 6800 ose - ok
08:54:35.0437 6800 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:54:35.0796 6800 osppsvc - ok
08:54:35.0999 6800 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:54:36.0046 6800 p2pimsvc - ok
08:54:36.0077 6800 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
08:54:36.0093 6800 p2psvc - ok
08:54:36.0108 6800 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
08:54:36.0124 6800 Parport - ok
08:54:36.0202 6800 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:54:36.0202 6800 partmgr - ok
08:54:36.0249 6800 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
08:54:36.0249 6800 PcaSvc - ok
08:54:36.0311 6800 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\drivers\pci.sys
08:54:36.0327 6800 pci - ok
08:54:36.0405 6800 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
08:54:36.0420 6800 pciide - ok
08:54:36.0514 6800 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
08:54:36.0561 6800 pcmcia - ok
08:54:38.0121 6800 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
08:54:38.0136 6800 pcw - ok
08:54:39.0244 6800 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:54:39.0259 6800 PEAUTH - ok
08:54:40.0195 6800 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:54:40.0195 6800 PerfHost - ok
08:54:40.0258 6800 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
08:54:40.0289 6800 pla - ok
08:54:40.0320 6800 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:54:40.0336 6800 PlugPlay - ok
08:54:40.0398 6800 [ 80E85394D8CD7F84340B1C6F4B9D698F ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
08:54:40.0414 6800 PMBDeviceInfoProvider - ok
08:54:40.0476 6800 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
08:54:40.0492 6800 Pml Driver HPZ12 - ok
08:54:40.0710 6800 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:54:40.0710 6800 PNRPAutoReg - ok
08:54:40.0757 6800 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:54:40.0757 6800 PNRPsvc - ok
08:54:40.0975 6800 [ B8D8EC78B0F9ED8E220506181274F3D3 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
08:54:40.0975 6800 Point64 - ok
08:54:41.0147 6800 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:54:41.0163 6800 PolicyAgent - ok
08:54:41.0194 6800 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
08:54:41.0194 6800 Power - ok
08:54:41.0256 6800 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:54:41.0256 6800 PptpMiniport - ok
08:54:41.0272 6800 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
08:54:41.0272 6800 Processor - ok
08:54:41.0303 6800 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll
08:54:41.0319 6800 ProfSvc - ok
08:54:41.0334 6800 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:54:41.0334 6800 ProtectedStorage - ok
08:54:41.0350 6800 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:54:41.0350 6800 Psched - ok
08:54:41.0381 6800 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
08:54:41.0381 6800 PSI_SVC_2 - ok
08:54:41.0412 6800 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
08:54:41.0412 6800 PxHlpa64 - ok
08:54:41.0490 6800 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
08:54:41.0537 6800 ql2300 - ok
08:54:41.0833 6800 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
08:54:41.0849 6800 ql40xx - ok
08:54:42.0738 6800 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
08:54:42.0769 6800 QWAVE - ok
08:54:42.0847 6800 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:54:42.0847 6800 QWAVEdrv - ok
08:54:43.0128 6800 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:54:43.0144 6800 RasAcd - ok
08:54:43.0378 6800 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:54:43.0393 6800 RasAgileVpn - ok
08:54:43.0518 6800 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
08:54:43.0518 6800 RasAuto - ok
08:54:43.0549 6800 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:54:43.0565 6800 Rasl2tp - ok
08:54:43.0581 6800 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
08:54:43.0596 6800 RasMan - ok
08:54:43.0627 6800 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:54:43.0627 6800 RasPppoe - ok
08:54:43.0659 6800 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:54:43.0659 6800 RasSstp - ok
08:54:43.0939 6800 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:54:43.0955 6800 rdbss - ok
08:54:43.0971 6800 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
08:54:43.0971 6800 rdpbus - ok
08:54:43.0986 6800 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:54:43.0986 6800 RDPCDD - ok
08:54:44.0017 6800 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:54:44.0017 6800 RDPENCDD - ok
08:54:44.0033 6800 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:54:44.0033 6800 RDPREFMP - ok
08:54:44.0064 6800 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:54:44.0064 6800 RDPWD - ok
08:54:44.0111 6800 [ E5DC9BA9E439D6DBDD79F8CAACB5BF01 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:54:44.0111 6800 rdyboost - ok
08:54:44.0142 6800 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\Windows\system32\drivers\regi.sys
08:54:44.0142 6800 regi - ok
08:54:44.0158 6800 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:54:44.0158 6800 RemoteAccess - ok
08:54:44.0189 6800 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:54:44.0205 6800 RemoteRegistry - ok
08:54:44.0267 6800 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
08:54:44.0283 6800 RFCOMM - ok
08:54:44.0329 6800 [ FA6ABC06B629DA29634D31F1FE0347BD ] rimspci C:\Windows\system32\drivers\rimssne64.sys
08:54:44.0329 6800 rimspci - ok
08:54:44.0361 6800 [ 8F8539A7F5C117D4407B2985995671F2 ] risdsnpe C:\Windows\system32\drivers\risdsne64.sys
08:54:44.0361 6800 risdsnpe - ok
08:54:44.0392 6800 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:54:44.0392 6800 RpcEptMapper - ok
08:54:44.0423 6800 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
08:54:44.0423 6800 RpcLocator - ok
08:54:44.0454 6800 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
08:54:44.0454 6800 RpcSs - ok
08:54:44.0797 6800 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:54:44.0813 6800 rspndr - ok
08:54:45.0156 6800 [ D6D381B76056C668679723938F06F16C ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
08:54:45.0172 6800 RTHDMIAzAudService - ok
08:54:45.0281 6800 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
08:54:45.0281 6800 SamSs - ok
08:54:45.0297 6800 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:54:45.0312 6800 sbp2port - ok
08:54:45.0343 6800 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:54:45.0343 6800 SCardSvr - ok
08:54:45.0375 6800 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:54:45.0375 6800 scfilter - ok
08:54:45.0421 6800 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
08:54:45.0453 6800 Schedule - ok
08:54:45.0484 6800 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
08:54:45.0484 6800 SCPolicySvc - ok
08:54:45.0577 6800 [ 2C8D162EFAF73ABD36D8BCBB6340CAE7 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
08:54:45.0593 6800 sdbus - ok
08:54:45.0640 6800 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:54:45.0655 6800 SDRSVC - ok
08:54:45.0765 6800 [ 78779EE07231C658B483B1F38B5088DF ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
08:54:45.0765 6800 SeaPort - ok
08:54:45.0811 6800 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:54:45.0827 6800 secdrv - ok
08:54:45.0858 6800 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
08:54:45.0858 6800 seclogon - ok
08:54:45.0858 6800 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
08:54:45.0874 6800 SENS - ok
08:54:45.0905 6800 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:54:45.0905 6800 SensrSvc - ok
08:54:45.0936 6800 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
08:54:45.0936 6800 Serenum - ok
08:54:45.0983 6800 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
08:54:45.0983 6800 Serial - ok
08:54:46.0030 6800 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
08:54:46.0030 6800 sermouse - ok
08:54:46.0061 6800 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
08:54:46.0077 6800 SessionEnv - ok
08:54:46.0155 6800 [ 286D3889E6AB5589646FF8A63CB928AE ] SFEP C:\Windows\system32\drivers\SFEP.sys
08:54:46.0170 6800 SFEP - ok
08:54:46.0201 6800 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:54:46.0201 6800 sffdisk - ok
08:54:46.0217 6800 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:54:46.0217 6800 sffp_mmc - ok
08:54:46.0233 6800 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:54:46.0233 6800 sffp_sd - ok
08:54:46.0248 6800 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
08:54:46.0248 6800 sfloppy - ok
08:54:46.0311 6800 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
08:54:46.0326 6800 Sftfs - ok
08:54:46.0420 6800 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
08:54:46.0420 6800 sftlist - ok
08:54:46.0435 6800 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
08:54:46.0451 6800 Sftplay - ok
08:54:46.0467 6800 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
08:54:46.0467 6800 Sftredir - ok
08:54:46.0467 6800 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
08:54:46.0482 6800 Sftvol - ok
08:54:46.0498 6800 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
08:54:46.0529 6800 sftvsa - ok
08:54:47.0247 6800 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:54:47.0247 6800 SharedAccess - ok
08:54:47.0340 6800 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:54:47.0418 6800 ShellHWDetection - ok
08:54:48.0666 6800 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
08:54:48.0682 6800 SiSRaid2 - ok
08:54:48.0697 6800 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
08:54:48.0713 6800 SiSRaid4 - ok
08:54:48.0963 6800 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:54:48.0978 6800 Smb - ok
08:54:49.0306 6800 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:54:49.0306 6800 SNMPTRAP - ok
08:54:49.0509 6800 [ C3E69DB0A4E59564230E053232F39AC7 ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
08:54:49.0618 6800 SOHCImp - ok
08:54:49.0836 6800 [ 65CC4779A29C3E82B987BD4961790DFF ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
08:54:50.0117 6800 SOHDms - ok
08:54:50.0335 6800 [ F47D75CEE1844EEF4A9EA6EE768828FB ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
08:54:50.0335 6800 SOHDs - ok
08:54:50.0647 6800 [ 5449FC97476F52E027409E703791E6A9 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
08:54:50.0741 6800 SpfService - ok
08:54:50.0772 6800 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
08:54:50.0772 6800 spldr - ok
08:54:51.0303 6800 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\Windows\System32\spoolsv.exe
08:54:51.0661 6800 Spooler - ok
08:54:52.0722 6800 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
08:54:52.0800 6800 sppsvc - ok
08:54:52.0816 6800 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:54:52.0816 6800 sppuinotify - ok
08:54:53.0003 6800 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
08:54:53.0065 6800 srv - ok
08:54:53.0689 6800 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:54:53.0705 6800 srv2 - ok
08:54:53.0814 6800 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:54:53.0970 6800 srvnet - ok
08:54:54.0859 6800 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:54:54.0937 6800 SSDPSRV - ok
08:54:55.0374 6800 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:54:55.0390 6800 SstpSvc - ok
08:54:55.0530 6800 Steam Client Service - ok
08:54:55.0593 6800 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
08:54:55.0593 6800 stexstor - ok
08:54:55.0967 6800 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
08:54:55.0998 6800 stisvc - ok
08:54:56.0170 6800 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
08:54:56.0170 6800 swenum - ok
08:54:56.0263 6800 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
08:54:56.0279 6800 SwitchBoard - ok
08:54:56.0310 6800 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
08:54:56.0310 6800 swprv - ok
08:54:56.0388 6800 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
08:54:56.0451 6800 SysMain - ok
08:54:56.0466 6800 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:54:56.0497 6800 TabletInputService - ok
08:54:56.0887 6800 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
08:54:56.0903 6800 TapiSrv - ok
08:54:56.0934 6800 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
08:54:56.0934 6800 TBS - ok
08:54:57.0699 6800 [ F18F56EFC0BFB9C87BA01C37B27F4DA5 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:54:57.0777 6800 Tcpip - ok
08:54:58.0151 6800 [ F18F56EFC0BFB9C87BA01C37B27F4DA5 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:54:58.0167 6800 TCPIP6 - ok
08:54:58.0229 6800 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:54:58.0229 6800 tcpipreg - ok
08:54:58.0245 6800 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:54:58.0245 6800 TDPIPE - ok
08:54:58.0260 6800 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:54:58.0260 6800 TDTCP - ok
08:54:58.0276 6800 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:54:58.0291 6800 tdx - ok
08:54:58.0307 6800 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\drivers\termdd.sys
08:54:58.0323 6800 TermDD - ok
08:54:58.0338 6800 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
08:54:58.0369 6800 TermService - ok
08:54:58.0385 6800 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
08:54:58.0385 6800 Themes - ok
08:54:58.0401 6800 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
08:54:58.0416 6800 THREADORDER - ok
08:54:58.0416 6800 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
08:54:58.0432 6800 TrkWks - ok
08:54:58.0510 6800 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:54:58.0525 6800 TrustedInstaller - ok
08:54:58.0681 6800 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:54:58.0681 6800 tssecsrv - ok
08:54:59.0149 6800 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:54:59.0149 6800 tunnel - ok
08:54:59.0212 6800 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
08:54:59.0227 6800 uagp35 - ok
08:54:59.0368 6800 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
08:54:59.0383 6800 uCamMonitor - ok
08:54:59.0477 6800 [ 0E5E962B5649D544BE54E8C90761EA2B ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:54:59.0493 6800 udfs - ok
08:54:59.0649 6800 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:54:59.0649 6800 UI0Detect - ok
08:54:59.0680 6800 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:54:59.0695 6800 uliagpkx - ok
08:54:59.0929 6800 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
08:54:59.0929 6800 umbus - ok
08:54:59.0992 6800 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
08:54:59.0992 6800 UmPass - ok
08:55:00.0756 6800 [ 11A559E0F10CC5E788984023DF400A6F ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
08:55:00.0881 6800 UNS - ok
08:55:01.0068 6800 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
08:55:01.0084 6800 upnphost - ok
08:55:01.0224 6800 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
08:55:01.0240 6800 USBAAPL64 - ok
08:55:01.0505 6800 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:55:01.0505 6800 usbccgp - ok
08:55:01.0942 6800 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:55:01.0942 6800 usbcir - ok
08:55:02.0004 6800 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\drivers\usbehci.sys
08:55:02.0004 6800 usbehci - ok
08:55:02.0129 6800 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:55:02.0160 6800 usbhub - ok
08:55:02.0191 6800 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\drivers\usbohci.sys
08:55:02.0191 6800 usbohci - ok
08:55:02.0285 6800 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:55:02.0285 6800 usbprint - ok
08:55:02.0597 6800 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
08:55:02.0597 6800 usbscan - ok
08:55:02.0769 6800 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:55:02.0784 6800 USBSTOR - ok
08:55:03.0237 6800 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
08:55:03.0237 6800 usbuhci - ok
08:55:03.0658 6800 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
08:55:03.0705 6800 usbvideo - ok
08:55:03.0751 6800 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
08:55:03.0767 6800 UxSms - ok
08:55:04.0063 6800 [ A60605FC66552B421EE1F3D4EBB9A4E0 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
08:55:04.0141 6800 VAIO Event Service - ok
08:55:05.0124 6800 [ D469BE2723F79CF4B384680B1FDC577D ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
08:55:05.0140 6800 VAIO Power Management - ok
08:55:05.0155 6800 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
08:55:05.0171 6800 VaultSvc - ok
08:55:05.0358 6800 [ 96EFA2698D6B9E2931609A3EA73FC5DC ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
08:55:05.0530 6800 VCFw - ok
08:55:05.0561 6800 [ 84BB306B7863883018D7F3EB0C453BD5 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
08:55:05.0561 6800 VClone - ok
08:55:05.0811 6800 [ 7BEBF6A5285FFC03C34A7297A4E177CB ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
08:55:05.0982 6800 VcmIAlzMgr - ok
08:55:06.0169 6800 [ E005B04DFCA99F5880C5111933194CA9 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
08:55:06.0201 6800 VcmINSMgr - ok
08:55:06.0232 6800 [ 829A32FD1334F72429CA0515760EB7A7 ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
08:55:06.0247 6800 VcmXmlIfHelper - ok
08:55:06.0544 6800 [ D347D3ABE070AA09C22FC37121555D52 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
08:55:06.0559 6800 VCService - ok
08:55:06.0778 6800 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
08:55:06.0793 6800 vdrvroot - ok
08:55:06.0840 6800 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
08:55:06.0856 6800 vds - ok
08:55:07.0105 6800 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:55:07.0121 6800 vga - ok
08:55:07.0261 6800 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
08:55:07.0261 6800 VgaSave - ok
08:55:07.0324 6800 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
08:55:07.0324 6800 vhdmp - ok
08:55:07.0573 6800 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
08:55:07.0573 6800 viaide - ok
08:55:07.0605 6800 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:55:07.0620 6800 volmgr - ok
08:55:08.0041 6800 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:55:08.0057 6800 volmgrx - ok
08:55:08.0073 6800 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:55:08.0088 6800 volsnap - ok
08:55:08.0197 6800 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
08:55:08.0197 6800 vsmraid - ok
08:55:08.0775 6800 [ A7EB62C664A03901165290A714BD48D0 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
08:55:08.0821 6800 VSNService - ok
08:55:09.0227 6800 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
08:55:09.0336 6800 VSS - ok
08:55:09.0586 6800 [ FB4A1695D2D74F9C92CA5E84795CDBE1 ] VUAgent C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
08:55:09.0617 6800 VUAgent - ok
08:55:09.0648 6800 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
08:55:09.0664 6800 vwifibus - ok
08:55:09.0820 6800 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
08:55:09.0835 6800 vwififlt - ok
08:55:09.0867 6800 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
08:55:09.0867 6800 vwifimp - ok
08:55:09.0929 6800 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
08:55:09.0929 6800 W32Time - ok
08:55:10.0007 6800 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
08:55:10.0023 6800 WacomPen - ok
08:55:10.0163 6800 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:55:10.0163 6800 WANARP - ok
08:55:10.0163 6800 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:55:10.0179 6800 Wanarpv6 - ok
08:55:11.0052 6800 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
08:55:11.0193 6800 WatAdminSvc - ok
08:55:11.0676 6800 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
08:55:11.0770 6800 wbengine - ok
08:55:11.0848 6800 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:55:11.0848 6800 WbioSrvc - ok
08:55:12.0019 6800 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:55:12.0019 6800 wcncsvc - ok
08:55:12.0129 6800 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:55:12.0129 6800 WcsPlugInService - ok
08:55:12.0175 6800 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
08:55:12.0175 6800 Wd - ok
08:55:12.0924 6800 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:55:12.0955 6800 Wdf01000 - ok
08:55:13.0049 6800 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:55:13.0049 6800 WdiServiceHost - ok
08:55:13.0065 6800 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:55:13.0065 6800 WdiSystemHost - ok
08:55:13.0205 6800 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
08:55:13.0205 6800 WebClient - ok
08:55:13.0330 6800 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:55:13.0346 6800 Wecsvc - ok
08:55:13.0564 6800 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:55:13.0564 6800 wercplsupport - ok
08:55:13.0611 6800 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
08:55:13.0626 6800 WerSvc - ok
08:55:13.0876 6800 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:55:13.0876 6800 WfpLwf - ok
08:55:14.0048 6800 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:55:14.0048 6800 WIMMount - ok
08:55:14.0048 6800 WinDefend - ok
08:55:14.0063 6800 WinHttpAutoProxySvc - ok
08:55:14.0282 6800 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:55:14.0313 6800 Winmgmt - ok
08:55:14.0812 6800 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
08:55:14.0859 6800 WinRM - ok
08:55:14.0999 6800 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
08:55:14.0999 6800 WinUsb - ok
08:55:15.0171 6800 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
08:55:15.0233 6800 Wlansvc - ok
08:55:15.0358 6800 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:55:15.0358 6800 wlcrasvc - ok
08:55:16.0029 6800 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:55:16.0091 6800 wlidsvc - ok
08:55:16.0138 6800 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
08:55:16.0138 6800 WmiAcpi - ok
08:55:16.0200 6800 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:55:16.0200 6800 wmiApSrv - ok
08:55:16.0325 6800 WMPNetworkSvc - ok
08:55:16.0356 6800 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:55:16.0372 6800 WPCSvc - ok
08:55:16.0388 6800 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:55:16.0403 6800 WPDBusEnum - ok
08:55:16.0824 6800 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:55:16.0840 6800 ws2ifsl - ok
08:55:17.0012 6800 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\system32\wscsvc.dll
08:55:17.0027 6800 wscsvc - ok
08:55:17.0027 6800 WSearch - ok
08:55:18.0197 6800 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
08:55:18.0369 6800 wuauserv - ok
08:55:18.0556 6800 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:55:18.0556 6800 WudfPf - ok
08:55:18.0728 6800 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:55:18.0743 6800 WUDFRd - ok
08:55:18.0821 6800 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:55:18.0837 6800 wudfsvc - ok
08:55:18.0852 6800 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
08:55:18.0868 6800 WwanSvc - ok
08:55:19.0071 6800 [ 5250193EF8E173AA7491250F00EB367F ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
08:55:19.0118 6800 yukonw7 - ok
08:55:19.0149 6800 ================ Scan global ===============================
08:55:19.0211 6800 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
08:55:19.0445 6800 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
08:55:19.0461 6800 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
08:55:19.0523 6800 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
08:55:19.0664 6800 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
08:55:19.0695 6800 [Global] - ok
08:55:19.0695 6800 ================ Scan MBR ==================================
08:55:19.0695 6800 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
08:55:22.0565 6800 \Device\Harddisk0\DR0 - ok
08:55:22.0565 6800 ================ Scan VBR ==================================
08:55:22.0799 6800 [ 26E3AA50437E49CFF3FBA0B3397F1A0B ] \Device\Harddisk0\DR0\Partition1
08:55:22.0924 6800 \Device\Harddisk0\DR0\Partition1 - ok
08:55:23.0564 6800 [ B527AFBFAA69DBE98E3B330FFA0A80AA ] \Device\Harddisk0\DR0\Partition2
08:55:23.0564 6800 \Device\Harddisk0\DR0\Partition2 - ok
08:55:23.0564 6800 ============================================================
08:55:23.0564 6800 Scan finished
08:55:23.0564 6800 ============================================================
08:55:23.0579 6776 Detected object count: 0
08:55:23.0579 6776 Actual detected object count: 0

Alt 31.10.2012, 17:01   #13
markusg
/// Malware-holic
 
Polizei - Ihr Computer wurde gesperrt - Österreich - Standard

Polizei - Ihr Computer wurde gesperrt - Österreich



sehr gut
lade den CCleaner standard:
CCleaner Download - CCleaner 3.24.1850
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 31.10.2012, 18:16   #14
victorynox
 
Polizei - Ihr Computer wurde gesperrt - Österreich - Standard

Polizei - Ihr Computer wurde gesperrt - Österreich



hallo!

hier die liste:

HP Imaging Device Functions 13.0 HP 19.03.2011 13.0 - notwendig
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B HP 19.03.2011 13.0 - notwendig
HP Smart Web Printing 4.51 HP 19.03.2011 4.51 - notwendig
HP Solution Center 13.0 HP 19.03.2011 13.0 - notwendig
HP Update Hewlett-Packard 19.03.2011 3,72MB 4.000.011.006 - notwendig
iCloud Apple Inc. 29.09.2012 80,2MB 2.0.2.187 - unnötig
Incredibar Toolbar on IE 30.03.2012 - unnötig
Intel(R) Control Center Intel Corporation 26.10.2010 1.2.1.1007 - notwendig
Intel(R) Management Engine Components Intel Corporation 26.10.2010 6.0.0.1179 - notwendig
Intel(R) Rapid Storage Technology Intel Corporation 26.10.2010 9.6.0.1014 - notwendig
Intel(R) Turbo Boost Technology Driver Intel Corporation 26.10.2010 01.02.00.1002 - notwendig
iTunes Apple Inc. 29.09.2012 182MB 10.7.0.21 - notwendig
Java 7 Update 9 (64-bit) Oracle 30.10.2012 127MB 7.0.90 - notwendig
Java(TM) 6 Update 20 (64-bit) Sun Microsystems, Inc. 26.10.2010 90,5MB 6.0.200 - notwendig
Java(TM) 6 Update 24 Sun Microsystems, Inc. 26.10.2010 97,2MB 6.0.240 - notwendig
Malwarebytes Anti-Malware Version 1.65.1.1000 Malwarebytes Corporation 30.10.2012 19,4MB 1.65.1.1000 - notwendig
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 25.02.2011 38,8MB 4.0.30319 - notwendig
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 25.02.2011 2,93MB 4.0.30319 - notwendig
Microsoft IntelliPoint 8.0 Microsoft 07.02.2011 37,9MB 8.0.225.0 - notwendig
Microsoft Office 2010 Microsoft Corporation 26.10.2010 6,31MB 14.0.4763.1000 - notwendig
Microsoft Office Enterprise 2007 Microsoft Corporation 31.10.2012 12.0.6612.1000 - notwendig
Microsoft Office File Validation Add-In Microsoft Corporation 31.10.2012 7,91MB 14.0.5130.5003 - notwendig
Microsoft Office Klick-und-Los 2010 Microsoft Corporation 27.02.2011 14.0.4763.1000 - notwendig
Microsoft Office Live Add-in 1.5 Microsoft Corporation 31.10.2012 508KB 2.0.4024.1 - notwendig
Microsoft Office Outlook Connector Microsoft Corporation 03.05.2012 3,36MB 14.0.5118.5000 - notwendig
Microsoft Office Starter 2010 - Deutsch Microsoft Corporation 27.02.2011 14.0.4763.1000 - notwendig
Microsoft Silverlight Microsoft Corporation 31.10.2012 40,3MB 4.1.10329.0 - notwendig
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 26.10.2010 1,72MB 3.1.0000 - notwendig
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Corporation 28.02.2011 258KB 8.0.50727.4053 - notwendig
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 06.03.2012 298KB 8.0.61001 - notwendig
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 26.10.2010 708KB 8.0.61000 - notwendig
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 Microsoft Corporation 13.04.2011 580KB 8.0.51011 - notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 09.03.2012 1,41MB 9.0.21022 - notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 09.09.2011 586KB 9.0.30729.4148 - notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 06.03.2012 600KB 9.0.30729.6161 - notwendig
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 31.10.2012 11,1MB 10.0.40219 - notwendig
mixdtv mixd.tv 09.03.2012 1.1.0 - unbekannt
MixPad Audiodatei-Mixer NCH Software 04.08.2011 - unbekannt
MobileMe Control Panel Apple Inc. 28.05.2012 12,9MB 3.1.8.0 - unbekannt
Mozilla Firefox 16.0.2 (x86 de) Mozilla 30.10.2012 40,0MB 16.0.2 - notwendig
Mozilla Firefox 4.0 (x86 de) Mozilla 27.03.2011 30,1MB 4.0 - notwendig
Mozilla Maintenance Service Mozilla 30.10.2012 329KB 16.0.2 - notwendig
MSXML 4.0 SP3 Parser Microsoft Corporation 26.10.2010 1,47MB 4.30.2100.0 - notwendig
MSXML 4.0 SP3 Parser (KB973685) Microsoft Corporation 24.01.2011 1,53MB 4.30.2107.0 - notwendig
Nemetschek Allplan 2004 19.08.2011 - notwendig
Nero BurnLite 10 Nero AG 23.01.2011 56,3MB 10.0.10600 - unnötig
NETGEAR Genie 04.12.2011 - notwendig
OCR Software by I.R.I.S. 13.0 HP 19.03.2011 13.0 - unbekannt
Optimizer Pro v3.0 PC Utilities Pro 30.03.2012 20,3MB 3.0 - unnötig
Orbit Downloader www.orbitdownloader.com 05.03.2011 - unnötig
PDFCreator Frank Heindörfer, Philip Chinery 01.09.2011 - notwendig 1.2.2
PMB Sony Corporation 26.10.2010 261MB 5.3.00.06040 - unbekannt
QuickTime Apple Inc. 28.05.2012 73,2MB 7.72.80.56 - unnötig
Realtek HDMI Audio Driver for ATI Realtek Semiconductor Corp. 26.10.2010 6.0.1.6034 - notwendig
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 26.10.2010 6.0.1.6098 - notwendig
Remote Play mit PlayStation®3 Sony Corporation 26.10.2010 1.0.2.06210
Remote-Tastatur mit PlayStation 3 Sony Corporation 26.10.2010 1.0.2.06170
Safari Apple Inc. 28.05.2012 104MB 5.34.57.2 - unnötig
Shop for HP Supplies HP 19.03.2011 13.0 - unnötig
Skype™ 4.2 Skype Technologies S.A. 26.10.2010 31,7MB 4.2.152
SmartSound Quicktracks for Premiere Elements 8.0 SmartSound Software Inc 26.10.2010 25,4MB 3.11.3090 - unbekannt
Steam Valve Corporation 28.12.2011 35,4MB 1.0.0.0 - unnötig
Switch Audiodatei-Konverter NCH Software 04.08.2011 - unbekannt
Team Fortress 2 Valve 29.12.2011 - unnötig
Uninstall 1.0.0.1 26.03.2011 10,9MB - unbekannt
uTorrentBar_DE Toolbar uTorrentBar_DE 23.06.2011 - unnötig 6.3.5.3
VAIO - Media Gallery Sony Corporation 26.10.2010 1.3.0.06230 - notwendig
VAIO - PMB VAIO Edition Guide Sony Corporation 26.10.2010 72,3MB 1.3.00.06040 - notwendig
VAIO - PMB VAIO Edition plug-in (Click to Disc) Sony Corporation 26.10.2010 126MB 3.3.00.06180 - notwendig
VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer) Sony Corporation 26.10.2010 39,3MB 1.3.00.06110 - notwendig
VAIO - PMB VAIO Edition plug-in (VAIO Movie Story) Sony Corporation 26.10.2010 70,5MB 2.3.00.06180 - notwendig
VAIO Care Sony Corporation 26.11.2011 6.4.2.11150 - notwendig
VAIO Control Center Sony Corporation 26.10.2010 4.3.0.05310 - notwendig
VAIO Data Restore Tool Sony Corporation 26.10.2010 1.4.0.05240 - notwendig
VAIO DVD Menu Data Sony Corporation 26.10.2010 2.2.00.05120 - notwendig
VAIO Gate Sony Corporation 26.10.2010 2.2.0.06080 - notwendig
VAIO Gate Default Sony Corporation 26.10.2010 2.2.0.07020 - notwendig
VAIO Media plus Sony Corporation 26.10.2010 2.1.0.18210 - notwendig
VAIO Media plus Opening Movie Sony Corporation 26.10.2010 2.1.0.13220 - notwendig
VAIO Movie Story Template Data Sony Corporation 26.10.2010 438MB 2.3.00.06040 - notwendig
VAIO Quick Web Access Sony Corporation 26.10.2010 282MB 1.3.4.2 - notwendig
VAIO Sample Contents Sony Corporation 26.10.2010 1.3.0.06041 - notwendig
VAIO screensaver Sony Europe 22.01.2011 1.0.0.0 - notwendig
VAIO Smart Network Sony Corporation 26.10.2010 3.3.0.06080 - notwendig
VAIO Update Sony Corporation 01.04.2012 5.6.1.02150 - notwendig
VAIO-Handbuch Sony Corporation 26.10.2010 1.1.0.05280 - notwendig
VAIO-Support für Übertragungen Sony Corporation 26.10.2010 1.2.0.06230 - notwendig
VirtualCloneDrive Elaborate Bytes 25.01.2011 - unbekannt
VLC media player 1.1.5 VideoLAN 22.01.2011 - notwendig 1.1.5
VoiceOver Kit Apple Inc. 01.10.2012 41,7MB 1.42.128.0 - unbekannt
WavePad Audiobearbeitungs-Software NCH Software 04.08.2011 - unbekannt
WIDCOMM Bluetooth Software Broadcom Corporation 26.10.2010 183MB 6.3.0.5600 - unbekannt
Winamp Nullsoft, Inc 01.04.2011 5.61 - notwendig
Winamp Erkennungs-Plug-in Nullsoft, Inc 01.04.2011 75,0KB 1.0.0.1
Windows Live Essentials Microsoft Corporation 03.05.2012 15.4.3555.0308 - notwendig
Windows Live Mesh ActiveX control for remote connections Microsoft Corporation 03.05.2012 5,57MB 15.4.5722.2 - notwendig
Windows Live Sync Microsoft Corporation 26.10.2010 2,79MB 14.0.8117.416 - notwendig
Windows Media Player Firefox Plugin Microsoft Corp 18.02.2011 296KB 1.0.0.8 - notwendig
Windows Movie Maker 2.6 Microsoft Corporation 09.03.2012 8,85MB 2.6.4037.0 - unnötig
Windows Searchqu Toolbar Bandoo Media Inc 03.10.2012 4.1.0.3114 - unnötig
WinRAR 27.02.2011 - notwendig
XBMC Team XBMC 09.09.2011 - notwendig
µTorrent 23.06.2011 3.0.0 - notwendig

Alt 01.11.2012, 00:34   #15
markusg
/// Malware-holic
 
Polizei - Ihr Computer wurde gesperrt - Österreich - Standard

Polizei - Ihr Computer wurde gesperrt - Österreich



bist du sicher, dass die vollständig ist, glaubs eher nicht, alles ab a bis g fehlt.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Polizei - Ihr Computer wurde gesperrt - Österreich
adware.clickpotato, adware.hotbar, adware.shopperreports, bereits, computer, computer wurde gesperrt, erwischt, gesperrt, ihr computer wurde gesperrt, malware.trace, malwarebytes, meldung, polizei, problem, pup.bflix, rechner, shopperreports, trojan.agent, trojan.agent.ck, trojan.delf, trojan.ransom.gen, windows, windows vista, windows vista home, Österreich




Ähnliche Themen: Polizei - Ihr Computer wurde gesperrt - Österreich


  1. Polizei sperrt Computer (Österreich)
    Plagegeister aller Art und deren Bekämpfung - 13.09.2013 (17)
  2. Computer gesperrt /Trojaner-Polizei Österreich
    Log-Analyse und Auswertung - 30.08.2013 (9)
  3. Computer wurde gesperrt - "Polizei" Trojaner/Virus
    Plagegeister aller Art und deren Bekämpfung - 09.05.2013 (15)
  4. Ich Computer wurde gesperrt - Bundesamt für Polizei
    Plagegeister aller Art und deren Bekämpfung - 15.04.2013 (3)
  5. Polizei (Österreich) Control Department "Ihr Computer ist gesperrt"
    Plagegeister aller Art und deren Bekämpfung - 26.03.2013 (12)
  6. Rechner gesperrt - "Polizei - Ihr Computer wurde gesperrt"
    Log-Analyse und Auswertung - 12.02.2013 (5)
  7. Polizei (Österreich) Control Department "Ihr Computer ist gesperrt
    Plagegeister aller Art und deren Bekämpfung - 31.01.2013 (11)
  8. Polizei-Virus (Der Computer ist für die Verletzung der Gesetze der Rebublik Österreich blockiert worden)
    Log-Analyse und Auswertung - 16.12.2012 (12)
  9. Polizei-Trojaner Österreich - Ihr Computer wurde gesperrt...
    Log-Analyse und Auswertung - 13.12.2012 (17)
  10. Bundestrojaner Variante: "Ihr Computer wurde gesperrt"; " Ihr Computer wurde durch das Speichern der autom. Informationskontrolle gesperrt"
    Log-Analyse und Auswertung - 25.11.2012 (10)
  11. Computer durch Polizei gesperrt inkl. WebCam (Österreich)
    Plagegeister aller Art und deren Bekämpfung - 13.11.2012 (11)
  12. Ihr Computer wurde gesperrt Entsperren SIe mit Ukash Polizei
    Log-Analyse und Auswertung - 27.10.2012 (40)
  13. Österreiche Polizei-Virus, Ihr Computer wurde gesperrt....
    Plagegeister aller Art und deren Bekämpfung - 13.10.2012 (37)
  14. Ihr Computer wurde gesperrt - Polizei Trojaner
    Plagegeister aller Art und deren Bekämpfung - 10.09.2012 (1)
  15. Bundespolizei (Österreich) - Ihr Computer wurde gesperrt
    Log-Analyse und Auswertung - 20.07.2012 (9)
  16. Ihr Computer wurde gesperrt + Polizei + Ukash
    Plagegeister aller Art und deren Bekämpfung - 11.07.2012 (1)
  17. POLIZEI - Ihr Computer wurde gesperrt - 100 Euro Trojaner
    Log-Analyse und Auswertung - 06.06.2012 (3)

Zum Thema Polizei - Ihr Computer wurde gesperrt - Österreich - Hallo! Mein Problem ist ähnlich wenn nicht gleich wie in diesem Thema: der-computer-ist-fur-die-verletzung-der-gesetze-der-republik-osterreich-blockiert-worden??? (Mehrseitiges Thema 1 2 3) defendermax "...den Rechner hat's erwischt - bei einem user unter windows vista - Polizei - Ihr Computer wurde gesperrt - Österreich...
Archiv
Du betrachtest: Polizei - Ihr Computer wurde gesperrt - Österreich auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.