| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Google Suchergebnisse springen nach einer Sekunde umWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
17.12.2012, 14:53
| #1 |
| |  Google Suchergebnisse springen nach einer Sekunde um Liebe Community, seit dem 16.12. habe ich ein Problem auf meinem Laptop. Wenn ich bei Google im Firefox nach etwas suche, z.B. "Dirk Nowitzki", dann erscheinen zuerst alle normalen Suchergebnisse wie wikipedia, seine private Homepage etc. Doch nach ca. einer Sekunde tauchen auch noch ein paar andere Suchergebnisse auf, wie shopzilla.de; driverperformer.com; yepp-yepp.de usw. Der Treffer zu wikipedia rutscht nach unten. Habe schon ein paar Sachen ausprobiert, wie den Firefox zu deinstallieren und neu zu installieren, doch nach kurzer Zeit war das Problem wieder da. Das Problem taucht nur im Firefox auf, nicht im IE oder in Safari. Wäre dankbar für ein paar Tipps. Viele Grüße, Rincon |
|
17.12.2012, 15:31
| #2 |
| /// Malware-holic   | Google Suchergebnisse springen nach einer Sekunde um Hi,
__________________Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ |
|
17.12.2012, 17:58
| #3 |
| | Google Suchergebnisse springen nach einer Sekunde um Hier die OTL.txt:
__________________OTL Logfile: Code:
ATTFilter OTL logfile created on: 17.12.2012 17:23:17 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = c:\Users\Arne\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19328) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,97 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 48,93% Memory free 6,13 Gb Paging File | 3,72 Gb Available in Paging File | 60,63% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 286,84 Gb Total Space | 85,67 Gb Free Space | 29,87% Space Free | Partition Type: NTFS Computer Name: LAPTOP | User Name: Arne | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - c:\Users\Arne\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe (Adobe Systems, Inc.) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\Juniper Networks\Common Files\dsNcService.exe (Juniper Networks) PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) PRC - c:\Program Files\Real\RealPlayer\Update\realonemessagecenter.exe (RealNetworks, Inc.) PRC - C:\Program Files\FILSHtray\FILSHtray.exe (FILSH Media GmbH) PRC - C:\Program Files\dradio-Recorder\phonostarTimer.exe () PRC - C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe () PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe (Sony Corporation) PRC - C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe (Sony Corporation) PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\conime.exe (Microsoft Corporation) PRC - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) PRC - C:\Program Files\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation) PRC - C:\Program Files\Winamp\winampa.exe () PRC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) PRC - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) PRC - C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation) PRC - C:\Windows\RTKAUDIOSERVICE.EXE (Realtek Semiconductor) PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.) PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) PRC - C:\Program Files\Sony\Network Utility\NSUService.exe (Sony Corporation) PRC - C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation) PRC - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) PRC - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation) PRC - C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) PRC - C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe (Sony Corporation) PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe () PRC - C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe (OLYMPUS IMAGING CORP.) PRC - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\68c89abe0ec8381863d6bb18539504f9\System.Runtime.Serialization.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\949339bed597380b8fb6dd2dc97d8006\SMDiagnostics.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\2d737eebab3321e31bf20296d04a0e1a\System.ServiceModel.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\22a93e6b9ed069aa9262e8fb4ce4bab1\System.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7f15d0cb7e4f87f86e425d5ffe7e8280\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cc886f282a95abd6fe4a622603edaf72\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\60cb4d643fe76b9429c0924676eed461\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll () MOD - C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll () MOD - C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll () MOD - C:\Program Files\dradio-Recorder\phonostarTimer.exe () MOD - C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files\Google\Google Desktop Search\gzlib.dll () MOD - C:\Program Files\Sony\Reader\Data\bin\launcher\connectionDetector.dll () MOD - C:\Program Files\Sony\Reader\Data\bin\launcher\fsk.dll () MOD - C:\Program Files\Sony\Reader\Data\bin\launcher\FskNetInterface.dll () MOD - C:\Program Files\Sony\Reader\Data\bin\launcher\FskTimeHardware.dll () MOD - C:\Program Files\Sony\Reader\Data\bin\launcher\ticket.dll () MOD - C:\Program Files\Sony\Reader\Data\bin\launcher\ebookDeviceNotifier.dll () MOD - C:\Program Files\Sony\Reader\Data\bin\FskinLocalize.dll () MOD - C:\Program Files\Sony\Reader\Data\bin\FskPower.dll () MOD - C:\Program Files\Sony\Reader\Data\bin\FskDocumentViewer.dll () MOD - C:\Program Files\Sony\Reader\Data\bin\FskMobileMediaDevice.dll () MOD - C:\Program Files\Sony\Reader\Data\bin\Fskin.dll () MOD - C:\Program Files\Sony\Reader\Data\bin\FskMediaPlayers.dll () MOD - C:\Program Files\Sony\Reader\Data\bin\launcher\USBDetector.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll () MOD - C:\Program Files\Sony\Reader\Data\bin\FskSecurity.dll () MOD - C:\Program Files\Sony\Reader\Data\bin\launcher\ebookUsb.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll () MOD - C:\Program Files\WinRAR\RarExt.dll () MOD - C:\Program Files\Winamp\winampa.exe () MOD - C:\Windows\assembly\GAC_MSIL\SPMDam\3.1.0.6020__1b3c579b6925895f\SPMDam.dll () MOD - C:\Windows\assembly\GAC_MSIL\SPMCommon\3.1.0.6020__e3c7096ba83f9295\SPMCommon.dll () MOD - C:\Program Files\Free M4a to MP3 Converter\m4a_menu.dll () MOD - C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll () MOD - C:\Windows\System32\OdiOlDVR.dll () MOD - C:\Windows\System32\OdiAPI.dll () ========== Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (dsNcService) -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe (Juniper Networks) SRV - (Radio.fx) -- C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe () SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (Sony SCSI Helper Service) -- C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe (Sony Corporation) SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (VAIO Event Service) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) SRV - (RtkAudioService) -- C:\Windows\RTKAUDIOSERVICE.EXE (Realtek Semiconductor) SRV - (NSUService) -- C:\Program Files\Sony\Network Utility\NSUService.exe (Sony Corporation) SRV - (VCFw) -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) SRV - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) SRV - (Vcsw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) SRV - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) SRV - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe (Sony Corporation) SRV - (VzCdbSvc) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation) SRV - (SOHDms) -- C:\Program Files\Sony\VAIO Media plus\SOHDms.exe (Sony Corporation) SRV - (SOHCImp) -- C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe (Sony Corporation) SRV - (SOHDs) -- C:\Program Files\Sony\VAIO Media plus\SOHDs.exe (Sony Corporation) SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation) SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation) SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation) SRV - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (AdobeActiveFileMonitor6.0) -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe () SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) ========== Driver Services (SafeList) ========== DRV - (UIUSys) -- system32\DRIVERS\UIUSYS.SYS File not found DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found DRV - (dsNcAdpt) -- C:\Windows\System32\drivers\dsNcAdpt.sys (Juniper Networks) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation) DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation) DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC) DRV - (risdptsk) -- C:\Windows\System32\drivers\risdptsk.sys (REDC) DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation) DRV - (NETw5v32) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation) DRV - (SFEP) -- C:\Windows\System32\drivers\SFEP.sys (Sony Corporation) DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.) DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo) DRV - (netr73) -- C:\Windows\System32\drivers\netr73.sys (Ralink Technology Inc.) DRV - (VNUSB) -- C:\Windows\System32\drivers\VNUSB.sys (OLYMPUS IMAGING CORP.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{9AE498B2-0CA9-41B5-9AD8-114690BE95AA}: "URL" = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta= IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-95726161-445926714-3226604679-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com IE - HKU\S-1-5-21-95726161-445926714-3226604679-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.sonystyle-europe.comht [Binary data over 200 bytes] IE - HKU\S-1-5-21-95726161-445926714-3226604679-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKU\S-1-5-21-95726161-445926714-3226604679-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKU\S-1-5-21-95726161-445926714-3226604679-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://web-mail.dw.de/ IE - HKU\S-1-5-21-95726161-445926714-3226604679-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-95726161-445926714-3226604679-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-95726161-445926714-3226604679-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7GGLL_de&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-95726161-445926714-3226604679-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://127.0.0.1:4664/search&s=y6gKFvIjjjtxEx3MMmBg04ephhI?q={searchTerms} IE - HKU\S-1-5-21-95726161-445926714-3226604679-1000\..\SearchScopes\{9AE498B2-0CA9-41B5-9AD8-114690BE95AA}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_de IE - HKU\S-1-5-21-95726161-445926714-3226604679-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-95726161-445926714-3226604679-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-21-95726161-445926714-3226604679-501\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com IE - HKU\S-1-5-21-95726161-445926714-3226604679-501\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.sonystyle-europe.comht [Binary data over 200 bytes] IE - HKU\S-1-5-21-95726161-445926714-3226604679-501\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKU\S-1-5-21-95726161-445926714-3226604679-501\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKU\S-1-5-21-95726161-445926714-3226604679-501\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.sonystyle-europe.comht [Binary data over 200 bytes] IE - HKU\S-1-5-21-95726161-445926714-3226604679-501\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com IE - HKU\S-1-5-21-95726161-445926714-3226604679-501\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-95726161-445926714-3226604679-501\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SNYK IE - HKU\S-1-5-21-95726161-445926714-3226604679-501\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://127.0.0.1:4664/search&s=HRQFxu779G1LuYaCc4BE98gkWBY?q={searchTerms} IE - HKU\S-1-5-21-95726161-445926714-3226604679-501\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@sony.com/eBookLibrary: C:\Program Files\Sony\Reader\Data\bin\npebldetectmoz.dll (Sony Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKCU\Software\MozillaPlugins\@phonostar.de/phonostar: C:\Program Files\dradio-Recorder\npphonostarDetectNP.dll File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.05.21 12:07:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.17 12:33:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.09 16:31:29 | 000,000,000 | ---D | M] [2009.01.17 15:21:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Arne\AppData\Roaming\mozilla\Extensions [2012.12.17 13:33:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Arne\AppData\Roaming\mozilla\Firefox\Profiles\s3oktcwn.ALDorfclub\extensions [2012.12.17 13:32:00 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Arne\AppData\Roaming\mozilla\Firefox\Profiles\s3oktcwn.ALDorfclub\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012.12.17 13:31:59 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\Arne\AppData\Roaming\mozilla\Firefox\Profiles\s3oktcwn.ALDorfclub\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2012.12.17 13:33:07 | 000,316,317 | ---- | M] () (No name found) -- C:\Users\Arne\AppData\Roaming\mozilla\firefox\profiles\s3oktcwn.ALDorfclub\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}.xpi [2012.12.17 12:33:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012.11.29 09:26:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.05.21 12:06:35 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2012.11.29 10:19:31 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.11.29 10:19:31 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.11.29 10:19:31 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.11.29 10:19:32 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.11.29 10:19:31 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.11.29 10:19:31 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2012.12.15 13:58:51 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google BAE\BAE.dll (Your Company Name) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files\kikin\ie_kikin.dll (kikin) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKU\S-1-5-21-95726161-445926714-3226604679-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [AML] C:\Program Files\Sony\VAIO Launcher\AML.exe (Sony) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [Reader Library Launcher] C:\Program Files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe (Sony Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe () O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-95726161-445926714-3226604679-1000..\Run: [dradio-RecorderTimer] C:\Program Files\dradio-Recorder\phonostarTimer.exe () O4 - HKU\S-1-5-21-95726161-445926714-3226604679-501..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation) O4 - HKU\S-1-5-21-95726161-445926714-3226604679-501..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-95726161-445926714-3226604679-1000..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\Shockwave 11\SwHelper_1161629.exe (Adobe Systems, Inc.) O7 - HKU\S-1-5-21-95726161-445926714-3226604679-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-95726161-445926714-3226604679-501\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Arne\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll (kikin) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-95726161-445926714-3226604679-1000\..Trusted Domains: corel.com ([]http in Trusted sites) O15 - HKU\S-1-5-21-95726161-445926714-3226604679-1000\..Trusted Domains: corel.com ([www] * in Trusted sites) O15 - HKU\S-1-5-21-95726161-445926714-3226604679-1000\..Trusted Domains: intervideo.com ([]http in Trusted sites) O15 - HKU\S-1-5-21-95726161-445926714-3226604679-1000\..Trusted Domains: intervideo.com ([www] * in Trusted sites) O15 - HKU\S-1-5-21-95726161-445926714-3226604679-1000\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKU\S-1-5-21-95726161-445926714-3226604679-1000\..Trusted Ranges: GD ([http] in Local intranet) O15 - HKU\S-1-5-21-95726161-445926714-3226604679-501\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKU\S-1-5-21-95726161-445926714-3226604679-501\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} https://web-mail.dw.de/dwa85W.cab (IBM Lotus iNotes 8.5 Control) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 10.6.2) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 10.6.2) O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7F303BCF-8AC7-4CA5-AA81-5D4B06E6FE5D}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B6822D97-17A9-4D9B-BACF-0C0910C945B0}: DhcpNameServer = 192.168.1.150 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - VESWinlogon.dll (Sony Corporation) O24 - Desktop WallPaper: C:\Users\Arne\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Arne\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{53a5e0eb-c623-11de-b2c5-00214fb418ef}\Shell - "" = AutoRun O33 - MountPoints2\{53a5e0eb-c623-11de-b2c5-00214fb418ef}\Shell\AutoRun\command - "" = I:\laucher.exe O33 - MountPoints2\{5e285865-e657-11dd-913a-00214fb418ef}\Shell\AutoRun\command - "" = G:\system\viewer\FlipVideoforPC.exe O33 - MountPoints2\{5e285865-e657-11dd-913a-00214fb418ef}\Shell\Flip Video for PC\command - "" = G:\system\viewer\FlipVideoforPC.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\Microsoft ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - C:\Windows\System32\Adobe ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.4 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\Microsoft ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {83AD3079-02C5-401D-0D6A-0549068C67F8} - Internet Explorer ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - C:\Windows\System32\Adobe ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpReg: Cognac - hkey= - key= - File not found MsConfig - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe () MsConfig - StartUpReg: EA Core - hkey= - key= - C:\Program Files\Electronic Arts\EADM\Core.exe (Electronic Arts) MsConfig - State: "startup" - 2 CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.12.17 12:33:12 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service [2012.12.16 20:42:39 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012.12.16 19:25:22 | 000,000,000 | ---D | C] -- C:\Users\Arne\Desktop\Malediven [2012.12.13 19:22:44 | 000,000,000 | -H-D | C] -- C:\Users\Arne\Documents\Freemake_do_not_remove_this_folder634910233649159000 [2012.12.09 16:31:26 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012.11.30 15:07:13 | 000,000,000 | ---D | C] -- C:\Malediven [2012.11.28 17:27:34 | 000,000,000 | -H-D | C] -- C:\Users\Arne\Documents\Freemake_do_not_remove_this_folder634897204545870000 [2009.09.27 14:22:35 | 000,544,768 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcr71d.dll [2009.09.27 14:22:35 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcr71.dll ========== Files - Modified Within 30 Days ========== [2012.12.17 17:05:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.12.17 17:00:02 | 000,000,278 | -H-- | M] () -- C:\Windows\tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job [2012.12.17 16:40:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.12.17 16:39:28 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.12.17 16:39:28 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.12.17 15:53:40 | 000,165,888 | ---- | M] () -- C:\Users\Arne\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.12.17 15:25:04 | 000,107,327 | ---- | M] () -- C:\2010_11Antrag_Urlaubsentgelt-DW.pdf [2012.12.17 13:25:49 | 000,113,156 | ---- | M] () -- C:\ProgramData\nvModes.001 [2012.12.17 13:25:48 | 000,113,156 | ---- | M] () -- C:\ProgramData\nvModes.dat [2012.12.17 13:21:07 | 000,635,056 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.12.17 13:21:06 | 000,689,760 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.12.17 13:21:06 | 000,150,376 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.12.17 13:21:06 | 000,124,124 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.12.17 12:46:02 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.12.17 10:37:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.12.16 22:04:14 | 000,000,556 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Arne.job [2012.12.16 20:10:19 | 014,395,904 | ---- | M] () -- C:\Users\Arne\Desktop\Nachspiel Bowling.mp3 [2012.12.09 15:57:01 | 001,891,145 | ---- | M] () -- C:\Users\Arne\Desktop\Betriebliche Rente.pdf [2012.12.06 19:12:01 | 005,638,644 | ---- | M] () -- C:\Users\Arne\Desktop\Schiller - You (Instrumental) - [MP3JUICES.COM].mp3 [2012.12.06 18:15:58 | 000,424,944 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.12.06 18:14:27 | 3184,615,424 | -HS- | M] () -- C:\hiberfil.sys [2012.12.02 13:02:48 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012.12.02 12:30:23 | 000,116,083 | ---- | M] () -- C:\Lebenslauf Arne Lichtenberg.pdf [2012.12.02 12:09:04 | 000,061,270 | ---- | M] () -- C:\Motivationsschreiben Arne Lichtenberg.pdf ========== Files Created - No Company Name ========== [2012.12.17 12:33:15 | 000,000,818 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012.12.16 20:10:10 | 014,395,904 | ---- | C] () -- C:\Users\Arne\Desktop\Nachspiel Bowling.mp3 [2012.12.09 15:57:01 | 001,891,145 | ---- | C] () -- C:\Users\Arne\Desktop\Betriebliche Rente.pdf [2012.12.06 19:07:19 | 005,638,644 | ---- | C] () -- C:\Users\Arne\Desktop\Schiller - You (Instrumental) - [MP3JUICES.COM].mp3 [2012.12.02 12:30:23 | 000,116,083 | ---- | C] () -- C:\Lebenslauf Arne Lichtenberg.pdf [2012.12.02 12:09:04 | 000,061,270 | ---- | C] () -- C:\Motivationsschreiben Arne Lichtenberg.pdf [2012.09.09 15:56:26 | 004,503,728 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad [2012.09.06 19:38:30 | 000,000,000 | ---- | C] () -- C:\ProgramData\7lRL0ux1i.dat [2012.09.06 19:38:16 | 000,000,001 | ---- | C] () -- C:\ProgramData\doeR23dF.exe_.b [2012.09.06 19:38:16 | 000,000,001 | ---- | C] () -- C:\ProgramData\doeR23dF.exe.b [2011.04.29 02:05:12 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI [2011.02.01 23:28:29 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2011.02.01 23:27:04 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2010.07.25 11:07:26 | 000,017,408 | ---- | C] () -- C:\Users\Arne\AppData\Local\WebpageIcons.db [2010.07.12 21:16:32 | 000,000,030 | ---- | C] () -- C:\Users\Arne\.launchpad.prefs [2009.09.27 14:22:35 | 000,374,032 | ---- | C] () -- C:\Program Files\GDFBinary.dll [2009.09.27 14:22:34 | 000,324,880 | ---- | C] () -- C:\Program Files\dirtysock.dll [2009.09.27 14:22:33 | 000,030,398 | ---- | C] () -- C:\Program Files\config.dat [2009.09.27 14:22:33 | 000,000,143 | ---- | C] () -- C:\Program Files\autorun.inf [2009.09.27 14:22:31 | 004,532,736 | ---- | C] () -- C:\Program Files\autorun.dat [2009.01.19 22:02:15 | 000,000,552 | ---- | C] () -- C:\Users\Arne\AppData\Local\d3d8caps.dat [2009.01.19 20:20:39 | 000,165,888 | ---- | C] () -- C:\Users\Arne\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.01.17 15:35:35 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009.01.17 15:10:04 | 000,009,620 | ---- | C] () -- C:\Users\Arne\AppData\Local\d3d9caps.dat [2008.07.28 13:32:00 | 000,113,156 | ---- | C] () -- C:\ProgramData\nvModes.001 [2008.07.28 13:20:28 | 000,113,156 | ---- | C] () -- C:\ProgramData\nvModes.dat ========== ZeroAccess Check ========== [2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.10 23:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.10 23:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2012.11.30 10:04:33 | 000,000,000 | ---D | M] -- C:\Users\Arne\AppData\Roaming\Audacity [2012.09.02 17:31:36 | 000,000,000 | ---D | M] -- C:\Users\Arne\AppData\Roaming\Cugyud [2009.09.13 20:33:06 | 000,000,000 | ---D | M] -- C:\Users\Arne\AppData\Roaming\Desktopicon [2010.08.15 16:42:37 | 000,000,000 | ---D | M] -- C:\Users\Arne\AppData\Roaming\DVDVideoSoftIEHelpers [2010.05.25 16:04:08 | 000,000,000 | ---D | M] -- C:\Users\Arne\AppData\Roaming\elsterformular [2009.01.25 13:19:49 | 000,000,000 | ---D | M] -- C:\Users\Arne\AppData\Roaming\InterVideo [2012.09.06 19:43:08 | 000,000,000 | ---D | M] -- C:\Users\Arne\AppData\Roaming\Ipex [2011.05.05 13:07:59 | 000,000,000 | ---D | M] -- C:\Users\Arne\AppData\Roaming\iyyq3y2uvzxbragwynrurordfyrna1r2 [2012.10.20 11:23:39 | 000,000,000 | ---D | M] -- C:\Users\Arne\AppData\Roaming\Juniper Networks [2011.02.10 19:27:47 | 000,000,000 | ---D | M] -- C:\Users\Arne\AppData\Roaming\kikin [2012.09.02 17:31:28 | 000,000,000 | ---D | M] -- C:\Users\Arne\AppData\Roaming\Laehco [2011.06.29 13:27:30 | 000,000,000 | ---D | M] -- C:\Users\Arne\AppData\Roaming\MP3SkypeRecorder [2009.03.07 10:05:07 | 000,000,000 | ---D | M] -- C:\Users\Arne\AppData\Roaming\Octoshape [2010.08.25 21:05:02 | 000,000,000 | ---D | M] -- C:\Users\Arne\AppData\Roaming\Orbit [2011.09.06 09:13:43 | 000,000,000 | ---D | M] -- C:\Users\Arne\AppData\Roaming\phonostar GmbH [2010.08.25 20:53:16 | 000,000,000 | ---D | M] -- C:\Users\Arne\AppData\Roaming\ProgSense [2009.04.19 13:04:23 | 000,000,000 | ---D | M] -- C:\Users\Arne\AppData\Roaming\streamripper [2011.04.21 21:46:47 | 000,000,000 | ---D | M] -- C:\Users\Arne\AppData\Roaming\Tobit [2012.07.14 18:54:33 | 000,000,000 | ---D | M] -- C:\Users\Arne\AppData\Roaming\WindSolutions [2011.06.09 21:51:33 | 000,000,000 | ---D | M] -- C:\Users\Arne\AppData\Roaming\xcogzftviwkrvwkw2capnrkjgvldmz2g2 [2011.06.09 21:51:33 | 000,000,000 | ---D | M] -- C:\Users\Arne\AppData\Roaming\xfpvljhqdyxgnwqlnoyvyhocr2mevfpa2 [2011.04.28 15:35:24 | 000,000,000 | ---D | M] -- C:\Users\Arne\AppData\Roaming\xmmtbg33jpd2231lmsostgqo1nqzlhau2 [2011.05.05 13:33:04 | 000,000,000 | ---D | M] -- C:\Users\Arne\AppData\Roaming\xvuw3dmdypsr3xkq1vup1nlidflsnabm2 ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2012.12.17 12:46:42 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2009.01.18 19:18:51 | 000,000,000 | ---D | M] -- C:\100CASIO [2010.03.16 20:27:17 | 000,000,000 | ---D | M] -- C:\Abi Revival [2012.12.02 12:43:37 | 000,000,000 | ---D | M] -- C:\Beiträge [2011.06.24 20:21:27 | 000,000,000 | ---D | M] -- C:\Bilbao [2012.01.21 16:20:25 | 000,000,000 | ---D | M] -- C:\Bodensee [2011.02.02 00:00:04 | 000,000,000 | -HSD | M] -- C:\Boot [2010.12.14 14:25:31 | 000,000,000 | ---D | M] -- C:\Brüssel Mini Europa [2009.01.18 19:20:15 | 000,000,000 | ---D | M] -- C:\Casamiento [2009.01.18 19:20:22 | 000,000,000 | ---D | M] -- C:\Confederations Cup 2005 [2009.01.29 20:28:37 | 000,000,000 | ---D | M] -- C:\Dan Luger [2010.01.07 21:49:01 | 000,000,000 | ---D | M] -- C:\Deutsche Welle, ARD, Arbeitsproben [2009.01.18 19:23:35 | 000,000,000 | ---D | M] -- C:\Digital Wave Player [2010.01.06 19:39:14 | 000,000,000 | ---D | M] -- C:\Diplomarbeit [2011.07.20 20:43:58 | 000,000,000 | ---D | M] -- C:\divx [2008.08.11 14:15:13 | 000,000,000 | ---D | M] -- C:\Documentation [2006.11.02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2009.01.17 15:06:22 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2010.10.05 01:18:00 | 000,000,000 | R--D | M] -- C:\Downloads [2011.05.17 21:06:08 | 000,000,000 | ---D | M] -- C:\Edinburgh Schottland [2009.12.25 14:52:23 | 000,000,000 | ---D | M] -- C:\Events [2009.01.18 19:34:50 | 000,000,000 | ---D | M] -- C:\fankartei [2009.01.18 20:23:26 | 000,000,000 | ---D | M] -- C:\Fotos [2012.04.10 09:43:06 | 000,000,000 | -HSD | M] -- C:\found.000 [2009.01.18 20:23:59 | 000,000,000 | ---D | M] -- C:\Göttingen 24-26.06.2005 [2012.04.29 12:07:45 | 000,000,000 | ---D | M] -- C:\Homepage [2012.11.17 14:44:45 | 000,000,000 | ---D | M] -- C:\Hörbücher [2008.07.28 14:04:58 | 000,000,000 | ---D | M] -- C:\Intel [2010.07.12 21:16:45 | 000,000,000 | ---D | M] -- C:\IWTemp [2009.01.18 23:37:01 | 000,000,000 | ---D | M] -- C:\lotschenhof [2012.10.01 14:04:32 | 000,000,000 | ---D | M] -- C:\Madeira [2010.12.14 17:11:20 | 000,000,000 | ---D | M] -- C:\Mailand [2012.11.30 15:18:01 | 000,000,000 | ---D | M] -- C:\Malediven [2009.01.18 23:37:16 | 000,000,000 | ---D | M] -- C:\Mallorca [2012.08.29 10:36:22 | 000,000,000 | ---D | M] -- C:\Mallorca Capdepera 2010 [2009.01.19 00:56:47 | 000,000,000 | ---D | M] -- C:\Mp3 [2008.08.11 13:39:18 | 000,000,000 | RH-D | M] -- C:\MSOCache [2009.09.16 00:12:42 | 000,000,000 | ---D | M] -- C:\Mujeres-Flyer [2012.11.17 14:45:26 | 000,000,000 | ---D | M] -- C:\My eBooks [2012.07.17 16:30:11 | 000,000,000 | ---D | M] -- C:\Neuer Ordner [2012.01.13 10:49:07 | 000,000,000 | ---D | M] -- C:\Nizza [2009.08.10 22:32:29 | 000,000,000 | ---D | M] -- C:\Paris [2008.01.21 03:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs [2009.08.04 20:53:05 | 000,000,000 | ---D | M] -- C:\Privat [2012.12.17 12:33:12 | 000,000,000 | ---D | M] -- C:\Program Files [2012.10.19 18:51:27 | 000,000,000 | ---D | M] -- C:\ProgramData [2009.01.17 15:06:22 | 000,000,000 | -HSD | M] -- C:\Programme [2009.01.19 02:32:21 | 000,000,000 | ---D | M] -- C:\Rugby [2012.01.17 14:09:55 | 000,000,000 | ---D | M] -- C:\Silvester 11 12 [2011.02.18 18:09:50 | 000,000,000 | ---D | M] -- C:\Steuer 2009 [2012.06.28 13:24:39 | 000,000,000 | ---D | M] -- C:\Steuer Rechnungen Jessica [2012.12.17 17:27:06 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2009.01.19 02:33:15 | 000,000,000 | ---D | M] -- C:\TomTom HOME 2 [2010.12.14 14:30:06 | 000,000,000 | ---D | M] -- C:\Tutanchamun Austellung [2012.12.17 12:45:08 | 000,000,000 | R--D | M] -- C:\Users [2012.03.12 16:34:47 | 000,000,000 | ---D | M] -- C:\Venedig [2010.12.14 14:26:12 | 000,000,000 | ---D | M] -- C:\Verabschiedung Volos [2012.12.16 20:46:49 | 000,000,000 | ---D | M] -- C:\Windows [2012.04.03 12:11:08 | 000,000,000 | ---D | M] -- C:\Wohnung Alteburger Str. 32 [2012.11.17 15:42:23 | 000,000,000 | ---D | M] -- C:\WWM [2012.09.10 17:26:54 | 000,000,000 | ---D | M] -- C:\_OTL < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < C:\Windows\system32\*.tsp > [2006.11.02 10:44:49 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp [2006.11.02 10:44:49 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp [2006.11.02 10:44:49 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp [2006.11.02 10:44:49 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp [2009.04.10 23:27:18 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp [2006.11.02 14:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2006.11.02 14:01:49 | 000,032,564 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2009.05.10 08:08:20 | 000,000,278 | -H-- | C] () -- C:\Windows\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job [2009.08.26 18:01:35 | 000,000,556 | -H-- | C] () -- C:\Windows\Tasks\Norton Security Scan for Arne.job [2010.01.31 20:16:14 | 000,001,094 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2010.01.31 20:16:15 | 000,001,098 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [2012.04.10 16:42:22 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job < MD5 for: AGP440.SYS > [2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2009.04.10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009.04.10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys [2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: EXPLORER.EXE > [2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe [2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe [2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe [2009.04.10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe [2009.04.10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe [2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe [2008.01.21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe < MD5 for: IASTOR.SYS > [2008.04.15 16:54:16 | 000,388,120 | ---- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC91CBD97 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys [2008.04.15 16:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys [2008.04.22 01:20:41 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\Drivers\INF\SATA Driver (Intel) (Non-RAID)\IaStor.sys [2008.04.22 01:32:06 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\Drivers\INF\SATA Driver (Intel) (RAID)\IaStor.sys [2008.04.22 01:20:41 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\drivers\iaStor.sys [2008.04.22 01:20:41 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_77c04a30\iaStor.sys [2008.04.22 01:20:41 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_054cd65f\iaStor.sys < MD5 for: IASTORV.SYS > [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2009.04.10 23:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll [2009.04.10 23:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll < MD5 for: NVSTOR.SYS > [2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys < MD5 for: SCECLI.DLL > [2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll [2009.04.10 23:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll [2009.04.10 23:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll < MD5 for: USER32.DLL > [2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll [2008.01.21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll [2009.04.10 23:28:26 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll [2009.04.10 23:28:26 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll < MD5 for: USERINIT.EXE > [2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe < MD5 for: WINLOGON.EXE > [2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2009.04.10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009.04.10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < MD5 for: WS2IFSL.SYS > [2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys [2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2008.07.28 20:25:10 | 013,115,392 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2008.07.28 20:25:04 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2008.07.28 20:25:10 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2008.07.28 20:25:18 | 017,629,184 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2008.07.28 20:25:19 | 006,639,616 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\system32\*.dll /lockedfiles > < %USERPROFILE%\*.* > [2010.07.12 21:16:45 | 000,000,030 | ---- | M] () -- C:\Users\Arne\.launchpad.prefs [2012.12.17 17:49:47 | 008,388,608 | -HS- | M] () -- C:\Users\Arne\ntuser.dat [2012.12.17 17:49:47 | 000,262,144 | -H-- | M] () -- C:\Users\Arne\ntuser.dat.LOG1 [2009.01.17 15:10:04 | 000,000,000 | -H-- | M] () -- C:\Users\Arne\ntuser.dat.LOG2 [2011.06.29 07:45:18 | 000,065,536 | -HS- | M] () -- C:\Users\Arne\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2011.03.19 16:59:10 | 000,524,288 | -HS- | M] () -- C:\Users\Arne\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2011.06.29 07:45:18 | 000,524,288 | -HS- | M] () -- C:\Users\Arne\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms [2012.12.02 13:03:09 | 000,065,536 | -HS- | M] () -- C:\Users\Arne\ntuser.dat{cc2d2924-a319-11e0-bc87-00214fb418ef}.TM.blf [2012.12.02 13:03:09 | 000,524,288 | -HS- | M] () -- C:\Users\Arne\ntuser.dat{cc2d2924-a319-11e0-bc87-00214fb418ef}.TMContainer00000000000000000001.regtrans-ms [2011.06.30 22:13:59 | 000,524,288 | -HS- | M] () -- C:\Users\Arne\ntuser.dat{cc2d2924-a319-11e0-bc87-00214fb418ef}.TMContainer00000000000000000002.regtrans-ms [2008.01.21 02:42:57 | 000,000,020 | -HS- | M] () -- C:\Users\Arne\ntuser.ini < %USERPROFILE%\Local Settings\Temp\*.exe > < %USERPROFILE%\Local Settings\Temp\*.dll > < %USERPROFILE%\Application Data\*.exe > < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 < End of report > Und hier extra.txt OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 16.12.2012 21:34:09 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Arne\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19328)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,97 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 37,60% Memory free
6,13 Gb Paging File | 3,72 Gb Available in Paging File | 60,72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286,84 Gb Total Space | 85,86 Gb Free Space | 29,93% Space Free | Partition Type: NTFS
Computer Name: LAPTOP | User Name: Arne | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-95726161-445926714-3226604679-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1D0E9085-CF1F-4199-B71C-E5588F25D3AE}" = lport=445 | protocol=6 | dir=in | app=system |
"{1D2FC5B8-04A8-4DEC-BBFA-D2BC6027F7BC}" = rport=137 | protocol=17 | dir=out | app=system |
"{24B9FABF-3D13-42FE-8CCE-77D852BEEAC6}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{333A6880-847D-4EF7-950D-5164F185D69E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{33BF311C-5546-4BD4-AB98-0480A914C712}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{54556007-476A-425B-9200-08514432CEF8}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{5D684D10-5D23-445B-B573-0A31BF2E64BF}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{5F455EC9-657F-4DA0-B473-954E53C51236}" = rport=139 | protocol=6 | dir=out | app=system |
"{71784932-9DD8-47EA-AE6D-F2678C3CAC1D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7E26016B-5D59-4093-A21B-012871A9F0C6}" = lport=138 | protocol=17 | dir=in | app=system |
"{7E5EB5C9-3C8A-4F1A-84A5-36FD9844EFEC}" = rport=138 | protocol=17 | dir=out | app=system |
"{99BEADD0-39FB-41DA-8FB5-10CFE125365E}" = lport=137 | protocol=17 | dir=in | app=system |
"{9B6203DD-6BC3-4AE6-AA45-68374C87F2B3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B57110D1-863A-4848-AA25-DC8F4918EF74}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{C1C0F9AC-B9A2-4906-B57E-EB13B22616B8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{CA53F5F6-7B40-477A-9393-A334BDA8E809}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D054E638-5D75-4BDA-BFEB-4537B8BEA96D}" = rport=445 | protocol=6 | dir=out | app=system |
"{E81BC4D6-AABC-4043-B102-2DD7E9F64AE9}" = lport=139 | protocol=6 | dir=in | app=system |
"{F1A3F94D-0893-43A4-99A8-A898E38B33AA}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01EE7BEF-2111-4753-81EB-54F45DD8ED8E}" = protocol=6 | dir=in | app=c:\program files\tobit radio.fx\client\rfx-client.exe |
"{05914AF2-5A09-4E7C-91E6-0939D0DFDAF0}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{0B148779-9BFD-4D08-9367-DB6267ED1DA6}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{0D434818-FAC0-4228-A1CF-CE0D617BBF0A}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{16C8F0B2-45C6-458B-89F1-E11F260BE55E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2430CAAA-50A3-4A1D-AF10-B01FAA71D1FC}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{294894A5-C031-4E03-94AE-00EDD906BEE1}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{42A4DBE8-B0AE-4462-AD8E-D4A6E1A9220F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4A8C7876-57E7-4A66-BFE3-528C38D23588}" = protocol=6 | dir=in | app=c:\program files\tobit radio.fx\server\rfx-server.exe |
"{5A931CE3-E7B9-4485-B5E7-9FC7DE6229EF}" = protocol=6 | dir=in | app=c:\program files\veetle\player\veetlenet.exe |
"{5BCE0799-042C-4E49-96A7-3A8F7989D4BB}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7C94C7AD-E6E1-416C-B7FF-6F3214A3B323}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7CDC1172-8409-4DE7-AF42-0724420990EC}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A4042669-441C-4293-AA39-23D2FFFE2A33}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AE60A200-9692-4125-9125-141E74D6B4BE}" = protocol=17 | dir=in | app=c:\program files\tobit radio.fx\client\rfx-client.exe |
"{BD1EDD3A-160B-4D63-A02A-C968EE391F53}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CBE438A0-CFDD-4E86-9FBC-C34870014F65}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{D30296B9-23D2-49AE-ADF9-5F4D091F1E17}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{DD84C255-2A9D-4536-80E6-0ACF226FA501}" = protocol=17 | dir=in | app=c:\program files\tobit radio.fx\server\rfx-server.exe |
"{EF0C7A54-FA08-4E48-AF6C-A589F6314B02}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{FD8BC257-B839-4503-9449-C19D2D5227EF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"TCP Query User{1A70DD05-D472-4986-91E1-4DBBB2E05EDE}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"TCP Query User{1C2C08A3-4223-4C68-8F79-7BBDE627434E}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{28FA421B-2A84-4061-8D82-C089D3216853}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{3464F81C-ACC8-4155-917C-B3FC4AADE2D7}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{3489197D-0603-4816-853B-31D19B4F7BA9}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{3AC02085-69A5-4ED8-B549-745D4C4C87DB}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{601BC725-422D-4680-8251-EFBBC9066062}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{703A1F40-679E-4DDC-AA14-65664B9EBD3C}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{7B9EC494-E6C9-4AD5-95A7-E6F675A59F8D}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{A1AFE73C-1B04-43D3-AB98-26B5C6B4AF3A}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{B0CEB90A-4249-4FEE-9686-6F1D034437B7}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{BA7561CC-EEC4-45B4-8816-FD3393931882}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{DB142C41-461B-45B1-B3DF-6F4FA7D298EA}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{E3CBFF86-131E-471B-A5A2-FB9494B4C74E}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{E6619ED4-A72B-418A-86E6-D4412E8BC192}C:\program files\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattood.exe |
"UDP Query User{280E833E-6ABE-4480-A6DD-ADD470F649B7}C:\program files\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattood.exe |
"UDP Query User{30EE5F3C-0CB2-4E63-AA1B-BAE046E72563}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{34F7C52C-EF74-4D6A-A400-B693ECD66830}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{4777E426-0C53-4920-989E-A32EB88140A2}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{61153312-3CC3-48E9-9F2B-D94A46208431}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{6899E706-330C-41CB-A372-B5AD872FB773}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{7B966FF8-DC4F-49A1-86CE-510E9944C47F}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{80EB2C6F-34BC-4FCB-8525-827B6F430B7A}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{91393EC1-4BA7-4735-A580-5D79E109C5A9}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{9C08506D-3D79-4799-AFE9-92F5C3A6BBF0}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"UDP Query User{9C1284C6-858E-42FD-92B1-D9998CF3CF7B}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{D0E7D2F5-65B6-41CA-9A42-523E4AC5631D}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{EFCFE999-7DD2-4F50-961C-15D4BEDE1FE7}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{F824DD0D-495D-4DD9-B344-21A54FF50B8D}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{FBA2D914-D02E-4062-82C2-0D8B9DFF97B4}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{009E7FB7-1775-4D89-8956-F5C9A1C019FC}" = DSD Playback Plug-in
"{0138F525-6C8A-333F-A105-14AE030B9A54}" = Visual C++ 9.0 CRT (x86) WinSXS MSM
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}" = VAIO Media plus
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{2018C019-30D9-4240-8C01-0865C10DCF5A}" = Unterstützung für VAIO-Präsentation
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"{20B1B020-DEAE-48D1-9960-D4C3185D758B}" = Phase 5 HTML-Editor
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{26921B2E-3E62-47F9-A514-1FC4A83BD738}" = Intel(R) PROSet/Wireless WiFi-Software
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 20
"{26A24AE4-039D-4CA4-87B4-2F83217006FF}" = Java 7 Update 6
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{326DC400-1FC4-4D7D-946D-06D1EAB93200}" = VAIO Guide
"{363611D9-1106-41F2-B74E-BD8481C41219}" = Click to Disc
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B659FAD-E772-44A3-B7E7-560FF084669F}" = VAIO Smart Network
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}" = Adobe Premiere Elements 4.0
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{533D0A8A-D7E7-4F15-BC9E-FF2916A6BAA7}" = DSD Direct Player
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5928359F-BF46-4646-BF19-B64E55171EB5}" = FILSHtray
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" =
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{5CA72DC6-1043-4BDA-A128-C18200FF7ABA}" = Hama WLAN USB Stick
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Energie Verwaltung
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6C50525A-2D77-4C22-B058-9AA2F27ACFF2}" = VAIO Content Metadata Intelligent Analyzing Manager
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7E823DA5-43A2-46E8-A75E-5A2A0FDE81A1}" = VAIO Content Metadata Manager Setting
"{82D5BACA-3619-4D34-99DB-3A65CFB4DA33}" = DSD Direct
"{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}" = VAIO Update 4
"{8BD60AEF-3F9D-47AE-B80A-FB7FFCE335A0}" = VAIO Movie Story
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CEA4C7D0-ABBE-4074-A488-173BB382CDFF}" =
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002E-0000-0000-0000000FF1CE}" = Microsoft Office Ultimate 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2
"{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plugins
"{A212E6C2-20F7-4A8E-BD8E-DC3EE7483FA2}" = PRS-500 USB driver
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A552C4EA-D41E-4C61-A0FB-C0E05440F7D7}" = VAIO Entertainment Platform
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1033-F400-BA7E-000000000003}" = Adobe Acrobat 8 Standard - English, Français, Deutsch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B513C7B0-024A-498F-B0F5-00C67E2440A9}" = VAIO Content Metadata Intelligent Analyzing Manager
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B70E5793-F912-4C62-AFE2-C4F0B078FD31}" = Reader Library by Sony
"{B7C03E84-AF46-42F4-809D-D4127D9086D0}" = VAIO Edit Components 6.4
"{BACD22AE-5B6B-4F23-B506-3FCFF13AC137}" = VAIO Media plus
"{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}" = OpenMG Secure Module 5.1.00
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CB8A8696-93EC-414E-A752-850AB133F68A}" = VAIO Content Metadata XML Interface Library
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D035FBF6-FDEF-487D-89CA-6F9DD07B783F}" = Dolby Control Center
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D90AFDE3-3E67-407A-ACA8-F0BAAD012F08}" = Safari
"{DF0415CC-0563-407F-B560-9B7F277122C5}" = VAIO BD Menu Data
"{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter
"{E464702F-5433-46EC-8F65-159276C0A54F}" = WIDCOMM Bluetooth Software 6.2.0.4100
"{E6A3770D-C87A-4505-B8C6-A4CF96AC395C}" = SonicStage Mastering Studio
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EE59BBF9-415C-45DB-8C4B-EE43CF635FEA}" = VAIO Content Metadata XML Interface Library
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}" = Adobe Premiere Elements 4.0 Templates
"{FB91E774-867B-4567-ACE7-8144EF036068}" = Olympus Digital Wave Player
"{FD72E69E-CF34-4071-BFD6-FD081A365E2C}" = VAIO Content Metadata Intelligent Analyzing Manager
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"{FE697886-F392-4E0D-A0C0-47587BF60992}" = VAIO Content Metadata Manager Setting
"75070B1806113224B16C70296B90DD1AD8A53479" = Windows Driver Package - Sony Corporation (PRSUSB) USB (08/08/2006 1.0.03.08080)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Acrobat 8 Standard - English, Français, Deutsch" = Adobe Acrobat 8.1.3 Standard
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"dradio-Recorder_is1" = dradio-Recorder Version 3.02.5
"dt icon module" =
"EADM" = EA Download Manager
"ElsterFormular 11.4.1.4323" = ElsterFormular
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 7.1
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"Freemake Video Converter_is1" = Freemake Video Converter Version 3.1.2
"FUSSBALL MANAGER 10" = FUSSBALL MANAGER 10
"Google Desktop" = Google Desktop
"gtfirstboot Setting Request" =
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}" = OpenMG Secure Module 5.1.00
"IsoBuster_is1" = IsoBuster 2.8.5
"JDownloader" = JDownloader
"Juniper Network Connect 6.5.0" = Juniper Networks Network Connect 6.5.0
"Juniper Network Connect 7.0.0" = Juniper Networks Network Connect 7.0.0
"Juniper Network Connect 7.2.0" = Juniper Networks Network Connect 7.2.0
"Juniper_Setup_Client Activex Control" = Juniper Networks Setup Client Activex Control
"kikin Plugin (JDownloader Edition)" = kikin Plugin (JDownloader Edition) 1.11
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.4.0
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"MarketingTools" = VAIO Marketing Tools
"MFU Module" =
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nero 9 Lite_is1" = Nero 9.0.9.4 Lite
"NSS" = Norton Security Scan
"NVIDIA Drivers" = NVIDIA Drivers
"phonostar3RadioPlayer_is1" = phonostar-Player Version 3.01.2
"Picasa2" = Picasa 2
"PremElem40" = Adobe Premiere Elements 4.0
"PremElem40Templates" = Adobe Premiere Elements 4.0 Templates
"ProInst" = Intel PROSet Wireless
"RealPlayer 15.0" = RealPlayer
"SopCast" = SopCast 3.2.8
"Streamripper" = Streamripper (Remove only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Tobit Radio.fx Server 1" = WDR RadioRecorder
"ULTIMATER" = Microsoft Office Ultimate 2007
"Uninstall_is1" = Uninstall 1.0.0.1
"VAIO Help and Support" =
"Veetle TV" = Veetle TV
"VLC media player" = VLC media player 1.0.5
"WDRCutter" = WDRCutter
"Winamp" = Winamp
"WinRAR archiver" = WinRAR
"Zattoo4" = Zattoo4 4.0.5
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-95726161-445926714-3226604679-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CopyTrans Suite" = Nur Entfernen der CopyTrans Suite möglich
"Juniper_Setup_Client" = Juniper Networks, Inc. Setup Client
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 16.12.2012 14:01:19 | Computer Name = Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 104531512
Error - 16.12.2012 14:01:19 | Computer Name = Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 104531512
Error - 16.12.2012 14:01:21 | Computer Name = Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 16.12.2012 14:01:21 | Computer Name = Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 104532854
Error - 16.12.2012 14:01:21 | Computer Name = Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 104532854
Error - 16.12.2012 14:01:22 | Computer Name = Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 16.12.2012 14:01:22 | Computer Name = Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 104533883
Error - 16.12.2012 14:01:22 | Computer Name = Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 104533883
Error - 16.12.2012 15:16:54 | Computer Name = Laptop | Source = VSS | ID = 12289
Description =
Error - 16.12.2012 15:26:18 | Computer Name = Laptop | Source = VSS | ID = 12289
Description =
Error - 16.12.2012 16:40:46 | Computer Name = Laptop | Source = VSS | ID = 12289
Description =
[ OSession Events ]
Error - 18.05.2010 04:20:00 | Computer Name = Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 143
seconds with 0 seconds of active time. This session ended with a crash.
Error - 21.06.2010 15:32:22 | Computer Name = Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2158
seconds with 120 seconds of active time. This session ended with a crash.
Error - 30.07.2010 13:59:41 | Computer Name = Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 21985
seconds with 2040 seconds of active time. This session ended with a crash.
Error - 04.12.2010 09:26:24 | Computer Name = Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 560
seconds with 180 seconds of active time. This session ended with a crash.
Error - 23.02.2011 13:28:19 | Computer Name = Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 11942
seconds with 4860 seconds of active time. This session ended with a crash.
Error - 19.04.2011 14:47:58 | Computer Name = Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 27221
seconds with 1740 seconds of active time. This session ended with a crash.
Error - 25.05.2011 14:38:04 | Computer Name = Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 892
seconds with 420 seconds of active time. This session ended with a crash.
Error - 08.07.2011 06:24:30 | Computer Name = Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8898
seconds with 360 seconds of active time. This session ended with a crash.
Error - 21.12.2011 03:29:18 | Computer Name = Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 389
seconds with 120 seconds of active time. This session ended with a crash.
Error - 22.07.2012 13:27:55 | Computer Name = Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 765
seconds with 300 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 16.12.2012 14:01:49 | Computer Name = Laptop | Source = DCOM | ID = 10005
Description =
Error - 16.12.2012 14:01:49 | Computer Name = Laptop | Source = Service Control Manager | ID = 7009
Description =
Error - 16.12.2012 14:05:11 | Computer Name = Laptop | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 16.12.2012 14:05:11 | Computer Name = Laptop | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 16.12.2012 14:05:11 | Computer Name = Laptop | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 16.12.2012 14:05:11 | Computer Name = Laptop | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 16.12.2012 14:05:11 | Computer Name = Laptop | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 16.12.2012 14:05:11 | Computer Name = Laptop | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 16.12.2012 14:05:11 | Computer Name = Laptop | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 16.12.2012 14:05:13 | Computer Name = Laptop | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
< End of report >
|
|
17.12.2012, 18:39
| #4 |
| /// Malware-holic | Google Suchergebnisse springen nach einer Sekunde um Hi, download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
18.12.2012, 10:22
| #5 |
| | Google Suchergebnisse springen nach einer Sekunde um Anbei der Report nach dem ich TDSSKiller habe durchlaufen lassen: 10:15:53.0635 9872 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 10:15:53.0808 9872 ============================================================ 10:15:53.0808 9872 Current date / time: 2012/12/18 10:15:53.0808 10:15:53.0808 9872 SystemInfo: 10:15:53.0808 9872 10:15:53.0808 9872 OS Version: 6.0.6002 ServicePack: 2.0 10:15:53.0808 9872 Product type: Workstation 10:15:53.0808 9872 ComputerName: LAPTOP 10:15:53.0809 9872 UserName: Arne 10:15:53.0809 9872 Windows directory: C:\Windows 10:15:53.0809 9872 System windows directory: C:\Windows 10:15:53.0809 9872 Processor architecture: Intel x86 10:15:53.0809 9872 Number of processors: 2 10:15:53.0809 9872 Page size: 0x1000 10:15:53.0809 9872 Boot type: Normal boot 10:15:53.0809 9872 ============================================================ 10:15:55.0376 9872 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 10:15:55.0380 9872 ============================================================ 10:15:55.0380 9872 \Device\Harddisk0\DR0: 10:15:55.0381 9872 MBR partitions: 10:15:55.0381 9872 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x167F800, BlocksNum 0x23DAEAB0 10:15:55.0381 9872 ============================================================ 10:15:55.0576 9872 C: <-> \Device\Harddisk0\DR0\Partition1 10:15:55.0576 9872 ============================================================ 10:15:55.0576 9872 Initialize success 10:15:55.0576 9872 ============================================================ 10:17:05.0523 11932 ============================================================ 10:17:05.0523 11932 Scan started 10:17:05.0523 11932 Mode: Manual; SigCheck; TDLFS; 10:17:05.0523 11932 ============================================================ 10:17:06.0751 11932 ================ Scan system memory ======================== 10:17:06.0751 11932 System memory - ok 10:17:06.0751 11932 ================ Scan services ============================= 10:17:07.0066 11932 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys 10:17:07.0274 11932 ACPI - ok 10:17:07.0374 11932 [ E8FE4FCE23D2809BD88BCC1D0F8408CE ] AdobeActiveFileMonitor6.0 C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe 10:17:07.0423 11932 AdobeActiveFileMonitor6.0 - ok 10:17:07.0529 11932 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 10:17:07.0548 11932 AdobeFlashPlayerUpdateSvc - ok 10:17:07.0646 11932 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 10:17:07.0849 11932 adp94xx - ok 10:17:07.0884 11932 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys 10:17:07.0941 11932 adpahci - ok 10:17:07.0967 11932 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys 10:17:08.0012 11932 adpu160m - ok 10:17:08.0101 11932 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 10:17:08.0169 11932 adpu320 - ok 10:17:08.0220 11932 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 10:17:08.0390 11932 AeLookupSvc - ok 10:17:08.0495 11932 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys 10:17:08.0617 11932 AFD - ok 10:17:08.0670 11932 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys 10:17:08.0741 11932 agp440 - ok 10:17:08.0776 11932 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys 10:17:08.0813 11932 aic78xx - ok 10:17:08.0837 11932 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe 10:17:09.0098 11932 ALG - ok 10:17:09.0140 11932 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys 10:17:09.0196 11932 aliide - ok 10:17:09.0232 11932 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys 10:17:09.0256 11932 amdagp - ok 10:17:09.0277 11932 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys 10:17:09.0299 11932 amdide - ok 10:17:09.0338 11932 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys 10:17:09.0437 11932 AmdK7 - ok 10:17:09.0479 11932 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 10:17:09.0536 11932 AmdK8 - ok 10:17:09.0625 11932 [ C27D46B06D340293670450FCE9DFB166 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe 10:17:09.0675 11932 AntiVirSchedulerService - ok 10:17:09.0706 11932 [ 72D90E56563165984224493069C69ED4 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe 10:17:09.0725 11932 AntiVirService - ok 10:17:09.0760 11932 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll 10:17:09.0831 11932 Appinfo - ok 10:17:09.0962 11932 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 10:17:09.0986 11932 Apple Mobile Device - ok 10:17:10.0021 11932 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys 10:17:10.0047 11932 arc - ok 10:17:10.0093 11932 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys 10:17:10.0139 11932 arcsas - ok 10:17:10.0393 11932 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 10:17:10.0452 11932 aspnet_state - ok 10:17:10.0486 11932 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 10:17:10.0574 11932 AsyncMac - ok 10:17:10.0634 11932 [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi C:\Windows\system32\drivers\atapi.sys 10:17:10.0650 11932 atapi - ok 10:17:10.0719 11932 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 10:17:10.0799 11932 AudioEndpointBuilder - ok 10:17:10.0807 11932 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll 10:17:10.0836 11932 Audiosrv - ok 10:17:10.0883 11932 [ 1E4114685DE1FFA9675E09C6A1FB3F4B ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 10:17:10.0910 11932 avgntflt - ok 10:17:10.0948 11932 [ 0F78D3DAE6DEDD99AE54C9491C62ADF2 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 10:17:10.0972 11932 avipbb - ok 10:17:11.0017 11932 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys 10:17:11.0074 11932 Beep - ok 10:17:11.0136 11932 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll 10:17:11.0243 11932 BFE - ok 10:17:11.0311 11932 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll 10:17:11.0374 11932 BITS - ok 10:17:11.0436 11932 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 10:17:11.0491 11932 blbdrive - ok 10:17:11.0629 11932 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 10:17:11.0711 11932 Bonjour Service - ok 10:17:11.0774 11932 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys 10:17:11.0850 11932 bowser - ok 10:17:11.0899 11932 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys 10:17:11.0957 11932 BrFiltLo - ok 10:17:11.0985 11932 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys 10:17:12.0066 11932 BrFiltUp - ok 10:17:12.0114 11932 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll 10:17:12.0215 11932 Browser - ok 10:17:12.0277 11932 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys 10:17:12.0475 11932 Brserid - ok 10:17:12.0521 11932 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys 10:17:12.0621 11932 BrSerWdm - ok 10:17:12.0661 11932 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys 10:17:12.0777 11932 BrUsbMdm - ok 10:17:12.0803 11932 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys 10:17:12.0875 11932 BrUsbSer - ok 10:17:12.0926 11932 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys 10:17:12.0983 11932 BthEnum - ok 10:17:13.0067 11932 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 10:17:13.0215 11932 BTHMODEM - ok 10:17:13.0240 11932 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 10:17:13.0315 11932 BthPan - ok 10:17:13.0415 11932 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys 10:17:13.0552 11932 BTHPORT - ok 10:17:13.0647 11932 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll 10:17:13.0705 11932 BthServ - ok 10:17:13.0748 11932 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys 10:17:13.0830 11932 BTHUSB - ok 10:17:13.0881 11932 [ ED97CD06EF748004B8AAC56C2D0AA5DB ] btwaudio C:\Windows\system32\drivers\btwaudio.sys 10:17:13.0918 11932 btwaudio - ok 10:17:13.0943 11932 [ 4871B5ED4757197135FF65BE61DA44B3 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys 10:17:13.0987 11932 btwavdt - ok 10:17:14.0099 11932 [ 346B62198C40D6CF12A3FA8804247ADF ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe 10:17:14.0162 11932 btwdins - ok 10:17:14.0219 11932 [ 6AF9FD2AEEBDC16A98D3E30E68440C5C ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys 10:17:14.0236 11932 btwl2cap - ok 10:17:14.0259 11932 [ F5DA7DF99CF11FCB68E2BEA12002F63A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys 10:17:14.0291 11932 btwrchid - ok 10:17:14.0336 11932 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 10:17:14.0404 11932 cdfs - ok 10:17:14.0461 11932 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 10:17:14.0524 11932 cdrom - ok 10:17:14.0613 11932 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll 10:17:14.0677 11932 CertPropSvc - ok 10:17:14.0696 11932 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\DRIVERS\circlass.sys 10:17:14.0810 11932 circlass - ok 10:17:14.0864 11932 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys 10:17:14.0947 11932 CLFS - ok 10:17:15.0020 11932 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 10:17:15.0063 11932 clr_optimization_v2.0.50727_32 - ok 10:17:15.0138 11932 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 10:17:15.0194 11932 clr_optimization_v4.0.30319_32 - ok 10:17:15.0273 11932 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 10:17:15.0342 11932 CmBatt - ok 10:17:15.0353 11932 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys 10:17:15.0388 11932 cmdide - ok 10:17:15.0414 11932 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 10:17:15.0459 11932 Compbatt - ok 10:17:15.0464 11932 COMSysApp - ok 10:17:15.0511 11932 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 10:17:15.0537 11932 crcdisk - ok 10:17:15.0579 11932 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys 10:17:15.0638 11932 Crusoe - ok 10:17:15.0698 11932 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll 10:17:15.0749 11932 CryptSvc - ok 10:17:15.0901 11932 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll 10:17:15.0973 11932 DcomLaunch - ok 10:17:16.0019 11932 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys 10:17:16.0088 11932 DfsC - ok 10:17:16.0257 11932 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe 10:17:16.0527 11932 DFSR - ok 10:17:16.0611 11932 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll 10:17:16.0685 11932 Dhcp - ok 10:17:16.0714 11932 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys 10:17:16.0791 11932 disk - ok 10:17:16.0835 11932 [ F206E28ED74C491FD5D7C0A1119CE37F ] DMICall C:\Windows\system32\DRIVERS\DMICall.sys 10:17:16.0866 11932 DMICall - ok 10:17:16.0904 11932 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll 10:17:16.0955 11932 Dnscache - ok 10:17:17.0024 11932 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll 10:17:17.0086 11932 dot3svc - ok 10:17:17.0137 11932 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll 10:17:17.0171 11932 DPS - ok 10:17:17.0233 11932 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 10:17:17.0298 11932 drmkaud - ok 10:17:17.0345 11932 [ E6B6DD5A355C432045219FAD8512FB70 ] dsNcAdpt C:\Windows\system32\DRIVERS\dsNcAdpt.sys 10:17:17.0409 11932 dsNcAdpt - ok 10:17:17.0532 11932 [ F55D3B2287767772FC4F683CF18ADBF5 ] dsNcService C:\Program Files\Juniper Networks\Common Files\dsNcService.exe 10:17:17.0630 11932 dsNcService - ok 10:17:17.0711 11932 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 10:17:17.0782 11932 DXGKrnl - ok 10:17:17.0823 11932 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys 10:17:17.0922 11932 E1G60 - ok 10:17:17.0976 11932 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll 10:17:18.0033 11932 EapHost - ok 10:17:18.0121 11932 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys 10:17:18.0164 11932 Ecache - ok 10:17:18.0227 11932 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 10:17:18.0337 11932 ehRecvr - ok 10:17:18.0391 11932 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe 10:17:18.0490 11932 ehSched - ok 10:17:18.0499 11932 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll 10:17:18.0524 11932 ehstart - ok 10:17:18.0575 11932 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys 10:17:18.0626 11932 elxstor - ok 10:17:18.0691 11932 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll 10:17:18.0797 11932 EMDMgmt - ok 10:17:18.0854 11932 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys 10:17:18.0919 11932 ErrDev - ok 10:17:18.0967 11932 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll 10:17:19.0008 11932 EventSystem - ok 10:17:19.0112 11932 [ 306AC856622864C761CBDB5E816BB9D8 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 10:17:19.0252 11932 EvtEng ( UnsignedFile.Multi.Generic ) - warning 10:17:19.0252 11932 EvtEng - detected UnsignedFile.Multi.Generic (1) 10:17:19.0301 11932 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys 10:17:19.0407 11932 exfat - ok 10:17:19.0464 11932 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys 10:17:19.0513 11932 fastfat - ok 10:17:19.0616 11932 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys 10:17:19.0685 11932 fdc - ok 10:17:19.0722 11932 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll 10:17:19.0760 11932 fdPHost - ok 10:17:19.0767 11932 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll 10:17:19.0856 11932 FDResPub - ok 10:17:19.0899 11932 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 10:17:19.0925 11932 FileInfo - ok 10:17:19.0957 11932 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys 10:17:20.0060 11932 Filetrace - ok 10:17:20.0216 11932 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 10:17:20.0269 11932 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning 10:17:20.0269 11932 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1) 10:17:20.0301 11932 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 10:17:20.0377 11932 flpydisk - ok 10:17:20.0446 11932 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 10:17:20.0496 11932 FltMgr - ok 10:17:20.0608 11932 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll 10:17:20.0745 11932 FontCache - ok 10:17:20.0852 11932 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 10:17:20.0896 11932 FontCache3.0.0.0 - ok 10:17:20.0947 11932 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 10:17:21.0037 11932 Fs_Rec - ok 10:17:21.0091 11932 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 10:17:21.0147 11932 gagp30kx - ok 10:17:21.0197 11932 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 10:17:21.0239 11932 GEARAspiWDM - ok 10:17:21.0322 11932 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe 10:17:21.0354 11932 GoogleDesktopManager-051210-111108 - ok 10:17:21.0451 11932 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll 10:17:21.0621 11932 gpsvc - ok 10:17:21.0746 11932 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 10:17:21.0788 11932 gupdate - ok 10:17:21.0793 11932 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 10:17:21.0808 11932 gupdatem - ok 10:17:21.0862 11932 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 10:17:21.0878 11932 gusvc - ok 10:17:21.0948 11932 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 10:17:22.0064 11932 HdAudAddService - ok 10:17:22.0118 11932 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 10:17:22.0216 11932 HDAudBus - ok 10:17:22.0244 11932 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys 10:17:22.0334 11932 HidBth - ok 10:17:22.0381 11932 [ 5A87127718873BD7F3BD7AC42B951D8E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 10:17:22.0444 11932 HidIr - ok 10:17:22.0497 11932 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll 10:17:22.0529 11932 hidserv - ok 10:17:22.0576 11932 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 10:17:22.0644 11932 HidUsb - ok 10:17:22.0681 11932 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll 10:17:22.0735 11932 hkmsvc - ok 10:17:22.0760 11932 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys 10:17:22.0817 11932 HpCISSs - ok 10:17:22.0882 11932 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS 10:17:22.0977 11932 HSFHWAZL - ok 10:17:23.0042 11932 [ 7BC42C65B5C6281777C1A7605B253BA8 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys 10:17:23.0188 11932 HSF_DPV - ok 10:17:23.0212 11932 [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys 10:17:23.0308 11932 HSXHWAZL - ok 10:17:23.0425 11932 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys 10:17:23.0522 11932 HTTP - ok 10:17:23.0570 11932 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys 10:17:23.0592 11932 i2omp - ok 10:17:23.0638 11932 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 10:17:23.0710 11932 i8042prt - ok 10:17:23.0775 11932 [ CB686F44BF955EA02520710A56874FA4 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe 10:17:23.0891 11932 IAANTMON - ok 10:17:23.0940 11932 [ DB0CC620B27A928D968C1A1E9CD9CB87 ] iaStor C:\Windows\system32\drivers\iastor.sys 10:17:23.0958 11932 iaStor - ok 10:17:24.0053 11932 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys 10:17:24.0100 11932 iaStorV - ok 10:17:24.0195 11932 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 10:17:24.0351 11932 idsvc - ok 10:17:24.0386 11932 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys 10:17:24.0448 11932 iirsp - ok 10:17:24.0528 11932 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll 10:17:24.0616 11932 IKEEXT - ok 10:17:24.0708 11932 [ CF2219A2FED4F8F2E0817A2BF1658799 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys 10:17:25.0018 11932 IntcAzAudAddService - ok 10:17:25.0066 11932 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys 10:17:25.0105 11932 intelide - ok 10:17:25.0142 11932 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 10:17:25.0196 11932 intelppm - ok 10:17:25.0228 11932 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 10:17:25.0283 11932 IPBusEnum - ok 10:17:25.0310 11932 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 10:17:25.0368 11932 IpFilterDriver - ok 10:17:25.0427 11932 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 10:17:25.0498 11932 iphlpsvc - ok 10:17:25.0513 11932 IpInIp - ok 10:17:25.0581 11932 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys 10:17:25.0640 11932 IPMIDRV - ok 10:17:25.0658 11932 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys 10:17:25.0732 11932 IPNAT - ok 10:17:25.0808 11932 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 10:17:25.0869 11932 iPod Service - ok 10:17:25.0908 11932 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 10:17:25.0961 11932 IRENUM - ok 10:17:26.0000 11932 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys 10:17:26.0047 11932 isapnp - ok 10:17:26.0120 11932 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 10:17:26.0153 11932 iScsiPrt - ok 10:17:26.0187 11932 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys 10:17:26.0240 11932 iteatapi - ok 10:17:26.0267 11932 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys 10:17:26.0310 11932 iteraid - ok 10:17:26.0343 11932 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe 10:17:26.0382 11932 IviRegMgr - ok 10:17:26.0406 11932 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 10:17:26.0449 11932 kbdclass - ok 10:17:26.0494 11932 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 10:17:26.0567 11932 kbdhid - ok 10:17:26.0628 11932 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe 10:17:26.0671 11932 KeyIso - ok 10:17:26.0725 11932 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 10:17:26.0798 11932 KSecDD - ok 10:17:26.0845 11932 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll 10:17:26.0888 11932 KtmRm - ok 10:17:26.0946 11932 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll 10:17:27.0030 11932 LanmanServer - ok 10:17:27.0091 11932 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 10:17:27.0172 11932 LanmanWorkstation - ok 10:17:27.0227 11932 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 10:17:27.0280 11932 lltdio - ok 10:17:27.0340 11932 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll 10:17:27.0432 11932 lltdsvc - ok 10:17:27.0460 11932 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll 10:17:27.0518 11932 lmhosts - ok 10:17:27.0536 11932 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 10:17:27.0599 11932 LSI_FC - ok 10:17:27.0638 11932 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 10:17:27.0685 11932 LSI_SAS - ok 10:17:27.0729 11932 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 10:17:27.0787 11932 LSI_SCSI - ok 10:17:27.0819 11932 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys 10:17:27.0890 11932 luafv - ok 10:17:27.0957 11932 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 10:17:28.0035 11932 Mcx2Svc - ok 10:17:28.0090 11932 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys 10:17:28.0120 11932 mdmxsdk - ok 10:17:28.0163 11932 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys 10:17:28.0206 11932 megasas - ok 10:17:28.0322 11932 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys 10:17:28.0406 11932 MegaSR - ok 10:17:28.0516 11932 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe 10:17:28.0551 11932 Microsoft Office Groove Audit Service - ok 10:17:28.0578 11932 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll 10:17:28.0619 11932 MMCSS - ok 10:17:28.0625 11932 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys 10:17:28.0690 11932 Modem - ok 10:17:28.0727 11932 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 10:17:28.0794 11932 monitor - ok 10:17:28.0846 11932 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 10:17:28.0871 11932 mouclass - ok 10:17:28.0910 11932 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 10:17:28.0974 11932 mouhid - ok 10:17:28.0999 11932 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys 10:17:29.0023 11932 MountMgr - ok 10:17:29.0085 11932 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 10:17:29.0102 11932 MozillaMaintenance - ok 10:17:29.0146 11932 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys 10:17:29.0174 11932 mpio - ok 10:17:29.0224 11932 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 10:17:29.0306 11932 mpsdrv - ok 10:17:29.0363 11932 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll 10:17:29.0437 11932 MpsSvc - ok 10:17:29.0478 11932 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys 10:17:29.0523 11932 Mraid35x - ok 10:17:29.0564 11932 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 10:17:29.0619 11932 MRxDAV - ok 10:17:29.0655 11932 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 10:17:29.0730 11932 mrxsmb - ok 10:17:29.0807 11932 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 10:17:29.0857 11932 mrxsmb10 - ok 10:17:29.0864 11932 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 10:17:29.0921 11932 mrxsmb20 - ok 10:17:29.0959 11932 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys 10:17:30.0001 11932 msahci - ok 10:17:30.0081 11932 [ A99D2C7E30AD63EF920A894131CAF5F7 ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe 10:17:30.0095 11932 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - warning 10:17:30.0095 11932 MSCSPTISRV - detected UnsignedFile.Multi.Generic (1) 10:17:30.0142 11932 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys 10:17:30.0186 11932 msdsm - ok 10:17:30.0204 11932 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe 10:17:30.0290 11932 MSDTC - ok 10:17:30.0322 11932 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys 10:17:30.0388 11932 Msfs - ok 10:17:30.0418 11932 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 10:17:30.0440 11932 msisadrv - ok 10:17:30.0504 11932 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 10:17:30.0575 11932 MSiSCSI - ok 10:17:30.0584 11932 msiserver - ok 10:17:30.0648 11932 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 10:17:30.0700 11932 MSKSSRV - ok 10:17:30.0743 11932 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 10:17:30.0789 11932 MSPCLOCK - ok 10:17:30.0830 11932 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 10:17:30.0908 11932 MSPQM - ok 10:17:30.0987 11932 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 10:17:31.0054 11932 MsRPC - ok 10:17:31.0121 11932 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 10:17:31.0158 11932 mssmbios - ok 10:17:31.0195 11932 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 10:17:31.0230 11932 MSTEE - ok 10:17:31.0262 11932 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys 10:17:31.0307 11932 Mup - ok 10:17:31.0356 11932 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll 10:17:31.0433 11932 napagent - ok 10:17:31.0460 11932 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 10:17:31.0528 11932 NativeWifiP - ok 10:17:31.0578 11932 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys 10:17:31.0677 11932 NDIS - ok 10:17:31.0759 11932 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 10:17:31.0822 11932 NdisTapi - ok 10:17:31.0847 11932 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 10:17:31.0884 11932 Ndisuio - ok 10:17:31.0939 11932 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 10:17:31.0987 11932 NdisWan - ok 10:17:32.0021 11932 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 10:17:32.0074 11932 NDProxy - ok 10:17:32.0105 11932 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 10:17:32.0168 11932 NetBIOS - ok 10:17:32.0224 11932 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys 10:17:32.0312 11932 netbt - ok 10:17:32.0350 11932 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe 10:17:32.0368 11932 Netlogon - ok 10:17:32.0412 11932 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll 10:17:32.0490 11932 Netman - ok 10:17:32.0537 11932 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 10:17:32.0577 11932 NetMsmqActivator - ok 10:17:32.0583 11932 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 10:17:32.0598 11932 NetPipeActivator - ok 10:17:32.0650 11932 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll 10:17:32.0695 11932 netprofm - ok 10:17:32.0758 11932 [ 2DD6BB85C8BDAE6116565AB5BECA4F7C ] netr73 C:\Windows\system32\DRIVERS\netr73.sys 10:17:32.0846 11932 netr73 - ok 10:17:32.0852 11932 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 10:17:32.0867 11932 NetTcpActivator - ok 10:17:32.0874 11932 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 10:17:32.0889 11932 NetTcpPortSharing - ok 10:17:33.0032 11932 [ E559EA9138C77B5D1FDA8C558764A25F ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys 10:17:33.0411 11932 NETw5v32 - ok 10:17:33.0475 11932 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 10:17:33.0514 11932 nfrd960 - ok 10:17:33.0570 11932 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll 10:17:33.0642 11932 NlaSvc - ok 10:17:33.0697 11932 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys 10:17:33.0737 11932 Npfs - ok 10:17:33.0774 11932 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll 10:17:33.0836 11932 nsi - ok 10:17:33.0864 11932 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 10:17:33.0933 11932 nsiproxy - ok 10:17:34.0008 11932 [ FD141D19F1392920A6A517316910D770 ] NSUService C:\Program Files\Sony\Network Utility\NSUService.exe 10:17:34.0050 11932 NSUService ( UnsignedFile.Multi.Generic ) - warning 10:17:34.0050 11932 NSUService - detected UnsignedFile.Multi.Generic (1) 10:17:34.0155 11932 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 10:17:34.0302 11932 Ntfs - ok 10:17:34.0347 11932 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys 10:17:34.0442 11932 ntrigdigi - ok 10:17:34.0484 11932 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys 10:17:34.0520 11932 Null - ok 10:17:34.0584 11932 [ 2C7AC27710E8D41C1EB7D1599187D237 ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys 10:17:34.0623 11932 NVHDA - ok 10:17:34.0889 11932 [ 7067E24FDE736901A1C4197B008C6E9F ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 10:17:35.0626 11932 nvlddmkm - ok 10:17:35.0674 11932 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys 10:17:35.0758 11932 nvraid - ok 10:17:35.0799 11932 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys 10:17:35.0822 11932 nvstor - ok 10:17:35.0867 11932 [ 51AB114BAFDCCCFB0990B9883EF6C28B ] nvsvc C:\Windows\system32\nvvsvc.exe 10:17:35.0946 11932 nvsvc - ok 10:17:35.0982 11932 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 10:17:36.0046 11932 nv_agp - ok 10:17:36.0051 11932 NwlnkFlt - ok 10:17:36.0057 11932 NwlnkFwd - ok 10:17:36.0206 11932 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 10:17:36.0302 11932 odserv - ok 10:17:36.0361 11932 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys 10:17:36.0435 11932 ohci1394 - ok 10:17:36.0484 11932 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 10:17:36.0511 11932 ose - ok 10:17:36.0629 11932 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll 10:17:36.0803 11932 p2pimsvc - ok 10:17:36.0875 11932 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll 10:17:36.0930 11932 p2psvc - ok 10:17:36.0967 11932 [ 41C33FB4FD929FED732A00D2DAEF5BE0 ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe 10:17:37.0004 11932 PACSPTISVR ( UnsignedFile.Multi.Generic ) - warning 10:17:37.0004 11932 PACSPTISVR - detected UnsignedFile.Multi.Generic (1) 10:17:37.0037 11932 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys 10:17:37.0094 11932 Parport - ok 10:17:37.0146 11932 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys 10:17:37.0171 11932 partmgr - ok 10:17:37.0204 11932 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys 10:17:37.0301 11932 Parvdm - ok 10:17:37.0349 11932 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll 10:17:37.0418 11932 PcaSvc - ok 10:17:37.0493 11932 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys 10:17:37.0542 11932 pci - ok 10:17:37.0604 11932 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys 10:17:37.0625 11932 pciide - ok 10:17:37.0651 11932 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 10:17:37.0680 11932 pcmcia - ok 10:17:37.0727 11932 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 10:17:37.0891 11932 PEAUTH - ok 10:17:38.0022 11932 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll 10:17:38.0187 11932 pla - ok 10:17:38.0240 11932 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll 10:17:38.0305 11932 PlugPlay - ok 10:17:38.0373 11932 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll 10:17:38.0405 11932 PNRPAutoReg - ok 10:17:38.0487 11932 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll 10:17:38.0543 11932 PNRPsvc - ok 10:17:38.0594 11932 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 10:17:38.0702 11932 PolicyAgent - ok 10:17:38.0733 11932 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 10:17:38.0780 11932 PptpMiniport - ok 10:17:38.0802 11932 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys 10:17:38.0879 11932 Processor - ok 10:17:38.0960 11932 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll 10:17:38.0990 11932 ProfSvc - ok 10:17:39.0029 11932 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe 10:17:39.0060 11932 ProtectedStorage - ok 10:17:39.0113 11932 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys 10:17:39.0152 11932 PSched - ok 10:17:39.0204 11932 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys 10:17:39.0244 11932 PxHelp20 - ok 10:17:39.0382 11932 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 10:17:39.0562 11932 ql2300 - ok 10:17:39.0600 11932 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 10:17:39.0625 11932 ql40xx - ok 10:17:39.0668 11932 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll 10:17:39.0772 11932 QWAVE - ok 10:17:39.0816 11932 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 10:17:39.0860 11932 QWAVEdrv - ok 10:17:40.0035 11932 [ 138F7963118EC710C348819C08F72230 ] Radio.fx C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe 10:17:40.0221 11932 Radio.fx - ok 10:17:40.0301 11932 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 10:17:40.0371 11932 RasAcd - ok 10:17:40.0432 11932 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll 10:17:40.0536 11932 RasAuto - ok 10:17:40.0576 11932 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 10:17:40.0648 11932 Rasl2tp - ok 10:17:40.0715 11932 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll 10:17:40.0799 11932 RasMan - ok 10:17:40.0850 11932 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 10:17:40.0919 11932 RasPppoe - ok 10:17:40.0927 11932 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 10:17:40.0952 11932 RasSstp - ok 10:17:40.0982 11932 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 10:17:41.0049 11932 rdbss - ok 10:17:41.0076 11932 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 10:17:41.0127 11932 RDPCDD - ok 10:17:41.0169 11932 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys 10:17:41.0236 11932 rdpdr - ok 10:17:41.0241 11932 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 10:17:41.0295 11932 RDPENCDD - ok 10:17:41.0356 11932 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 10:17:41.0447 11932 RDPWD - ok 10:17:41.0463 11932 [ 001B4278407F4303EFC902A2B16F2453 ] regi C:\Windows\system32\drivers\regi.sys 10:17:41.0497 11932 regi - ok 10:17:41.0564 11932 [ B33C88DF3588ACF250B87A004526C31A ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 10:17:41.0651 11932 RegSrvc ( UnsignedFile.Multi.Generic ) - warning 10:17:41.0652 11932 RegSrvc - detected UnsignedFile.Multi.Generic (1) 10:17:41.0674 11932 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll 10:17:41.0733 11932 RemoteAccess - ok 10:17:41.0782 11932 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll 10:17:41.0859 11932 RemoteRegistry - ok 10:17:41.0896 11932 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 10:17:41.0979 11932 RFCOMM - ok 10:17:42.0019 11932 [ D0C2A0CE1091E08EFB7CCBA6CEA4C3F9 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys 10:17:42.0103 11932 rimsptsk - ok 10:17:42.0116 11932 [ C22E4E27CCDF9AA5FE8143104F28CDE3 ] risdptsk C:\Windows\system32\DRIVERS\risdptsk.sys 10:17:42.0137 11932 risdptsk - ok 10:17:42.0154 11932 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe 10:17:42.0205 11932 RpcLocator - ok 10:17:42.0225 11932 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll 10:17:42.0300 11932 RpcSs - ok 10:17:42.0335 11932 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 10:17:42.0416 11932 rspndr - ok 10:17:42.0473 11932 [ 93EB7F2F895952AC8FE100B5DFC3FE39 ] RtkAudioService C:\Windows\RtkAudioService.exe 10:17:42.0545 11932 RtkAudioService ( UnsignedFile.Multi.Generic ) - warning 10:17:42.0546 11932 RtkAudioService - detected UnsignedFile.Multi.Generic (1) 10:17:42.0562 11932 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe 10:17:42.0580 11932 SamSs - ok 10:17:42.0608 11932 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 10:17:42.0657 11932 sbp2port - ok 10:17:42.0700 11932 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll 10:17:42.0793 11932 SCardSvr - ok 10:17:42.0856 11932 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll 10:17:42.0927 11932 Schedule - ok 10:17:42.0981 11932 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll 10:17:43.0008 11932 SCPolicySvc - ok 10:17:43.0069 11932 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys 10:17:43.0165 11932 sdbus - ok 10:17:43.0237 11932 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll 10:17:43.0280 11932 SDRSVC - ok 10:17:43.0319 11932 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 10:17:43.0416 11932 secdrv - ok 10:17:43.0442 11932 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll 10:17:43.0490 11932 seclogon - ok 10:17:43.0537 11932 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll 10:17:43.0614 11932 SENS - ok 10:17:43.0635 11932 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys 10:17:43.0694 11932 Serenum - ok 10:17:43.0744 11932 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys 10:17:43.0832 11932 Serial - ok 10:17:43.0863 11932 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys 10:17:43.0919 11932 sermouse - ok 10:17:43.0975 11932 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll 10:17:44.0011 11932 SessionEnv - ok 10:17:44.0040 11932 [ 8B7C1768D2CDE2E02E09A66563DDFD16 ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys 10:17:44.0111 11932 SFEP - ok 10:17:44.0150 11932 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 10:17:44.0194 11932 sffdisk - ok 10:17:44.0224 11932 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 10:17:44.0285 11932 sffp_mmc - ok 10:17:44.0317 11932 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 10:17:44.0367 11932 sffp_sd - ok 10:17:44.0405 11932 [ C33BFBD6E9E41FCD9FFEF9729E9FAED6 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 10:17:44.0468 11932 sfloppy - ok 10:17:44.0530 11932 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll 10:17:44.0580 11932 SharedAccess - ok 10:17:44.0634 11932 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 10:17:44.0678 11932 ShellHWDetection - ok 10:17:44.0706 11932 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys 10:17:44.0751 11932 sisagp - ok 10:17:44.0779 11932 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys 10:17:44.0833 11932 SiSRaid2 - ok 10:17:44.0886 11932 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 10:17:44.0932 11932 SiSRaid4 - ok 10:17:45.0069 11932 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe 10:17:45.0258 11932 slsvc - ok 10:17:45.0288 11932 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll 10:17:45.0363 11932 SLUINotify - ok 10:17:45.0402 11932 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys 10:17:45.0469 11932 Smb - ok 10:17:45.0515 11932 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 10:17:45.0546 11932 SNMPTRAP - ok 10:17:45.0680 11932 [ DC826AFFA608F50C385BCA4C71EF1BDD ] SOHCImp C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe 10:17:45.0720 11932 SOHCImp - ok 10:17:45.0756 11932 [ 1EC739F65C51FA1C7AC4502464A3C3A8 ] SOHDms C:\Program Files\Sony\VAIO Media plus\SOHDms.exe 10:17:45.0790 11932 SOHDms - ok 10:17:45.0818 11932 [ EC8FAB4AC684445D6032AA5C6E77CA2E ] SOHDs C:\Program Files\Sony\VAIO Media plus\SOHDs.exe 10:17:45.0849 11932 SOHDs - ok 10:17:45.0923 11932 [ 3BB48F7E33C2B76184DDF233000C09CD ] Sony SCSI Helper Service C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe 10:17:46.0002 11932 Sony SCSI Helper Service ( UnsignedFile.Multi.Generic ) - warning 10:17:46.0002 11932 Sony SCSI Helper Service - detected UnsignedFile.Multi.Generic (1) 10:17:46.0027 11932 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys 10:17:46.0049 11932 spldr - ok 10:17:46.0116 11932 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe 10:17:46.0211 11932 Spooler - ok 10:17:46.0273 11932 [ F63102F289AE2039940B22E9B2A8E0BD ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe 10:17:46.0297 11932 SPTISRV ( UnsignedFile.Multi.Generic ) - warning 10:17:46.0297 11932 SPTISRV - detected UnsignedFile.Multi.Generic (1) 10:17:46.0351 11932 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys 10:17:46.0440 11932 srv - ok 10:17:46.0486 11932 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 10:17:46.0569 11932 srv2 - ok 10:17:46.0607 11932 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 10:17:46.0659 11932 srvnet - ok 10:17:46.0703 11932 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 10:17:46.0757 11932 SSDPSRV - ok 10:17:46.0813 11932 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys 10:17:46.0859 11932 ssmdrv - ok 10:17:46.0902 11932 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll 10:17:46.0943 11932 SstpSvc - ok 10:17:47.0000 11932 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll 10:17:47.0053 11932 stisvc - ok 10:17:47.0092 11932 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 10:17:47.0129 11932 swenum - ok 10:17:47.0180 11932 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll 10:17:47.0241 11932 swprv - ok 10:17:47.0269 11932 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys 10:17:47.0317 11932 Symc8xx - ok 10:17:47.0341 11932 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys 10:17:47.0364 11932 Sym_hi - ok 10:17:47.0390 11932 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys 10:17:47.0412 11932 Sym_u3 - ok 10:17:47.0455 11932 [ 99DA94793332AADBB17BBB521AE56E21 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 10:17:47.0484 11932 SynTP - ok 10:17:47.0572 11932 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll 10:17:47.0659 11932 SysMain - ok 10:17:47.0698 11932 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll 10:17:47.0783 11932 TabletInputService - ok 10:17:47.0844 11932 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll 10:17:47.0951 11932 TapiSrv - ok 10:17:47.0987 11932 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll 10:17:48.0084 11932 TBS - ok 10:17:48.0166 11932 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 10:17:48.0242 11932 Tcpip - ok 10:17:48.0333 11932 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys 10:17:48.0411 11932 Tcpip6 - ok 10:17:48.0463 11932 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 10:17:48.0542 11932 tcpipreg - ok 10:17:48.0618 11932 [ 72B9E77565DA5FA564581976E000D29B ] TcUsb C:\Windows\system32\Drivers\tcusb.sys 10:17:48.0637 11932 TcUsb - ok 10:17:48.0694 11932 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 10:17:48.0751 11932 TDPIPE - ok 10:17:48.0784 11932 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 10:17:48.0849 11932 TDTCP - ok 10:17:48.0898 11932 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 10:17:48.0986 11932 tdx - ok 10:17:49.0054 11932 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 10:17:49.0103 11932 TermDD - ok 10:17:49.0158 11932 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll 10:17:49.0230 11932 TermService - ok 10:17:49.0266 11932 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll 10:17:49.0334 11932 Themes - ok 10:17:49.0369 11932 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll 10:17:49.0414 11932 THREADORDER - ok 10:17:49.0477 11932 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll 10:17:49.0514 11932 TrkWks - ok 10:17:49.0593 11932 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 10:17:49.0639 11932 TrustedInstaller - ok 10:17:49.0723 11932 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 10:17:49.0810 11932 tssecsrv - ok 10:17:49.0842 11932 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys 10:17:49.0886 11932 tunmp - ok 10:17:49.0923 11932 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 10:17:50.0000 11932 tunnel - ok 10:17:50.0039 11932 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys 10:17:50.0078 11932 uagp35 - ok 10:17:50.0114 11932 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 10:17:50.0155 11932 udfs - ok 10:17:50.0189 11932 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 10:17:50.0287 11932 UI0Detect - ok 10:17:50.0293 11932 UIUSys - ok 10:17:50.0342 11932 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 10:17:50.0386 11932 uliagpkx - ok 10:17:50.0408 11932 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys 10:17:50.0440 11932 uliahci - ok 10:17:50.0468 11932 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys 10:17:50.0517 11932 UlSata - ok 10:17:50.0539 11932 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys 10:17:50.0575 11932 ulsata2 - ok 10:17:50.0602 11932 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 10:17:50.0650 11932 umbus - ok 10:17:50.0698 11932 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll 10:17:50.0772 11932 upnphost - ok 10:17:50.0833 11932 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys 10:17:50.0919 11932 USBAAPL - ok 10:17:50.0948 11932 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 10:17:51.0032 11932 usbaudio - ok 10:17:51.0087 11932 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 10:17:51.0144 11932 usbccgp - ok 10:17:51.0207 11932 [ 47B9770EA21436DE4AD5AEA7926E0900 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys 10:17:51.0278 11932 usbcir - ok 10:17:51.0319 11932 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 10:17:51.0417 11932 usbehci - ok 10:17:51.0487 11932 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 10:17:51.0526 11932 usbhub - ok 10:17:51.0549 11932 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys 10:17:51.0656 11932 usbohci - ok 10:17:51.0696 11932 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 10:17:51.0799 11932 usbprint - ok 10:17:51.0836 11932 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 10:17:51.0881 11932 usbscan - ok 10:17:51.0902 11932 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 10:17:51.0942 11932 USBSTOR - ok 10:17:51.0971 11932 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 10:17:52.0039 11932 usbuhci - ok 10:17:52.0095 11932 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 10:17:52.0144 11932 usbvideo - ok 10:17:52.0182 11932 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll 10:17:52.0221 11932 UxSms - ok 10:17:52.0302 11932 [ 2A640DC735CB0112AC1DCD1E1549B27E ] VAIO Entertainment TV Device Arbitration Service C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe 10:17:52.0367 11932 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - warning 10:17:52.0367 11932 VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic (1) 10:17:52.0490 11932 [ 693A3FDD279C345105FFF9DDE277849B ] VAIO Event Service C:\Program Files\Sony\VAIO Event Service\VESMgr.exe 10:17:52.0532 11932 VAIO Event Service - ok 10:17:52.0592 11932 [ 43CEC9BF5A4F2917982AD01D92E0F44D ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe 10:17:52.0662 11932 VAIO Power Management - ok 10:17:52.0763 11932 [ CBCBE2233D21E9B278F95F5CB28BC8AE ] VCFw C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe 10:17:52.0855 11932 VCFw ( UnsignedFile.Multi.Generic ) - warning 10:17:52.0855 11932 VCFw - detected UnsignedFile.Multi.Generic (1) 10:17:52.0953 11932 [ 27888F132D2EE0B72B28093A5F5F20EB ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe 10:17:53.0043 11932 VcmIAlzMgr - ok 10:17:53.0120 11932 [ EE9ABFC2F8F2DCDC624B6A9D5CF3B19D ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe 10:17:53.0141 11932 VcmXmlIfHelper - ok 10:17:53.0167 11932 Vcsw - ok 10:17:53.0251 11932 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe 10:17:53.0304 11932 vds - ok 10:17:53.0353 11932 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 10:17:53.0390 11932 vga - ok 10:17:53.0414 11932 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys 10:17:53.0488 11932 VgaSave - ok 10:17:53.0519 11932 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys 10:17:53.0544 11932 viaagp - ok 10:17:53.0562 11932 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys 10:17:53.0622 11932 ViaC7 - ok 10:17:53.0674 11932 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys 10:17:53.0696 11932 viaide - ok 10:17:53.0747 11932 [ AE01E1ED5A81E0D268B91B4A6DE5A872 ] VNUSB C:\Windows\system32\DRIVERS\VNUSB.sys 10:17:53.0787 11932 VNUSB ( UnsignedFile.Multi.Generic ) - warning 10:17:53.0787 11932 VNUSB - detected UnsignedFile.Multi.Generic (1) 10:17:53.0810 11932 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys 10:17:53.0835 11932 volmgr - ok 10:17:53.0920 11932 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 10:17:53.0969 11932 volmgrx - ok 10:17:54.0061 11932 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys 10:17:54.0082 11932 volsnap - ok 10:17:54.0127 11932 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 10:17:54.0172 11932 vsmraid - ok 10:17:54.0231 11932 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe 10:17:54.0350 11932 VSS - ok 10:17:54.0419 11932 [ 071634532066C2E29350D450C3412837 ] VzCdbSvc C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe 10:17:54.0472 11932 VzCdbSvc ( UnsignedFile.Multi.Generic ) - warning 10:17:54.0472 11932 VzCdbSvc - detected UnsignedFile.Multi.Generic (1) 10:17:54.0557 11932 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll 10:17:54.0623 11932 W32Time - ok 10:17:54.0698 11932 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 10:17:54.0780 11932 WacomPen - ok 10:17:54.0806 11932 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys 10:17:54.0838 11932 Wanarp - ok 10:17:54.0843 11932 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 10:17:54.0869 11932 Wanarpv6 - ok 10:17:54.0905 11932 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll 10:17:54.0965 11932 wcncsvc - ok 10:17:55.0032 11932 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 10:17:55.0089 11932 WcsPlugInService - ok 10:17:55.0111 11932 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys 10:17:55.0154 11932 Wd - ok 10:17:55.0207 11932 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 10:17:55.0256 11932 Wdf01000 - ok 10:17:55.0283 11932 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll 10:17:55.0358 11932 WdiServiceHost - ok 10:17:55.0362 11932 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll 10:17:55.0399 11932 WdiSystemHost - ok 10:17:55.0469 11932 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll 10:17:55.0520 11932 WebClient - ok 10:17:55.0599 11932 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll 10:17:55.0663 11932 Wecsvc - ok 10:17:55.0731 11932 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll 10:17:55.0759 11932 wercplsupport - ok 10:17:55.0802 11932 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll 10:17:55.0832 11932 WerSvc - ok 10:17:55.0892 11932 [ 090A2B8F055343815556A01F725F6C35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys 10:17:55.0920 11932 WimFltr - ok 10:17:56.0042 11932 [ 5A77AC34A0FFB70CE8B35B524FEDE9BA ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys 10:17:56.0184 11932 winachsf - ok 10:17:56.0314 11932 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 10:17:56.0347 11932 WinDefend - ok 10:17:56.0356 11932 WinHttpAutoProxySvc - ok 10:17:56.0448 11932 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 10:17:56.0488 11932 Winmgmt - ok 10:17:56.0568 11932 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll 10:17:56.0716 11932 WinRM - ok 10:17:56.0848 11932 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll 10:17:57.0013 11932 Wlansvc - ok 10:17:57.0065 11932 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 10:17:57.0136 11932 WmiAcpi - ok 10:17:57.0206 11932 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 10:17:57.0248 11932 wmiApSrv - ok 10:17:57.0335 11932 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 10:17:57.0454 11932 WMPNetworkSvc - ok 10:17:57.0503 11932 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll 10:17:57.0577 11932 WPCSvc - ok 10:17:57.0637 11932 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 10:17:57.0682 11932 WPDBusEnum - ok 10:17:57.0735 11932 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys 10:17:57.0775 11932 WpdUsb - ok 10:17:57.0950 11932 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 10:17:58.0042 11932 WPFFontCache_v0400 - ok 10:17:58.0093 11932 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 10:17:58.0188 11932 ws2ifsl - ok 10:17:58.0262 11932 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll 10:17:58.0324 11932 wscsvc - ok 10:17:58.0329 11932 WSearch - ok 10:17:58.0425 11932 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll 10:17:58.0577 11932 wuauserv - ok 10:17:58.0608 11932 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 10:17:58.0678 11932 WUDFRd - ok 10:17:58.0732 11932 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll 10:17:58.0814 11932 wudfsvc - ok 10:17:58.0854 11932 [ 88AF537264F2B818DA15479CEEAF5D7C ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys 10:17:58.0907 11932 XAudio - ok 10:17:58.0992 11932 [ 15A317674A08DF26BE65164D959E9203 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe 10:17:59.0106 11932 XAudioService - ok 10:17:59.0175 11932 [ 67E3D2AF24C3873E6A0CAC89DE78D63B ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys 10:17:59.0284 11932 yukonwlh - ok 10:17:59.0305 11932 ================ Scan global =============================== 10:17:59.0359 11932 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll 10:17:59.0445 11932 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll 10:17:59.0489 11932 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll 10:17:59.0541 11932 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe 10:17:59.0563 11932 [Global] - ok 10:17:59.0564 11932 ================ Scan MBR ================================== 10:17:59.0574 11932 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0 10:18:00.0048 11932 \Device\Harddisk0\DR0 - ok 10:18:00.0048 11932 ================ Scan VBR ================================== 10:18:00.0051 11932 [ D6F8CFD061C73AAD97A76F2CFB7C5F2A ] \Device\Harddisk0\DR0\Partition1 10:18:00.0053 11932 \Device\Harddisk0\DR0\Partition1 - ok 10:18:00.0054 11932 ============================================================ 10:18:00.0054 11932 Scan finished 10:18:00.0054 11932 ============================================================ 10:18:00.0065 11664 Detected object count: 13 10:18:00.0066 11664 Actual detected object count: 13 10:18:22.0865 11664 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user 10:18:22.0865 11664 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:18:22.0867 11664 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user 10:18:22.0867 11664 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:18:22.0869 11664 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user 10:18:22.0870 11664 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:18:22.0871 11664 NSUService ( UnsignedFile.Multi.Generic ) - skipped by user 10:18:22.0871 11664 NSUService ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:18:22.0873 11664 PACSPTISVR ( UnsignedFile.Multi.Generic ) - skipped by user 10:18:22.0873 11664 PACSPTISVR ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:18:22.0875 11664 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user 10:18:22.0875 11664 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:18:22.0876 11664 RtkAudioService ( UnsignedFile.Multi.Generic ) - skipped by user 10:18:22.0876 11664 RtkAudioService ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:18:22.0878 11664 Sony SCSI Helper Service ( UnsignedFile.Multi.Generic ) - skipped by user 10:18:22.0878 11664 Sony SCSI Helper Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:18:22.0880 11664 SPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user 10:18:22.0880 11664 SPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:18:22.0881 11664 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - skipped by user 10:18:22.0882 11664 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:18:22.0883 11664 VCFw ( UnsignedFile.Multi.Generic ) - skipped by user 10:18:22.0883 11664 VCFw ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:18:22.0885 11664 VNUSB ( UnsignedFile.Multi.Generic ) - skipped by user 10:18:22.0885 11664 VNUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:18:22.0887 11664 VzCdbSvc ( UnsignedFile.Multi.Generic ) - skipped by user 10:18:22.0887 11664 VzCdbSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip |
|
18.12.2012, 15:26
| #6 | |
| /// Malware-holic | Google Suchergebnisse springen nach einer Sekunde um hi combofix: Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ --> Google Suchergebnisse springen nach einer Sekunde um |
|
22.12.2012, 18:21
| #7 |
| | Google Suchergebnisse springen nach einer Sekunde um So ich habe Combofix drüberlaufen lassen: Hier der Logfile: Combofix Logfile: Code:
ATTFilter ComboFix 12-12-20.02 - Arne 22.12.2012 17:57:21.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3038.1480 [GMT 1:00]
ausgeführt von:: c:\users\Arne\Desktop\ComboFix.exe
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\autorun.inf
c:\program files\kikin
c:\program files\kikin\default_settings.xml
c:\program files\kikin\file_list.txt
c:\program files\kikin\ie_kikin.dll
c:\program files\kikin\kikin.ico
c:\program files\kikin\kikin_updater_2.0.0.11.exe
c:\program files\kikin\KikinBroker.exe
c:\program files\kikin\KikinCrashReporter.exe
c:\program files\kikin\uninst.exe
c:\programdata\doeR23dF.exe.b
c:\programdata\dsgsdgdsgdsgw.pad
c:\programdata\Roaming
c:\programdata\Roaming\Intel\Wireless\Settings\Settings.ini
c:\users\Arne\AppData\Roaming\Desktopicon
c:\users\Arne\AppData\Roaming\Desktopicon\eBayShortcuts.exe
c:\users\Arne\AppData\Roaming\kikin
c:\users\Arne\AppData\Roaming\kikin\ff_kkes.xml
c:\users\Arne\AppData\Roaming\kikin\ff_settings.xml
c:\users\Arne\AppData\Roaming\kikin\ie_configuration.xml
c:\users\Arne\AppData\Roaming\kikin\ie_kkes.xml
c:\users\Arne\AppData\Roaming\kikin\ie_settings.xml
c:\users\Arne\AppData\Roaming\kikin\kikin_updater_2.4.15.exe
c:\users\Arne\AppData\Roaming\kikin\kikin_updater_2.9.1.exe
c:\users\Arne\AppData\Roaming\Laehco
c:\users\Arne\AppData\Roaming\Laehco\ysiv.tyu
c:\users\Arne\AppData\Roaming\ntuser.dat
c:\windows\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-11-22 bis 2012-12-22 ))))))))))))))))))))))))))))))
.
.
2012-12-22 17:08 . 2012-12-22 17:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-22 14:46 . 2012-12-22 14:46 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0D07C47D-7144-4DD8-B7F2-0DD1A865D8AD}\offreg.dll
2012-12-21 16:00 . 2012-12-21 16:00 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-12-21 14:16 . 2012-12-21 14:16 -------- d-----w- c:\users\Arne\AppData\Roaming\Leadertech
2012-12-21 14:16 . 2012-12-21 14:16 53248 ----a-r- c:\users\Arne\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-12-21 14:14 . 2012-12-21 14:22 -------- d-----w- c:\programdata\Logishrd
2012-12-21 14:14 . 2012-12-21 14:14 -------- d-----w- c:\program files\Logitech
2012-12-21 14:13 . 2012-12-21 14:16 -------- d-----w- c:\program files\Common Files\Logishrd
2012-12-21 14:10 . 2012-12-21 14:22 -------- d-----w- c:\users\Arne\AppData\Roaming\Logitech
2012-12-21 14:10 . 2012-12-21 14:10 -------- d-----w- c:\users\Arne\AppData\Roaming\Logishrd
2012-12-21 11:16 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0D07C47D-7144-4DD8-B7F2-0DD1A865D8AD}\mpengine.dll
2012-12-17 11:45 . 2012-12-17 11:45 -------- d-----w- c:\users\Gast
2012-12-17 11:33 . 2012-12-17 11:33 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-12-16 19:42 . 2012-12-17 11:24 -------- d-----w- c:\program files\CCleaner
2012-12-15 11:11 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-15 11:11 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-15 11:11 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-15 11:11 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-15 11:11 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-15 11:11 . 2009-07-14 12:12 16896 ----a-w- c:\windows\system32\winusb.dll
2012-12-15 11:11 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-15 11:11 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-15 11:11 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-15 11:11 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-15 11:11 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-13 17:52 . 2012-11-13 01:29 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-30 14:07 . 2012-12-22 15:20 -------- d-----w- C:\Malediven
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-13 18:05 . 2012-04-10 15:42 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-13 18:05 . 2011-05-29 11:12 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-01 11:30 . 2010-11-22 11:23 409264 ----a-w- c:\windows\system32\dsNcSmartCardProv.dll
2012-10-01 11:30 . 2010-11-22 11:23 364208 ----a-w- c:\windows\system32\dsNcCredProv.dll
2012-10-01 11:27 . 2012-10-01 11:27 229376 ----a-w- c:\windows\system32\dsGinaLoader.dll
2012-10-01 11:07 . 2012-10-01 11:07 26624 ----a-w- c:\windows\system32\drivers\dsNcAdpt.sys
2012-09-25 16:19 . 2012-11-17 13:43 75776 ----a-w- c:\windows\system32\synceng.dll
2009-09-01 11:06 . 2009-09-27 13:22 544768 ----a-w- c:\program files\msvcr71d.dll
2009-09-01 11:06 . 2009-09-27 13:22 374032 ----a-w- c:\program files\GDFBinary.dll
2009-09-01 11:06 . 2009-09-27 13:22 348160 ----a-w- c:\program files\msvcr71.dll
2009-09-01 11:06 . 2009-09-27 13:22 324880 ----a-w- c:\program files\dirtysock.dll
2012-11-29 08:26 . 2012-12-17 11:33 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2010-08-12 11:12 . 2012-12-09 15:31 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2008-07-15 16:04 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GOEC62~1.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
backup=c:\windows\pss\BTTray.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Device Detector 3.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Device Detector 3.lnk
backup=c:\windows\pss\Device Detector 3.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FILSHtray.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\FILSHtray.lnk
backup=c:\windows\pss\FILSHtray.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Arne^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ctfmon.lnk]
path=c:\users\Arne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
backup=c:\windows\pss\ctfmon.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Arne^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk]
path=c:\users\Arne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
backup=c:\windows\pss\Logitech . Produktregistrierung.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2008-10-14 19:38 623992 ----a-w- c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AML]
2008-06-13 13:07 1097728 ----a-w- c:\program files\Sony\VAIO Launcher\AML.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-02-20 20:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
2011-01-10 13:22 281768 ----a-w- c:\program files\Avira\AntiVir Desktop\avgnt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-03-05 15:32 1135912 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dradio-RecorderTimer]
2012-03-15 14:21 41472 ----a-w- c:\program files\dradio-Recorder\phonostarTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
2009-09-03 21:17 3342336 ----a-w- c:\program files\Electronic Arts\EADM\Core.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]
2012-11-04 17:43 1851192 ----a-w- c:\program files\Logitech\SetPointP\SetPoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2010-08-12 11:12 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2008-04-15 15:54 178712 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]
2008-04-03 18:03 317280 ----a-w- c:\program files\Sony\ISB Utility\ISBMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-03-27 03:09 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MarketingTools]
2008-08-11 13:04 24576 ----a-w- c:\program files\Sony\Marketing Tools\MarketingTools.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-07-23 00:01 13543968 ----a-w- c:\windows\System32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-07-23 00:01 92704 ----a-w- c:\windows\System32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 15:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reader Library Launcher]
2010-07-13 00:34 906648 ----a-w- c:\program files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2008-07-11 11:45 6244896 ----a-w- c:\windows\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2008-07-11 11:45 1826816 ----a-w- c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-07-03 07:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-02-26 20:59 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2007-03-10 02:43 835584 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2012-05-21 11:06 296056 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2008-08-03 23:02 36352 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-21 02:25 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2012-12-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 18:05]
.
2012-12-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 19:15]
.
2012-12-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 19:15]
.
2012-12-20 c:\windows\Tasks\Norton Security Scan for Arne.job
- c:\program files\Norton Security Scan\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-06-16 07:48]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = https://web-mail.dw.de/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: An vorhandenes PDF anfügen - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Auswahl in Adobe PDF konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Auswahl in vorhandene PDF-Datei konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Free YouTube to Mp3 Converter - c:\users\Arne\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: In Adobe PDF konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Verknüpfungsziel in Adobe PDF konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll
Trusted Zone: corel.com
Trusted Zone: corel.com\www
Trusted Zone: intervideo.com
Trusted Zone: intervideo.com\www
TCP: DhcpNameServer = 192.168.0.1
DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} - hxxps://web-mail.dw.de/dwa85W.cab
FF - ProfilePath - c:\users\Arne\AppData\Roaming\Mozilla\Firefox\Profiles\s3oktcwn.ALDorfclub\
FF - prefs.js: browser.startup.homepage - hxxps://login.yahoo.com/config/mail?.intl=de&.done=http%3A%2F%2Fde.mg5.mail.yahoo.com%2Fneo%2Flaunch%3F.rand%3D4jfnehtng2jc3#minty
FF - ExtSQL: 2012-12-17 13:31; {bee6eb20-01e0-ebd1-da83-080329fb9a3a}; c:\users\Arne\AppData\Roaming\Mozilla\Firefox\Profiles\s3oktcwn.ALDorfclub\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
FF - ExtSQL: 2012-12-17 13:32; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; c:\users\Arne\AppData\Roaming\Mozilla\Firefox\Profiles\s3oktcwn.ALDorfclub\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - ExtSQL: 2012-12-17 13:33; {c50ca3c4-5656-43c2-a061-13e717f73fc8}; c:\users\Arne\AppData\Roaming\Mozilla\Firefox\Profiles\s3oktcwn.ALDorfclub\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-Cognac - c:\users\Arne\AppData\Local\Temp\d.exe
AddRemove-kikin Plugin (JDownloader Edition) - c:\program files\kikin\uninst.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-12-22 18:08
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
.
c:\windows\TEMP\TMP000000572FBB85C460F7D229 524288 bytes
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 1
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-95726161-445926714-3226604679-1000\Software\SecuROM\License information*]
"datasecu"=hex:c9,e6,8e,5a,b5,01,be,29,3f,bf,74,61,58,eb,48,6d,3f,3b,53,b5,ab,
ca,0a,f4,94,f7,4d,55,a1,2b,b2,90,f1,e0,a6,1d,df,d4,05,30,b9,34,69,d0,c2,49,\
"rkeysecu"=hex:8c,df,a6,3d,21,29,e7,5f,50,1b,cf,a5,bd,5a,c4,f6
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(5420)
c:\windows\system32\btncopy.dll
.
Zeit der Fertigstellung: 2012-12-22 18:11:06
ComboFix-quarantined-files.txt 2012-12-22 17:11
.
Vor Suchlauf: 54 Verzeichnis(se), 91.313.807.360 Bytes frei
Nach Suchlauf: 58 Verzeichnis(se), 91.335.077.888 Bytes frei
.
- - End Of File - - CCE782D213235DA232FBB7B27488EDFD
|
|
27.12.2012, 15:39
| #8 |
| /// Malware-holic | Google Suchergebnisse springen nach einer Sekunde um Hi, malwarebytes: Downloade Dir bitte Malwarebytes
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
30.12.2012, 10:20
| #9 |
| | Google Suchergebnisse springen nach einer Sekunde um Ich habe Malware drüber laufen lassen. Hier anbei der Logfile. Malwarebytes Anti-Malware (Test) 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2012.12.29.07 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 8.0.6001.19393 Arne :: LAPTOP [Administrator] Schutz: Aktiviert 29.12.2012 15:36:19 mbam-log-2012-12-29 (15-36-19).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 446123 Laufzeit: 2 Stunde(n), 22 Minute(n), 37 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 2 HKCU\Software\Microsoft|setiasworld (Malware.Trace) -> Daten: zcvfilxfitge2mgyevyaemnpxesbyjq -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\Microsoft|bk (Malware.Trace) -> Daten: dmpa1nseq23s.ru/; -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Qoobox\Quarantine\C\Users\Arne\AppData\Roaming\Desktopicon\eBayShortcuts.exe.vir (Adware.ADON) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) |
|
02.01.2013, 20:54
| #10 |
| /// Malware-holic | Google Suchergebnisse springen nach einer Sekunde um Hi lade den CCleaner standard: CCleaner Download - CCleaner 3.26.1888 falls der CCleaner bereits instaliert, überspringen. öffnen, Tools,uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu Google Suchergebnisse springen nach einer Sekunde um |
| andere, ausprobiert, community, dankbar, deinstalliere, deinstallieren, erscheine, erscheinen, firefox, gen, google, homepage, kurzer, liebe, neu, normalen, private, problem, rutsch, sache, sachen, suche, suchergebnisse, tauchen, treffer |
Linear-Darstellung
