| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Virus Big Fish Games TR/Agent.2409800Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
06.01.2013, 18:33
| #1 |
 |  Virus Big Fish Games TR/Agent.2409800 Hallo Leute. Avira hat beim letzten Suchlauf einen Virus entdeckt und in Quarantäne verschoben. MWB hat ihn aber komischerweise nicht gefunden. Habe auch nie was von Big Fish Games installiert, keine Ahnung wo das auf einmal herkommt. Poste euch mal die Log-Dateien und wäre für eure Hilfe sehr dankbar.  Code:
ATTFilter
Avira Antivirus Premium
Erstellungsdatum der Reportdatei: Freitag, 4. Januar 2013 12:20
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : xxx
Seriennummer : xxx
Plattform : Windows Vista (TM) Home Premium
Windowsversion : (Service Pack 2) [6.0.6002]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : xxx-PC
Versionsinformationen:
BUILD.DAT : 13.0.0.2890 50871 Bytes 05.12.2012 17:14:00
AVSCAN.EXE : 13.6.0.402 639264 Bytes 22.12.2012 19:03:45
AVSCANRC.DLL : 13.4.0.360 64800 Bytes 22.12.2012 19:03:45
LUKE.DLL : 13.6.0.400 67360 Bytes 22.12.2012 19:04:21
AVSCPLR.DLL : 13.6.0.402 93984 Bytes 22.12.2012 19:05:20
AVREG.DLL : 13.6.0.406 248096 Bytes 22.12.2012 19:05:19
avlode.dll : 13.6.1.402 428832 Bytes 22.12.2012 19:05:21
avlode.rdf : 13.0.0.26 7958 Bytes 22.11.2012 10:59:16
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 13:50:29
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 13:50:31
VBASE002.VDF : 7.11.19.170 14374912 Bytes 20.12.2011 13:50:34
VBASE003.VDF : 7.11.21.238 4472832 Bytes 01.02.2012 13:50:36
VBASE004.VDF : 7.11.26.44 4329472 Bytes 28.03.2012 13:50:37
VBASE005.VDF : 7.11.34.116 4034048 Bytes 29.06.2012 13:42:40
VBASE006.VDF : 7.11.41.250 4902400 Bytes 06.09.2012 13:42:40
VBASE007.VDF : 7.11.50.230 3904512 Bytes 22.11.2012 12:43:11
VBASE008.VDF : 7.11.55.142 2214912 Bytes 03.01.2013 12:27:51
VBASE009.VDF : 7.11.55.143 2048 Bytes 03.01.2013 12:27:51
VBASE010.VDF : 7.11.55.144 2048 Bytes 03.01.2013 12:27:51
VBASE011.VDF : 7.11.55.145 2048 Bytes 03.01.2013 12:27:51
VBASE012.VDF : 7.11.55.146 2048 Bytes 03.01.2013 12:27:51
VBASE013.VDF : 7.11.55.196 260096 Bytes 04.01.2013 11:17:15
VBASE014.VDF : 7.11.55.197 2048 Bytes 04.01.2013 11:17:15
VBASE015.VDF : 7.11.55.198 2048 Bytes 04.01.2013 11:17:15
VBASE016.VDF : 7.11.55.199 2048 Bytes 04.01.2013 11:17:15
VBASE017.VDF : 7.11.55.200 2048 Bytes 04.01.2013 11:17:15
VBASE018.VDF : 7.11.55.201 2048 Bytes 04.01.2013 11:17:16
VBASE019.VDF : 7.11.55.202 2048 Bytes 04.01.2013 11:17:16
VBASE020.VDF : 7.11.55.203 2048 Bytes 04.01.2013 11:17:16
VBASE021.VDF : 7.11.55.204 2048 Bytes 04.01.2013 11:17:16
VBASE022.VDF : 7.11.55.205 2048 Bytes 04.01.2013 11:17:16
VBASE023.VDF : 7.11.55.206 2048 Bytes 04.01.2013 11:17:16
VBASE024.VDF : 7.11.55.207 2048 Bytes 04.01.2013 11:17:16
VBASE025.VDF : 7.11.55.208 2048 Bytes 04.01.2013 11:17:16
VBASE026.VDF : 7.11.55.209 2048 Bytes 04.01.2013 11:17:16
VBASE027.VDF : 7.11.55.210 2048 Bytes 04.01.2013 11:17:16
VBASE028.VDF : 7.11.55.211 2048 Bytes 04.01.2013 11:17:16
VBASE029.VDF : 7.11.55.212 2048 Bytes 04.01.2013 11:17:16
VBASE030.VDF : 7.11.55.213 2048 Bytes 04.01.2013 11:17:16
VBASE031.VDF : 7.11.55.216 3584 Bytes 04.01.2013 11:17:17
Engineversion : 8.2.10.224
AEVDF.DLL : 8.1.2.10 102772 Bytes 19.09.2012 13:42:55
AESCRIPT.DLL : 8.1.4.78 467323 Bytes 20.12.2012 18:29:37
AESCN.DLL : 8.1.10.0 131445 Bytes 14.12.2012 19:43:23
AESBX.DLL : 8.2.5.12 606578 Bytes 28.08.2012 15:58:06
AERDL.DLL : 8.2.0.74 643445 Bytes 07.11.2012 10:09:14
AEPACK.DLL : 8.3.1.2 819574 Bytes 20.12.2012 18:29:36
AEOFFICE.DLL : 8.1.2.50 201084 Bytes 05.11.2012 14:00:38
AEHEUR.DLL : 8.1.4.168 5628280 Bytes 20.12.2012 18:29:34
AEHELP.DLL : 8.1.25.2 258423 Bytes 12.10.2012 14:52:32
AEGEN.DLL : 8.1.6.12 434549 Bytes 14.12.2012 19:43:20
AEEXP.DLL : 8.3.0.4 184692 Bytes 20.12.2012 18:29:37
AEEMU.DLL : 8.1.3.2 393587 Bytes 19.09.2012 13:42:55
AECORE.DLL : 8.1.30.0 201079 Bytes 14.12.2012 19:43:19
AEBB.DLL : 8.1.1.4 53619 Bytes 05.11.2012 14:00:38
AVWINLL.DLL : 13.4.0.163 25888 Bytes 22.12.2012 19:01:51
AVPREF.DLL : 13.4.0.360 50464 Bytes 22.12.2012 19:03:44
AVREP.DLL : 13.4.0.360 177952 Bytes 22.12.2012 19:05:19
AVARKT.DLL : 13.6.0.402 260384 Bytes 22.12.2012 19:03:28
AVEVTLOG.DLL : 13.6.0.400 167200 Bytes 22.12.2012 19:03:32
SQLITE3.DLL : 3.7.0.1 397088 Bytes 22.12.2012 19:04:48
AVSMTP.DLL : 13.4.0.163 62752 Bytes 22.12.2012 19:03:47
NETNT.DLL : 13.4.0.360 15648 Bytes 22.12.2012 19:04:32
RCIMAGE.DLL : 13.4.0.360 4826400 Bytes 22.12.2012 19:01:54
RCTEXT.DLL : 13.4.0.360 68384 Bytes 22.12.2012 19:01:54
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Beginn des Suchlaufs: Freitag, 4. Januar 2013 12:20
Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf nach versteckten Objekten wird begonnen.
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '108' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'mobsync.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'notepad.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'SPMgr.exe' - '91' Modul(e) wurden durchsucht
Durchsuche Prozess 'SPMService.exe' - '95' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'conime.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'Apntex.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'ApMsgFwd.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'BtStackServer.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCSW.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'AVWEBGRD.EXE' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'avmailc.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'CCC.exe' - '165' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'VESMgrSub.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '7' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'VzCdbSvc.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCFw.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'VESMgr.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'uCamMonitor.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'NSUService.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'MWLaMaS.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'ehmsas.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'BTTray.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'ehtray.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'ToWLaAcF.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'SUPERANTISPYWARE.EXE' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'LANUtil.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'AgentMonitor.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'Updater.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'CNMNSUT.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'BJMYPRT.EXE' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'MOM.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'MarketingTools.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'ISBMgr.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'acrotray.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'Apoint.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'VAIOUpdt.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '148' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'PresentationFontCache.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '88' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '90' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLANExt.exe' - '87' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '98' Modul(e) wurden durchsucht
Durchsuche Prozess 'RtkAudioService.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '87' Modul(e) wurden durchsucht
Durchsuche Prozess 'SLsvc.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '156' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '116' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '2614' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\'
C:\Program Files\Big Fish Games Spiel-Suite\installers\atlantisskypatrol_s2_l2_gF1130T1L2_d0_xcd.exe
[0] Archivtyp: NSIS
--> [UnknownDir]/[UnknownDir]
[FUND] Ist das Trojanische Pferd TR/Agent.2409800
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
Beginne mit der Desinfektion:
C:\Program Files\Big Fish Games Spiel-Suite\installers\atlantisskypatrol_s2_l2_gF1130T1L2_d0_xcd.exe
[FUND] Ist das Trojanische Pferd TR/Agent.2409800
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '56807e9c.qua' verschoben!
Ende des Suchlaufs: Freitag, 4. Januar 2013 14:56
Benötigte Zeit: 2:31:40 Stunde(n)
Der Suchlauf wurde vollständig durchgeführt.
37306 Verzeichnisse wurden überprüft
598757 Dateien wurden geprüft
1 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
1 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
598756 Dateien ohne Befall
5976 Archive wurden durchsucht
1 Warnungen
1 Hinweise
700960 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden
Code:
ATTFilter Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.01.04.04 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Kögler :: xxxx-PC [Administrator] 04.01.2013 09:23:09 mbam-log-2013-01-04 (09-23-09).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 454114 Laufzeit: 1 Stunde(n), 59 Minute(n), 56 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Geändert von Heidi123 (06.01.2013 um 18:38 Uhr) |
|
06.01.2013, 18:50
| #2 |
| /// Malware-holic   | Virus Big Fish Games TR/Agent.2409800 Hi
__________________evtl. schon vor instaliert, wir gucken mal. Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ |
|
08.01.2013, 08:45
| #3 |
| | Virus Big Fish Games TR/Agent.2409800 Hallo Guten Morgen,
__________________habe deinen Auftrag ausgeführt  anbei die log-Datein OTL Logfile: Code:
ATTFilter OTL logfile created on: 07.01.2013 13:42:41 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\xxx\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,97 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 42,03% Memory free
6,13 Gb Paging File | 4,33 Gb Available in Paging File | 70,57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 359,62 Gb Total Space | 210,32 Gb Free Space | 58,48% Space Free | Partition Type: NTFS
Computer Name: xxx-PC | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.01.07 13:39:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Downloads\OTL(1).exe
PRC - [2012.12.22 20:04:41 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.12.22 20:03:48 | 000,565,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012.12.22 20:03:46 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.12.22 20:03:36 | 000,400,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe
PRC - [2012.12.22 20:03:34 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.12.22 20:03:33 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.11.08 03:26:52 | 000,377,800 | ---- | M] () -- C:\Programme\VTech\DownloadManager\System\AgentMonitor.exe
PRC - [2012.11.05 20:00:19 | 004,763,008 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2012.10.29 17:33:28 | 001,573,584 | ---- | M] (Ask) -- C:\Programme\Ask.com\Updater\Updater.exe
PRC - [2012.07.03 18:40:24 | 000,024,576 | ---- | M] (Sony Corporation) -- C:\Programme\sony\Marketing Tools\MarketingTools.exe
PRC - [2011.11.09 12:01:58 | 000,671,796 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) -- C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe
PRC - [2011.11.09 11:31:48 | 000,487,489 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) -- C:\Programme\Common Files\Marmiko Shared\MWLaMaS.exe
PRC - [2009.11.01 18:30:00 | 002,508,104 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.09.28 16:56:18 | 000,140,640 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.11.22 03:33:20 | 000,303,104 | ---- | M] (Sony Corporation) -- C:\Programme\sony\Network Utility\NSUService.exe
PRC - [2008.11.22 03:33:20 | 000,270,336 | ---- | M] (Sony Corporation) -- C:\Programme\sony\Network Utility\LANUtil.exe
PRC - [2008.11.05 17:32:28 | 000,203,624 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Event Service\VESMgr.exe
PRC - [2008.11.05 17:32:28 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Event Service\VESMgrSub.exe
PRC - [2008.10.17 18:16:54 | 000,415,584 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Power Management\SPMService.exe
PRC - [2008.10.17 11:28:57 | 000,102,400 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RTKAUDIOSERVICE.EXE
PRC - [2008.10.14 16:07:30 | 002,300,456 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2008.10.14 16:07:30 | 000,776,744 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.09.30 01:04:57 | 000,122,880 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\Apoint.exe
PRC - [2008.09.30 01:04:57 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\ApntEx.exe
PRC - [2008.09.30 01:04:55 | 000,050,472 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\ApMsgFwd.exe
PRC - [2008.09.18 09:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Programme\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2008.09.11 18:28:26 | 000,446,464 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2008.09.08 08:59:54 | 000,192,512 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2008.09.08 08:59:52 | 000,279,848 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2008.09.05 11:54:58 | 001,771,360 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Power Management\SPMgr.exe
PRC - [2008.08.28 19:21:36 | 000,870,240 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Update 4\VAIOUpdt.exe
PRC - [2008.06.11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Programme\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2008.04.03 19:32:48 | 000,317,280 | ---- | M] (Sony Corporation) -- C:\Programme\sony\ISB Utility\ISBMgr.exe
PRC - [2006.10.30 09:43:02 | 002,461,696 | ---- | M] (STOIK Imaging (www.stoik.com)) -- C:\Programme\Samsung\Digimax Master\DigimaxMaster.exe
========== Modules (No Company Name) ==========
MOD - [2012.11.18 20:40:49 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\eca677743544906340bc26d89c2538e4\System.IdentityModel.Selectors.ni.dll
MOD - [2012.11.18 20:40:48 | 001,070,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\6be544795f68114304a2efdd502a52f0\System.IdentityModel.ni.dll
MOD - [2012.11.18 20:40:46 | 002,346,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\68c89abe0ec8381863d6bb18539504f9\System.Runtime.Serialization.ni.dll
MOD - [2012.11.18 20:40:44 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\949339bed597380b8fb6dd2dc97d8006\SMDiagnostics.ni.dll
MOD - [2012.11.18 20:40:41 | 017,404,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\2d737eebab3321e31bf20296d04a0e1a\System.ServiceModel.ni.dll
MOD - [2012.11.18 20:40:24 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6525d5b1a3b2cbea3301959a47b353c2\System.ServiceProcess.ni.dll
MOD - [2012.11.18 20:40:18 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ac05afefb5b28893d44ec451da0e6d4e\System.Web.ni.dll
MOD - [2012.11.18 20:40:10 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2633dbf77be293b3a8693b6b062fd787\System.Runtime.Remoting.ni.dll
MOD - [2012.11.18 20:39:58 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7f15d0cb7e4f87f86e425d5ffe7e8280\System.Configuration.ni.dll
MOD - [2012.11.18 20:39:55 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\79f3661da2402c72b0bba0de1e55f4d1\Accessibility.ni.dll
MOD - [2012.11.16 19:40:35 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll
MOD - [2012.11.16 19:40:17 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\22e554f2c4da53c07e4815a24e2d50e2\System.Windows.Forms.ni.dll
MOD - [2012.11.16 19:40:09 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2c6cd37f29fc76d6c2ed6bbed202d82c\System.Drawing.ni.dll
MOD - [2012.11.16 19:38:46 | 007,976,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll
MOD - [2012.11.16 19:38:29 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll
MOD - [2012.11.08 03:26:52 | 000,377,800 | ---- | M] () -- C:\Programme\VTech\DownloadManager\System\AgentMonitor.exe
MOD - [2012.10.24 19:10:20 | 000,065,024 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012.08.06 10:54:24 | 009,843,640 | ---- | M] () -- C:\Programme\VTech\DownloadManager\System\QtWebKit4.dll
MOD - [2012.07.03 18:12:36 | 001,687,552 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3120.40644__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2012.07.03 18:12:36 | 000,270,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3120.40600__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2012.07.03 18:12:36 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3120.40658__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2012.07.03 18:12:36 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3120.40816__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2012.07.03 18:12:36 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3120.40636__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2012.07.03 18:12:36 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3120.40744__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2012.07.03 18:12:36 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3120.40622__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2012.07.03 18:12:35 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3120.40780__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2012.07.03 18:12:34 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3120.40847__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2012.07.03 18:12:22 | 000,348,160 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3120.40788__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2012.07.03 18:12:22 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3120.40854__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2012.07.03 18:12:22 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3120.40794__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2012.07.03 18:12:22 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3120.40615__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2012.07.03 18:12:22 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3120.40787__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2012.07.03 18:12:20 | 000,806,912 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3120.40747__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2012.07.03 18:12:20 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3120.40669__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2012.07.03 18:12:20 | 000,450,560 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3120.40739__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2012.07.03 18:12:20 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3120.40623__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2012.07.03 18:12:20 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3120.40806__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2012.07.03 18:12:20 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3120.40774__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2012.07.03 18:12:20 | 000,376,832 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3120.40745__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2012.07.03 18:12:20 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3120.40675__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2012.07.03 18:12:20 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3120.40664__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2012.07.03 18:12:20 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3120.40762__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2012.07.03 18:12:20 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3120.40746__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2012.07.03 18:12:20 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3120.40744__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2012.07.03 18:12:20 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3120.40675__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2012.07.03 18:12:20 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3120.40745__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2012.07.03 18:12:20 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3120.40761__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2012.07.03 18:12:20 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3120.40773__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2012.07.03 18:12:20 | 000,008,192 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3120.40587__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2012.07.03 18:12:20 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3120.40582__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2012.07.03 18:12:20 | 000,006,144 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3120.40587__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2012.07.03 18:12:20 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3120.40588__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2012.07.03 18:12:19 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3120.40581__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2012.07.03 18:12:19 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3120.40583__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2012.07.03 18:12:19 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3120.40786__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2012.07.03 18:12:19 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2012.07.03 18:12:19 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3120.40846__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2012.07.03 18:12:19 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3120.40837__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2012.07.03 18:12:19 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3120.40583__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2012.07.03 18:12:19 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3120.40583__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2012.07.03 18:12:19 | 000,019,968 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3120.40580__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2012.07.03 18:12:19 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2012.07.03 18:12:19 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2012.07.03 18:12:19 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3120.40636__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2012.07.03 18:12:19 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3120.40614__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2012.07.03 18:12:19 | 000,015,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3120.40582__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2012.07.03 18:12:19 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3120.40582__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2012.07.03 18:12:19 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3120.40598__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2012.07.03 18:12:19 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3120.40599__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2012.07.03 18:12:19 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2012.07.03 18:12:19 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3120.40845__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2012.07.03 18:12:19 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3120.40584__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2012.07.03 18:12:19 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3120.40585__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2012.07.03 18:12:19 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3120.40600__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2012.07.03 18:12:19 | 000,005,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3120.40599__90ba9c70f846762e\DEM.OS.dll
MOD - [2012.07.03 18:12:18 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3120.40746__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2012.07.03 18:12:18 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3120.40599__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2012.07.03 18:12:17 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3120.40816__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2012.07.03 18:12:17 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3120.40745__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2012.07.03 18:12:17 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3120.40642__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2012.07.03 18:12:17 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3120.40780__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2012.07.03 18:12:17 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3120.40621__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2012.07.03 18:12:17 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3120.40621__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2012.07.03 18:12:17 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3120.40621__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2012.07.03 18:12:17 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3120.40642__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2012.07.03 18:12:17 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3120.40761__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2012.07.03 18:12:17 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2012.07.03 18:12:17 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3120.40582__90ba9c70f846762e\APM.Foundation.dll
MOD - [2012.07.03 18:12:17 | 000,006,144 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3120.40589__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2012.07.03 18:12:13 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory.resources\2.0.3120.40592_de_90ba9c70f846762e\CLI.Component.SkinFactory.resources.dll
MOD - [2012.07.03 18:12:13 | 000,005,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.3120.40829_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll
MOD - [2012.07.03 18:12:12 | 000,995,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3120.40608__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2012.07.03 18:12:12 | 000,417,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3120.40829__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2012.07.03 18:12:12 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3120.40629__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2012.07.03 18:12:12 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3120.40837__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2012.07.03 18:12:12 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3120.40836__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2012.07.03 18:12:12 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3120.40592__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2012.07.03 18:12:12 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3120.40591__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2012.07.03 18:12:12 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3120.40587__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2012.07.03 18:12:12 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3120.40867__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2012.07.03 18:12:12 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3120.40586__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2012.07.03 18:12:12 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3120.40607__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2012.07.03 18:12:12 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3120.40585__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2012.07.03 18:12:12 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3120.40584__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2012.07.03 18:12:12 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2012.07.03 18:12:12 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2012.07.03 18:12:12 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3120.40629__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2012.07.03 18:12:12 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3120.40878__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2012.07.03 18:12:12 | 000,010,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3120.40607__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2012.07.03 18:12:12 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3120.40650__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2012.07.03 18:12:12 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3120.40588__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2012.07.03 18:12:12 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3120.40591__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2012.07.03 18:12:11 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3120.40599__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2012.07.03 18:12:11 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3120.40590__90ba9c70f846762e\APM.Server.dll
MOD - [2012.07.03 18:12:11 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3120.40589__90ba9c70f846762e\AEM.Server.dll
MOD - [2012.07.03 18:12:11 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2012.07.03 18:12:11 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3120.40837__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2010.11.11 10:24:31 | 000,028,160 | ---- | M] () -- C:\Programme\VTech\DownloadManager\System\DACommCenter.dll
MOD - [2010.07.13 14:07:23 | 007,826,432 | ---- | M] () -- C:\Programme\VTech\DownloadManager\System\QtGui4.dll
MOD - [2010.07.05 10:19:39 | 000,116,736 | ---- | M] () -- C:\Programme\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
MOD - [2010.06.24 02:16:19 | 002,150,400 | ---- | M] () -- C:\Programme\VTech\DownloadManager\System\QtCore4.dll
MOD - [2010.06.02 06:05:40 | 000,119,808 | ---- | M] () -- C:\Programme\VTech\DownloadManager\System\imageformats\qjpeg4.dll
MOD - [2010.06.02 03:56:04 | 000,232,960 | ---- | M] () -- C:\Programme\VTech\DownloadManager\System\phonon4.dll
MOD - [2010.06.02 03:54:24 | 002,530,816 | ---- | M] () -- C:\Programme\VTech\DownloadManager\System\QtXmlPatterns4.dll
MOD - [2010.06.02 03:29:22 | 000,934,912 | ---- | M] () -- C:\Programme\VTech\DownloadManager\System\QtNetwork4.dll
MOD - [2010.06.02 03:28:00 | 000,335,360 | ---- | M] () -- C:\Programme\VTech\DownloadManager\System\QtXml4.dll
MOD - [2009.12.09 07:54:50 | 000,495,616 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll
MOD - [2009.03.30 05:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.03.30 05:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.11.25 13:41:44 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SPMDam\3.1.0.6020__1b3c579b6925895f\SPMDam.dll
MOD - [2008.11.25 13:41:39 | 000,086,016 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SPMCommon\3.1.0.6020__e3c7096ba83f9295\SPMCommon.dll
MOD - [2008.10.14 15:56:08 | 000,126,976 | ---- | M] () -- C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2008.09.25 01:44:18 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008.08.26 10:41:42 | 000,016,384 | R--- | M] () -- c:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2006.10.30 08:31:48 | 000,170,496 | ---- | M] () -- C:\Programme\Samsung\Digimax Master\ToolPanel.dll
MOD - [2006.07.26 14:32:28 | 000,053,248 | ---- | M] () -- C:\Programme\Samsung\Digimax Master\AnimGIFWA.dll
MOD - [2006.06.15 09:29:24 | 000,274,432 | R--- | M] () -- C:\Programme\Samsung\Digimax Master\Stwablt2002.dll
MOD - [2006.01.24 14:40:06 | 000,274,432 | ---- | M] () -- C:\Programme\Samsung\Digimax Master\impexp2002.dll
MOD - [2005.06.29 14:54:02 | 000,036,864 | ---- | M] () -- C:\Programme\Samsung\Digimax Master\QTGrabber.dll
MOD - [2003.11.26 09:57:20 | 000,143,360 | ---- | M] () -- C:\Programme\Samsung\Digimax Master\InterfaceRes1.dll
MOD - [2003.05.15 14:06:34 | 000,458,830 | ---- | M] () -- C:\Programme\Samsung\Digimax Master\Stapi2002.dll
MOD - [2003.02.14 17:09:24 | 000,081,920 | ---- | M] () -- C:\Programme\Samsung\Digimax Master\Stxform.dll
MOD - [2002.09.06 11:17:42 | 000,270,414 | ---- | M] () -- C:\Programme\Samsung\Digimax Master\Stfrg2002.dll
========== Services (SafeList) ==========
SRV - [2012.12.22 20:04:41 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.12.22 20:03:48 | 000,565,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012.12.22 20:03:36 | 000,400,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2012.12.22 20:03:34 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.12.06 20:47:46 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.09.10 11:14:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Disabled | Stopped] -- C:\Programme\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2008.11.25 13:40:16 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [Disabled | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.11.22 03:33:20 | 000,303,104 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\sony\Network Utility\NSUService.exe -- (NSUService)
SRV - [2008.11.05 17:32:28 | 000,203,624 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2008.10.21 09:52:38 | 000,353,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\sony\VAIO Media plus\SOHDms.exe -- (SOHDms)
SRV - [2008.10.21 09:52:38 | 000,062,752 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\sony\VAIO Media plus\SOHDs.exe -- (SOHDs)
SRV - [2008.10.21 09:52:36 | 000,103,712 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\sony\VAIO Media plus\SOHCImp.exe -- (SOHCImp)
SRV - [2008.10.17 18:16:54 | 000,415,584 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV - [2008.10.17 11:28:57 | 000,102,400 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Windows\RTKAUDIOSERVICE.EXE -- (RtkAudioService)
SRV - [2008.10.01 17:18:48 | 000,369,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2008.09.19 09:06:22 | 000,083,232 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2008.09.18 09:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Programme\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2008.09.11 18:28:26 | 000,446,464 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2008.09.08 08:59:56 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2008.09.08 08:59:54 | 000,192,512 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2008.09.08 08:59:52 | 000,279,848 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2008.08.20 15:38:30 | 000,860,160 | ---- | M] (Intel(R) Corporation) [Disabled | Stopped] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008.08.20 15:08:02 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Disabled | Stopped] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008.08.01 13:31:00 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008.05.20 00:51:34 | 000,077,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2008.05.20 00:49:04 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2008.05.20 00:29:06 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2008.01.21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.09.10 23:45:04 | 000,124,832 | ---- | M] () [Disabled | Stopped] -- c:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007.08.24 02:19:12 | 000,443,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2007.01.04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) [Disabled | Stopped] -- c:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006.10.26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.12.22 20:05:17 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.12.22 20:05:16 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.12.22 20:05:15 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.08.27 14:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2011.07.22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.08.27 12:23:08 | 000,019,200 | ---- | M] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\MTOnlPktAlyx.sys -- (MTOnlPktAlyX)
DRV - [2008.10.24 01:06:27 | 000,150,560 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008.10.23 01:02:23 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\risdptsk.sys -- (risdptsk)
DRV - [2008.10.23 01:02:02 | 000,068,608 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008.09.30 01:04:57 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008.09.25 01:44:13 | 003,847,168 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.08.28 22:48:46 | 003,664,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2008.08.22 16:22:42 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2008.08.22 01:06:22 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2008.06.07 01:02:55 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2008.04.24 13:06:40 | 000,017,920 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2008.01.25 03:14:25 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.04.17 19:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
IE - HKLM\..\SearchScopes,DefaultScope = {E0775E9E-5DDC-4C12-B58D-79B2B5918CE9}
IE - HKLM\..\SearchScopes\{E0775E9E-5DDC-4C12-B58D-79B2B5918CE9}: "URL" = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope = {E0775E9E-5DDC-4C12-B58D-79B2B5918CE9}
IE - HKCU\..\SearchScopes\{37D5F3A9-D090-4997-BBF7-207DD06165E8}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=3d4e2a87-205b-4d04-ab52-56a08c7cf486&apn_sauid=4D20FB5B-EAF0-4D15-AFB5-A868A46084A2
IE - HKCU\..\SearchScopes\{E0775E9E-5DDC-4C12-B58D-79B2B5918CE9}: "URL" = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=&rlz=1I7SNYK_de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE"
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0037-ABCDEFFEDCBA%7D:6.0.37
FF - prefs.js..extensions.enabledAddons: totbff01%40telekom.de:3.0.42
FF - prefs.js..extensions.enabledAddons: toolbar%40ask.com:3.15.11.100015
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..extensions.enabledItems: totbff01@telekom.de:3.0.38
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:10.1.0.68 - 1
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10261&locale=de_DE&apn_uid=3d4e2a87-205b-4d04-ab52-56a08c7cf486&apn_ptnrs=^AGS&apn_sauid=4D20FB5B-EAF0-4D15-AFB5-A868A46084A2&apn_dtid=^YYYYYY^YY^DE&&q="
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.06 20:47:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.06 20:47:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2012.07.03 19:23:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Extensions
[2012.12.19 14:05:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\3k3t80pt.default\extensions
[2012.12.12 10:31:49 | 000,000,000 | ---D | M] ("Avira SearchFree Toolbar plus Web Protection") -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\3k3t80pt.default\extensions\toolbar@ask.com
[2012.12.19 14:05:04 | 000,000,000 | ---D | M] (Telekom Toolbar 3.0) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\3k3t80pt.default\extensions\totbff01@telekom.de
[2012.08.21 09:11:52 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\3k3t80pt.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2012.08.07 00:53:50 | 000,007,915 | ---- | M] () (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\3k3t80pt.default\extensions\toolbar@ask.com\chrome\content\Abine\chrome\content\ff\view_expiry.js
[2012.07.03 19:24:18 | 000,002,101 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\3k3t80pt.default\searchplugins\amazonde.xml
[2013.01.06 20:05:57 | 000,002,413 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\3k3t80pt.default\searchplugins\askcom.xml
[2012.07.03 19:24:18 | 000,001,544 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\3k3t80pt.default\searchplugins\einkaufswelt.xml
[2012.07.03 19:24:18 | 000,002,121 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\3k3t80pt.default\searchplugins\leo-franzsisch.xml
[2012.07.03 19:24:18 | 000,002,099 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\3k3t80pt.default\searchplugins\leo-spanisch.xml
[2012.07.03 19:24:19 | 000,001,207 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\3k3t80pt.default\searchplugins\t-onlinede-portalsuche.xml
[2012.07.03 19:24:19 | 000,001,810 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\3k3t80pt.default\searchplugins\t-onlinede-websuche.xml
[2012.12.06 20:47:40 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.12.06 20:47:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2012.12.06 20:47:40 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
File not found (No name found) -- C:\USERS\KöGLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3K3T80PT.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM
File not found (No name found) -- C:\USERS\KöGLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3K3T80PT.DEFAULT\EXTENSIONS\TOTBFF01@TELEKOM.DE
[2012.12.06 20:47:47 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.10.24 23:03:12 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.24 23:03:11 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.10.24 23:03:12 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.24 23:03:12 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.24 23:03:12 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.24 23:03:11 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AgentMonitor] C:\Programme\VTech\DownloadManager\System\AgentMonitor.exe ()
O4 - HKLM..\Run: [AML] C:\Program Files\Sony\VAIO Launcher\AML.exe (Sony)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Programme\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Programme\sony\Marketing Tools\MarketingTools.exe (Sony Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [T-Online_Software_6\WLAN-Access Finder] C:\Program Files\T-Online\WLAN-Access Finder\ToWLaAcF.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{662807F0-7763-4043-9EFF-AE2662A51650}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FCC53B37-DB83-4EF0-93BB-492333932B22}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\xxx\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\xxx\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - State: "services" - 2
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2013.01.06 18:57:39 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\Macromedia
[2013.01.06 18:55:56 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\vlc
[2013.01.06 18:54:40 | 000,000,000 | ---D | C] -- C:\Update
[2013.01.04 09:19:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.01.04 09:19:04 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.01.04 09:19:04 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.12.24 19:29:04 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\cache
[2012.12.24 19:25:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VTech
[2012.12.24 19:24:03 | 000,000,000 | ---D | C] -- C:\ProgramData\VTech
[2012.12.24 19:24:03 | 000,000,000 | ---D | C] -- C:\Program Files\VTech
[2012.12.22 20:11:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.12.11 22:20:08 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Avira
[2012.12.11 22:14:20 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2012.12.11 22:13:51 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.12.11 22:13:50 | 000,134,336 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.12.11 22:13:50 | 000,083,944 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.12.11 22:13:50 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.12.11 22:13:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.12.11 22:13:50 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.01.07 13:43:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.07 13:40:43 | 000,001,248 | ---- | M] () -- C:\Users\xxx\Desktop\OTL(1) - Verknüpfung.lnk
[2013.01.07 13:30:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.07 11:18:45 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.07 06:49:11 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.07 06:49:11 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.06 18:56:46 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.01.06 18:56:46 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.01.06 18:56:46 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.01.06 18:56:46 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.01.06 18:48:59 | 3186,663,424 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.06 18:47:58 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013.01.04 09:19:05 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.01.03 22:19:42 | 000,033,337 | ---- | M] () -- C:\Users\xxx\Documents\westernsattel.odt
[2012.12.24 21:01:02 | 000,000,662 | ---- | M] () -- C:\Users\xxx\AppData\Local\cookies.ini
[2012.12.24 19:25:09 | 000,001,006 | ---- | M] () -- C:\Users\xxx\Desktop\VTech Download Manager.lnk
[2012.12.24 19:23:28 | 000,006,144 | ---- | M] () -- C:\Users\xxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.23 14:05:14 | 000,001,748 | -H-- | M] () -- C:\Users\xxx\Documents\Default.rdp
[2012.12.22 20:20:24 | 000,384,400 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.12.22 20:11:07 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.12.22 20:05:17 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.12.22 20:05:16 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.12.22 20:05:15 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.12.08 17:06:01 | 000,026,797 | ---- | M] () -- C:\Users\xxx\Documents\Innenseite Programm 2012 neu.pdf
[2012.12.08 17:05:22 | 000,134,586 | ---- | M] () -- C:\Users\xxx\Documents\Deckblatt Programm 2012 neu.pdf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.01.07 13:40:38 | 000,001,248 | ---- | C] () -- C:\Users\xxx\Desktop\OTL(1) - Verknüpfung.lnk
[2013.01.04 09:19:05 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.01.03 22:19:39 | 000,033,337 | ---- | C] () -- C:\Users\xxx\Documents\westernsattel.odt
[2012.12.24 19:29:16 | 000,000,662 | ---- | C] () -- C:\Users\xxx\AppData\Local\cookies.ini
[2012.12.24 19:25:09 | 000,001,006 | ---- | C] () -- C:\Users\xxx\Desktop\VTech Download Manager.lnk
[2012.12.23 13:07:07 | 000,001,748 | -H-- | C] () -- C:\Users\xxx\Documents\Default.rdp
[2012.12.14 22:25:38 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.12.14 22:25:38 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.12.11 22:14:38 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.12.08 17:05:59 | 000,026,797 | ---- | C] () -- C:\Users\xxx\Documents\Innenseite Programm 2012 neu.pdf
[2012.12.08 17:05:19 | 000,134,586 | ---- | C] () -- C:\Users\xxx\Documents\Deckblatt Programm 2012 neu.pdf
[2012.12.06 20:32:25 | 000,019,170 | ---- | C] () -- C:\Users\xxx\November2012.elfo
[2012.11.19 09:54:00 | 000,004,661 | ---- | C] () -- C:\Users\xxx\November 2012.elfo
[2012.11.19 09:52:38 | 000,019,214 | ---- | C] () -- C:\Users\xxx\Oktober 2012.elfo
[2012.10.15 19:39:41 | 000,000,005 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\mbam.context.scan
[2012.10.15 18:58:32 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2012.10.10 13:07:58 | 000,019,218 | ---- | C] () -- C:\Users\xxx\September 2012.elfo
[2012.09.01 20:31:13 | 000,019,214 | ---- | C] () -- C:\Users\xxx\Aug.2012.elfo
[2012.08.16 10:59:14 | 000,033,400 | ---- | C] () -- C:\Users\xxx\Umsatzsteuer-Jahresmeldung 2011.elfo
[2012.08.06 10:37:28 | 000,019,210 | ---- | C] () -- C:\Users\xxx\Juli 2012.elfo
[2012.07.08 19:06:01 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012.07.08 19:06:01 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012.07.06 16:35:08 | 000,019,254 | ---- | C] () -- C:\Users\xxx\Juni 2012.elfo
[2012.07.06 16:30:52 | 000,018,774 | ---- | C] () -- C:\Users\xxx\Mai 2012.elfo
[2012.07.03 18:51:57 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2012.07.03 18:42:29 | 000,344,064 | ---- | C] () -- C:\Windows\System32\SSMSIppCustom.dll
[2012.07.03 18:32:42 | 000,000,196 | ---- | C] () -- C:\Windows\ulead32.ini
[2012.07.03 18:17:27 | 000,552,960 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2012.07.03 18:17:27 | 000,159,744 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2012.07.03 18:17:26 | 000,008,704 | ---- | C] () -- C:\Windows\System32\vidccleaner.exe
[2012.07.03 18:16:05 | 000,006,144 | ---- | C] () -- C:\Users\xxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.03 18:15:50 | 000,040,960 | ---- | C] () -- C:\Windows\unS385_.dll
[2012.07.03 18:05:20 | 000,001,356 | ---- | C] () -- C:\Users\xxx\AppData\Local\d3d9caps.dat
[2012.07.03 17:57:30 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
========== ZeroAccess Check ==========
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.07.04 18:58:42 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Canon
[2012.07.06 16:26:42 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\elsterformular
[2012.07.03 18:49:44 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\InfraRecorder
[2012.07.03 19:32:02 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\OpenOffice.org
[2012.07.11 20:29:45 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\RavensburgerTipToi
[2012.07.03 18:57:56 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\T-Online
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2012.07.03 18:06:20 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2012.11.01 18:36:01 | 000,000,000 | -HSD | M] -- C:\Boot
[2012.07.03 18:52:02 | 000,000,000 | ---D | M] -- C:\Documentation
[2006.11.02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012.07.03 18:01:36 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012.09.12 12:19:49 | 000,000,000 | -HSD | M] -- C:\found.000
[2012.07.03 18:27:44 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2012.07.06 10:36:08 | 000,000,000 | ---D | M] -- C:\N360_BACKUP
[2008.01.21 03:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2013.01.06 18:48:55 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.12.24 19:24:03 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012.07.03 18:01:36 | 000,000,000 | -HSD | M] -- C:\Programme
[2013.01.07 13:45:23 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2013.01.06 18:54:40 | 000,000,000 | ---D | M] -- C:\Update
[2012.07.03 18:05:13 | 000,000,000 | R--D | M] -- C:\Users
[2012.12.15 10:34:05 | 000,000,000 | ---D | M] -- C:\Windows
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< C:\Windows\system32\*.tsp >
[2006.11.02 10:44:49 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2006.11.02 10:44:49 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2006.11.02 10:44:49 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2006.11.02 10:44:49 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2009.04.11 07:27:17 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2006.11.02 14:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006.11.02 14:01:49 | 000,032,582 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.07.09 19:23:39 | 000,001,094 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.07.09 19:23:40 | 000,001,098 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< MD5 for: AGP440.SYS >
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: IASTOR.SYS >
[2008.10.17 03:16:55 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\Windows\Drivers\INF\SATA Driver (Intel) (Non-RAID)\IaStor.sys
[2008.10.17 03:16:55 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\Windows\System32\drivers\iaStor.sys
[2008.10.17 03:16:55 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_3c4af4a0\iaStor.sys
[2008.10.17 03:16:55 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_976b5a8f\iaStor.sys
< MD5 for: IASTORV.SYS >
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: USER32.DLL >
[2008.01.21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
< MD5 for: USERINIT.EXE >
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WINLOGON.EXE >
[2012.12.14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.01.21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\*.dll /lockedfiles >
[2008.09.25 01:44:10 | 000,421,888 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll
< %USERPROFILE%\*.* >
[2012.09.01 20:31:39 | 000,019,214 | ---- | M] () -- C:\Users\xxx\Aug.2012.elfo
[2012.08.06 10:37:46 | 000,019,210 | ---- | M] () -- C:\Users\xxx\Juli 2012.elfo
[2012.07.06 16:35:23 | 000,019,254 | ---- | M] () -- C:\Users\xxx\Juni 2012.elfo
[2012.07.06 16:31:17 | 000,018,774 | ---- | M] () -- C:\Users\xxx\Mai 2012.elfo
[2012.11.19 09:54:04 | 000,004,661 | ---- | M] () -- C:\Users\xxx\November 2012.elfo
[2012.12.06 20:33:28 | 000,019,170 | ---- | M] () -- C:\Users\xxx\November2012.elfo
[2013.01.07 14:03:55 | 002,359,296 | -HS- | M] () -- C:\Users\xxx\ntuser.dat
[2013.01.07 14:03:55 | 000,262,144 | -H-- | M] () -- C:\Users\xxx\ntuser.dat.LOG1
[2012.07.03 18:05:22 | 000,000,000 | -H-- | M] () -- C:\Users\xxx\ntuser.dat.LOG2
[2012.07.26 14:31:58 | 000,065,536 | -HS- | M] () -- C:\Users\xxx\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2012.07.26 14:31:58 | 000,524,288 | -HS- | M] () -- C:\Users\xxx\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2012.07.03 19:16:15 | 000,524,288 | -HS- | M] () -- C:\Users\xxx\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2012.10.11 21:07:57 | 000,065,536 | -HS- | M] () -- C:\Users\xxx\ntuser.dat{a59289b9-db3f-11e1-add1-00214fb8114a}.TM.blf
[2012.10.11 21:07:57 | 000,524,288 | -HS- | M] () -- C:\Users\xxx\ntuser.dat{a59289b9-db3f-11e1-add1-00214fb8114a}.TMContainer00000000000000000001.regtrans-ms
[2012.07.31 20:32:41 | 000,524,288 | -HS- | M] () -- C:\Users\xxx\ntuser.dat{a59289b9-db3f-11e1-add1-00214fb8114a}.TMContainer00000000000000000002.regtrans-ms
[2013.01.06 18:47:54 | 000,065,536 | -HS- | M] () -- C:\Users\xxx\ntuser.dat{dbd4dc1e-1499-11e2-85b5-00214fb8114a}.TM.blf
[2013.01.06 18:47:54 | 000,524,288 | -HS- | M] () -- C:\Users\xxx\ntuser.dat{dbd4dc1e-1499-11e2-85b5-00214fb8114a}.TMContainer00000000000000000001.regtrans-ms
[2012.10.12 21:27:22 | 000,524,288 | -HS- | M] () -- C:\Users\xxx\ntuser.dat{dbd4dc1e-1499-11e2-85b5-00214fb8114a}.TMContainer00000000000000000002.regtrans-ms
[2008.01.21 02:42:57 | 000,000,020 | -HS- | M] () -- C:\Users\xxx\ntuser.ini
[2012.11.19 09:52:57 | 000,019,214 | ---- | M] () -- C:\Users\xxx\Oktober 2012.elfo
[2012.10.10 13:08:17 | 000,019,218 | ---- | M] () -- C:\Users\xxx\September 2012.elfo
[2012.08.16 10:59:41 | 000,033,400 | ---- | M] () -- C:\Users\xxx\Umsatzsteuer-Jahresmeldung 2011.elfo
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
< >
========== Alternate Data Streams ==========
@Alternate Data Stream - 280 bytes -> C:\Windows\System32\msln.exe:139bb1fd047c6491d733cd2281a06101
< End of report >
[/code] OTL Logfile: Code:
ATTFilter oTL Extras logfile created on: 07.01.2013 13:42:41 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\xxx\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,97 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 42,03% Memory free
6,13 Gb Paging File | 4,33 Gb Available in Paging File | 70,57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 359,62 Gb Total Space | 210,32 Gb Free Space | 58,48% Space Free | Partition Type: NTFS
Computer Name: xxx-PC | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] --
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [open] --
htmlfile [opennew] --
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Program Files\dm\dm-Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [dm-Fotowelt] -- "C:\Program Files\dm\dm-Fotowelt\dm-Fotowelt.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Telekom Fotoservice] -- "C:\Program Files\Deutsche Telekom\Telekom Fotoservice\Telekom Fotoservice.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{16A4E04A-8C42-4374-9F6A-E87D277F8661}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1E718CF5-E7DF-4D50-A24F-DB91990B6779}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{3D7F5A22-A0E1-4BBA-A429-131A4181F20A}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{6E75F2CC-1AAD-4010-ACE7-3B350A6D794E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DC7E132A-E454-46E6-A9B6-7A63757227DE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E0E1F275-7D66-4AE4-BFA5-EF59285D3C2A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E6CCC1CF-B891-4082-B930-8B73979536A1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F1C4CA35-8322-433A-995C-F9B65A08D6BA}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{067458B4-0D42-47FC-870D-E791D2772596}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{16275015-D5CC-4F8A-9E9C-9DF200D41671}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{385D583F-C77E-4A8D-A18E-AFDE6B4320B6}" = protocol=17 | dir=in | app=c:\users\xxx\appdata\local\temp\7zs1f63.tmp\symnrt.exe |
"{626E310C-2EB2-4962-9780-DDA4444C75AF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{87E5CDAF-FBC8-4CD8-AB79-382839AF409D}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{8DBF1517-1527-4FDA-847D-D94BC62B8380}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9229E2F0-0C53-4ECB-A112-18DF65090B7A}" = protocol=6 | dir=in | app=c:\users\xxx\appdata\local\temp\7zs1f63.tmp\symnrt.exe |
"{9B2DB6BD-3BDC-4FB6-B2C7-452B7FA732D4}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{018F8F57-B46B-B9B9-C452-DE8F5618434F}" = Catalyst Control Center Graphics Full Existing
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{025C3792-E9C6-432A-92C1-661F99D021CA}" = Ulead Photo Explorer 8.5
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07C93E59-2DE3-1565-28A9-8C848B26D0F5}" = CCC Help German
"{088C7311-A3BB-43C5-B046-C114D2F9728C}" = VAIO Media plus
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{0A6F9244-8C79-1296-3A43-097F67EB666A}" = Catalyst Control Center Localization Dutch
"{0E3C2706-59A3-426E-A0EA-65BFF05048C7}" = VAIO Content Metadata Intelligent Analyzing Manager
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series" = Canon MX870 series MP Drivers
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{1790FDA2-938F-C886-8988-1ECB74E45517}" = Catalyst Control Center Localization Norwegian
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1C815731-19F3-0770-8776-D78D6BEBC291}" = Catalyst Control Center Localization Hungarian
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1EC06E70-BE43-DAAA-A217-E5C98869B1F8}" = Catalyst Control Center Localization Greek
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{2018C019-30D9-4240-8C01-0865C10DCF5A}" = Unterstützung für VAIO-Präsentation
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"{2217B0B4-35CB-48C6-B640-864DF2F30F99}" = OpenOffice.org 3.2
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{252E50FD-F27C-C8DD-C9E2-D2845A2DC399}" = ATI Catalyst Install Manager
"{25BA8D5A-228A-7192-6FA1-890D9F1C679F}" = CCC Help Korean
"{26A24AE4-039D-4CA4-87B4-2F83216037FF}" = Java(TM) 6 Update 37
"{295C31E5-3F91-498E-9623-DA24D2FA2B6A}" = T-Online WLAN-Access Finder
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{327B75F0-92AF-420A-988F-FA596A218E0B}" = VAIO Content Folder Watcher
"{36557787-E9BE-40E0-8627-C6C3486FF1CF}" = VAIO Content Metadata Intelligent Analyzing Manager
"{36BDB1C2-CC66-41EB-B7DD-76339A7BB046}" = VAIO Edit Components
"{3B311FB9-5B6A-328C-D7AE-2445D639D886}" = CCC Help Norwegian
"{3B659FAD-E772-44A3-B7E7-560FF084669F}" = VAIO Smart Network
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CEA4CA8-CDD4-451C-B673-E8F17BE01B15}" = Ulead COOL 360 1.0
"{3D333C7C-102B-F474-9524-72AAA3F292B8}" = Catalyst Control Center Localization Danish
"{3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}" = Adobe Premiere Elements 4.0
"{40C4903E-EDFB-4CAE-A611-41FEBA585921}" = VTech Download Agent Library
"{4529BC6B-16AE-6829-4946-36C33DBF8DD1}" = Catalyst Control Center Localization French
"{46D7A7FB-305B-F77D-60F8-8FAE1C432374}" = Catalyst Control Center InstallProxy
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{527EB2A4-BF51-B1B6-3F09-2032A861548E}" = Catalyst Control Center Graphics Light
"{52A7C6A6-6B88-47D1-922E-9F8A7E089E6A}" = Intel(R) PROSet/Wireless WiFi-Software
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{55AF809F-BD6D-45AF-A2C2-833308FA432A}" = VAIO Content Metadata XML Interface Library
"{55C0F7C1-8B6D-CBBD-2B88-EE7261A87254}" = CCC Help Greek
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" =
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Energie Verwaltung
"{629FD96D-5877-0832-2D31-0EFE781F870D}" = CCC Help Portuguese
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio
"{652C5DED-9B9F-93D0-5E94-931B8C38EF0E}" = Catalyst Control Center Localization Thai
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{69C8B1E3-2665-4A0F-B049-67746E5C4CE3}" = Software Info for Me&My VAIO
"{6A54CB6A-59D1-6A3A-08F3-E34ECF8905A9}" = Catalyst Control Center Graphics Previews Vista
"{6AA6EEA5-BF09-932B-AC25-0E9CCA4B709A}" = CCC Help Danish
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6C4EF0CA-A9DD-96CF-B722-CCDEB589DD26}" = Catalyst Control Center Localization Chinese Traditional
"{6D4673B7-A982-43E5-82E9-13E037681478}" = Click to Disc
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{711D43D7-24FE-A2B7-CC52-A48BCAAF3926}" = Catalyst Control Center Graphics Previews Common
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73496381-83C9-7BE6-6EB6-4CF97C00E5FD}" = CCC Help Polish
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{75F52FAC-16CE-4A2A-B89A-9742F39A1864}" = VAIO Movie Story
"{76D7CCD6-8369-405C-B494-5F34FAE67249}" = Me&My VAIO
"{79BBD55C-9FF6-D496-8AE6-E2EC2829F974}" = Catalyst Control Center Localization Czech
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{7CC28423-465C-F4B9-9379-343DF715BE62}" = CCC Help Swedish
"{80828DF5-270E-F8E6-6274-55ACA4C7E229}" = Catalyst Control Center Localization Japanese
"{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}" = VAIO Update 4
"{84037798-D63A-F5CA-9FB2-829B362BF712}" = CCC Help Finnish
"{8470A1D9-536E-C7C1-AE2D-24B739B1665A}" = Catalyst Control Center Localization Russian
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{882683C6-8B60-5CBC-38A8-55ED185FD975}" = CCC Help Turkish
"{8843C5E1-51E5-DFA6-1AD8-757C8DCA7E37}" = CCC Help Russian
"{88C023FB-E7F6-4415-ACEF-82372B8A05A8}" = Samsung USB Driver
"{88C596E4-6882-8E76-EBEF-AB739F5A3B69}" = Catalyst Control Center Localization Italian
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C467DE1-6E04-0888-B281-172909C96F37}" = Skins
"{8C7FB08D-7A84-22E0-F553-F6B827023E17}" = CCC Help Chinese Traditional
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{58FC5E37-DD28-4D4A-A549-125744C6763C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91F2D688-B8CB-4461-A92D-6B35279DAE8F}" = VAIO Content Folder Watcher
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{93F32124-BB54-C599-CF55-E1E57565BCE3}" = CCC Help Czech
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96C951BB-47C8-8497-78F0-7D8D328B58E3}" = Catalyst Control Center Localization Portuguese
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2
"{99D8CD4E-A5D2-A9DF-A152-B28EB5A71F85}" = Catalyst Control Center Localization German
"{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plugins
"{9EAC0E21-510E-4259-A9C6-F5D5B8969036}" = Catalyst Control Center - Branding
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A2052C95-48CC-4AC9-A8D4-FCD89DDD8F2C}" = VAIO Content Folder Watcher
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939F952-1C7E-CBF8-EE77-CFBD9C6A4ECC}" = ccc-core-static
"{AA75988E-9EC1-EECE-CE00-D5D935974528}" = CCC Help Dutch
"{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat 9 Standard - English, Français, Deutsch
"{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat 9 Standard - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{ACB5FD4A-6C58-972C-180C-9677C037E71D}" = Catalyst Control Center Localization Chinese Standard
"{ADBDB038-FF77-C672-04A1-7A0E67E8C73C}" = Catalyst Control Center Core Implementation
"{ADECE95F-585D-8B33-BF50-53C2BDA1E241}" = Catalyst Control Center Localization Korean
"{AE0FBCB5-3193-4583-C6CB-AA96F307EA70}" = ccc-utility
"{AEC0CEBC-0FC7-4716-8222-1C4A742719B1}" = Digimax Master
"{AFF10119-F154-4888-77F3-B149DE987976}" = Catalyst Control Center Localization Polish
"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7C03E84-AF46-42F4-809D-D4127D9086D0}" = VAIO Edit Components 6.5
"{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}" = OpenMG Secure Module 5.1.00
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C767EE67-9AA4-1CBF-8FD4-87F52CBB041D}" = CCC Help Italian
"{C8E57F8C-64FE-28D7-0F65-7BE87AF49745}" = Catalyst Control Center Graphics Full New
"{CAE07D54-A400-DAF9-912B-306DD941B61C}" = Catalyst Control Center Localization Finnish
"{CB6CF566-E06F-2556-55EF-EE149FC6EE7F}" = CCC Help French
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D035FBF6-FDEF-487D-89CA-6F9DD07B783F}" = Dolby Control Center
"{D355ECA7-DBF5-F22E-4E1A-BF69CFC5CED8}" = CCC Help Japanese
"{D44DF260-2D5A-3277-97D6-C97D1A806CF5}" = CCC Help Thai
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D5FBA9C1-21D3-4210-A604-CF9E38238F35}" = VAIO Entertainment Platform
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D7019E24-BF07-3690-18C7-3D0DE87D09AB}" = CCC Help Chinese Standard
"{D7FFE7EB-1A15-864C-B335-E768BF623B84}" = Catalyst Control Center Localization Swedish
"{DE1F799A-0A02-FF3B-8786-195E91D0DE94}" = CCC Help Spanish
"{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter
"{E31010F6-DE18-0E9F-E028-FC709306C6F1}" = Catalyst Control Center Localization Turkish
"{E3453B1B-C91B-4C48-B046-8DF635DD46F2}" = VAIO Content Metadata XML Interface Library
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E464702F-5433-46EC-8F65-159276C0A54F}" = WIDCOMM Bluetooth Software 6.2.0.5800
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5BD6683-301D-B224-FB7C-320299CD51F9}" = CCC Help Hungarian
"{E9730C7A-E5DA-8222-45FE-2D71E810BE46}" = Catalyst Control Center Localization Spanish
"{EA39F1F5-D4A1-C02A-0865-7F6A95A33A56}" = CCC Help English
"{EADE97A7-E7AA-43FD-A042-92A68E0187A6}" = VAIO Content Metadata Manager Setting
"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter
"{ECB5774A-A39B-4419-A7D3-92F49C0FCAB3}" = VAIO Content Metadata Intelligent Analyzing Manager
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EDF6A69E-967B-4F17-B537-647CA205EC1D}" = VAIO Content Metadata Manager Setting
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2D7A126-9648-4588-9C3E-7C1E7FD22C23}" = SonicStage Mastering Studio
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}" = Adobe Premiere Elements 4.0 Templates
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"{FE58B892-3825-4610-A6A2-E6EFCA83BD97}" = Ulead PhotoImpact 10
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"Avira AntiVir Desktop" = Avira Antivirus Premium
"BFG-Big Fish Games Spiel-Suite" = Big Fish Games Spiel-Suite
"Canon MX870 series Benutzerregistrierung" = Canon MX870 series Benutzerregistrierung
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"dm-Fotowelt" = dm-Fotowelt
"dt icon module" =
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ElsterFormular für Unternehmer 12.1.0.6164u" = ElsterFormular für Unternehmer
"FarmingSimulator2009GoldDE_is1" = Landwirtschafts-Simulator 2009 Gold
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InfraRecorder" = InfraRecorder
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}" = OpenMG Secure Module 5.1.00
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"MarketingTools" = VAIO Marketing Tools
"MFU Module" =
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 3.1" = Canon MP Navigator EX 3.1
"Netzmanager" = Netzmanager
"Picasa2" = Picasa 2
"PremElem40" = Adobe Premiere Elements 4.0
"PremElem40Templates" = Adobe Premiere Elements 4.0 Templates
"ProInst" = Intel PROSet Wireless
"Ravensburger tiptoi" = Ravensburger tiptoi
"Speed Dial Utility" = Canon Kurzwahlprogramm
"Telekom Fotoservice" = Telekom Fotoservice
"VAIO Help and Support" =
"VLC media player" = VLC media player 1.0.5
"VTechDownloadManager" = VTech Download Manager
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10.12.2012 08:06:44 | Computer Name = xxx-PC | Source = WinMgmt | ID = 10
Description =
Error - 10.12.2012 08:06:54 | Computer Name = xxx-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 11.12.2012 08:54:13 | Computer Name = xxx-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 11.12.2012 08:54:15 | Computer Name = xxx-PC | Source = WinMgmt | ID = 10
Description =
Error - 12.12.2012 05:24:51 | Computer Name = xxx-PC | Source = WinMgmt | ID = 10
Description =
Error - 12.12.2012 05:25:15 | Computer Name = xxx-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 14.12.2012 15:38:02 | Computer Name = xxx-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 14.12.2012 15:38:05 | Computer Name = xxx-PC | Source = WinMgmt | ID = 10
Description =
Error - 15.12.2012 05:32:46 | Computer Name = xxx-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 15.12.2012 05:32:54 | Computer Name = xxx-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 06.01.2013 06:44:07 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 06.01.2013 06:44:07 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 06.01.2013 06:44:07 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 06.01.2013 06:54:46 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 06.01.2013 06:54:46 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 06.01.2013 12:25:26 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 06.01.2013 12:25:26 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 06.01.2013 12:25:26 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 06.01.2013 12:25:27 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 06.01.2013 13:50:39 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
[/code] |
|
08.01.2013, 16:53
| #4 |
| /// Malware-holic | Virus Big Fish Games TR/Agent.2409800 Hi, download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.01.2013, 21:05
| #5 |
| | Virus Big Fish Games TR/Agent.2409800 Hoffe ich hab alles richtig gemacht! hier der Report des Suchlaufs: Code:
ATTFilter 20:55:16.0079 3568 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
20:55:16.0406 3568 ============================================================
20:55:16.0406 3568 Current date / time: 2013/01/08 20:55:16.0406
20:55:16.0406 3568 SystemInfo:
20:55:16.0406 3568
20:55:16.0406 3568 OS Version: 6.0.6002 ServicePack: 2.0
20:55:16.0406 3568 Product type: Workstation
20:55:16.0406 3568 ComputerName: xxx-PC
20:55:16.0406 3568 UserName: xxx
20:55:16.0406 3568 Windows directory: C:\Windows
20:55:16.0406 3568 System windows directory: C:\Windows
20:55:16.0406 3568 Processor architecture: Intel x86
20:55:16.0406 3568 Number of processors: 2
20:55:16.0406 3568 Page size: 0x1000
20:55:16.0406 3568 Boot type: Normal boot
20:55:16.0406 3568 ============================================================
20:55:17.0015 3568 Drive \Device\Harddisk0\DR0 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:55:17.0015 3568 ============================================================
20:55:17.0015 3568 \Device\Harddisk0\DR0:
20:55:17.0015 3568 MBR partitions:
20:55:17.0015 3568 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x19FB800, BlocksNum 0x2CF3D000
20:55:17.0015 3568 ============================================================
20:55:17.0046 3568 C: <-> \Device\Harddisk0\DR0\Partition1
20:55:17.0046 3568 ============================================================
20:55:17.0046 3568 Initialize success
20:55:17.0046 3568 ============================================================
20:56:36.0481 6012 ============================================================
20:56:36.0481 6012 Scan started
20:56:36.0481 6012 Mode: Manual; SigCheck; TDLFS;
20:56:36.0481 6012 ============================================================
20:56:37.0230 6012 ================ Scan system memory ========================
20:56:37.0230 6012 System memory - ok
20:56:37.0230 6012 ================ Scan services =============================
20:56:37.0339 6012 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
20:56:37.0558 6012 !SASCORE - ok
20:56:37.0698 6012 [ FEE588CDF60F2B541B5A3E803FA938A1 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
20:56:37.0745 6012 ACDaemon - ok
20:56:37.0948 6012 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
20:56:37.0994 6012 ACPI - ok
20:56:38.0104 6012 [ E8FE4FCE23D2809BD88BCC1D0F8408CE ] AdobeActiveFileMonitor6.0 c:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
20:56:38.0135 6012 AdobeActiveFileMonitor6.0 - ok
20:56:38.0197 6012 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:56:38.0275 6012 adp94xx - ok
20:56:38.0306 6012 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:56:38.0353 6012 adpahci - ok
20:56:38.0384 6012 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
20:56:38.0400 6012 adpu160m - ok
20:56:38.0416 6012 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:56:38.0431 6012 adpu320 - ok
20:56:38.0494 6012 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:56:38.0603 6012 AeLookupSvc - ok
20:56:38.0681 6012 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
20:56:38.0712 6012 AFD - ok
20:56:38.0774 6012 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:56:38.0790 6012 agp440 - ok
20:56:38.0806 6012 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
20:56:38.0821 6012 aic78xx - ok
20:56:38.0852 6012 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
20:56:38.0977 6012 ALG - ok
20:56:38.0977 6012 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
20:56:38.0993 6012 aliide - ok
20:56:39.0024 6012 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:56:39.0040 6012 amdagp - ok
20:56:39.0055 6012 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
20:56:39.0071 6012 amdide - ok
20:56:39.0086 6012 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
20:56:39.0118 6012 AmdK7 - ok
20:56:39.0133 6012 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:56:39.0164 6012 AmdK8 - ok
20:56:39.0289 6012 [ 94B415DF65DFCE569216F8276E8E9CBD ] AntiVirMailService C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
20:56:39.0336 6012 AntiVirMailService - ok
20:56:39.0398 6012 [ C321528276C59058A261616F7D1EA496 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
20:56:39.0430 6012 AntiVirSchedulerService - ok
20:56:39.0445 6012 [ 66AD3485D0AB5F9FDEF67928FD624A80 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
20:56:39.0476 6012 AntiVirService - ok
20:56:39.0508 6012 [ EDD7AD5B5C003B7AB38C90508B055C25 ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
20:56:39.0601 6012 AntiVirWebService - ok
20:56:39.0679 6012 [ 9325E49D555D8F12CE1735227DBB3D80 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
20:56:39.0710 6012 ApfiltrService - ok
20:56:39.0773 6012 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
20:56:39.0835 6012 Appinfo - ok
20:56:39.0866 6012 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
20:56:39.0898 6012 arc - ok
20:56:39.0944 6012 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:56:39.0976 6012 arcsas - ok
20:56:40.0022 6012 [ 857B48965A0503B7AB795D4BFE7CBD8B ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
20:56:40.0054 6012 ArcSoftKsUFilter - ok
20:56:40.0085 6012 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:56:40.0147 6012 AsyncMac - ok
20:56:40.0178 6012 [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi C:\Windows\system32\drivers\atapi.sys
20:56:40.0210 6012 atapi - ok
20:56:40.0241 6012 [ 6455100A6CDB1DEDC551E12FD41BC519 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
20:56:40.0366 6012 Ati External Event Utility - ok
20:56:40.0600 6012 [ 9F66D1BA97911731133E46212539A08D ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:56:40.0865 6012 atikmdag - ok
20:56:41.0005 6012 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:56:41.0068 6012 AudioEndpointBuilder - ok
20:56:41.0068 6012 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:56:41.0099 6012 Audiosrv - ok
20:56:41.0177 6012 [ D57E60FF40E858B653C404605BBDD6FC ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
20:56:41.0192 6012 avgntflt - ok
20:56:41.0224 6012 [ 0189056DDBF23C7DEF09D2B5999C5405 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
20:56:41.0224 6012 avipbb - ok
20:56:41.0239 6012 [ 5BE9B023D7917E6B51FC402DE06819B4 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
20:56:41.0255 6012 avkmgr - ok
20:56:41.0286 6012 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
20:56:41.0333 6012 Beep - ok
20:56:41.0426 6012 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
20:56:41.0489 6012 BFE - ok
20:56:41.0614 6012 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
20:56:41.0707 6012 BITS - ok
20:56:41.0738 6012 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:56:41.0816 6012 blbdrive - ok
20:56:41.0863 6012 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:56:41.0926 6012 bowser - ok
20:56:41.0972 6012 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
20:56:42.0019 6012 BrFiltLo - ok
20:56:42.0035 6012 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
20:56:42.0113 6012 BrFiltUp - ok
20:56:42.0175 6012 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
20:56:42.0253 6012 Browser - ok
20:56:42.0300 6012 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
20:56:42.0518 6012 Brserid - ok
20:56:42.0550 6012 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
20:56:42.0674 6012 BrSerWdm - ok
20:56:42.0721 6012 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
20:56:42.0830 6012 BrUsbMdm - ok
20:56:42.0862 6012 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
20:56:42.0940 6012 BrUsbSer - ok
20:56:43.0002 6012 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
20:56:43.0033 6012 BthEnum - ok
20:56:43.0080 6012 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:56:43.0189 6012 BTHMODEM - ok
20:56:43.0220 6012 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:56:43.0252 6012 BthPan - ok
20:56:43.0330 6012 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
20:56:43.0454 6012 BTHPORT - ok
20:56:43.0501 6012 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
20:56:43.0579 6012 BthServ - ok
20:56:43.0657 6012 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
20:56:43.0720 6012 BTHUSB - ok
20:56:43.0766 6012 [ 14164C0CFD9D5A2704FDAB93A9688630 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
20:56:43.0798 6012 btwaudio - ok
20:56:43.0829 6012 [ 94DC6E5F3F532C5054F078D845714129 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
20:56:43.0860 6012 btwavdt - ok
20:56:44.0032 6012 [ C832A3622A35CA7C595EA8CA385BA813 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
20:56:44.0094 6012 btwdins - ok
20:56:44.0141 6012 [ B9920FB30BCAFF10C111654909B275C9 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
20:56:44.0156 6012 btwl2cap - ok
20:56:44.0188 6012 [ 61E29BA977B972C9BAA847CC11D48C3D ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
20:56:44.0203 6012 btwrchid - ok
20:56:44.0281 6012 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:56:44.0344 6012 cdfs - ok
20:56:44.0437 6012 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:56:44.0484 6012 cdrom - ok
20:56:44.0562 6012 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
20:56:44.0624 6012 CertPropSvc - ok
20:56:44.0671 6012 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
20:56:44.0749 6012 circlass - ok
20:56:44.0812 6012 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
20:56:44.0827 6012 CLFS - ok
20:56:44.0921 6012 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:56:44.0952 6012 clr_optimization_v2.0.50727_32 - ok
20:56:45.0061 6012 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:56:45.0092 6012 clr_optimization_v4.0.30319_32 - ok
20:56:45.0139 6012 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:56:45.0202 6012 CmBatt - ok
20:56:45.0217 6012 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:56:45.0264 6012 cmdide - ok
20:56:45.0280 6012 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:56:45.0311 6012 Compbatt - ok
20:56:45.0326 6012 COMSysApp - ok
20:56:45.0342 6012 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:56:45.0389 6012 crcdisk - ok
20:56:45.0404 6012 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
20:56:45.0467 6012 Crusoe - ok
20:56:45.0529 6012 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:56:45.0560 6012 CryptSvc - ok
20:56:45.0623 6012 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:56:45.0716 6012 DcomLaunch - ok
20:56:45.0763 6012 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:56:45.0982 6012 DfsC - ok
20:56:46.0122 6012 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
20:56:46.0356 6012 DFSR - ok
20:56:46.0434 6012 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
20:56:46.0481 6012 Dhcp - ok
20:56:46.0543 6012 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
20:56:46.0574 6012 disk - ok
20:56:46.0621 6012 [ F206E28ED74C491FD5D7C0A1119CE37F ] DMICall C:\Windows\system32\DRIVERS\DMICall.sys
20:56:46.0652 6012 DMICall - ok
20:56:46.0715 6012 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:56:46.0777 6012 Dnscache - ok
20:56:46.0824 6012 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:56:46.0902 6012 dot3svc - ok
20:56:46.0964 6012 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
20:56:47.0042 6012 DPS - ok
20:56:47.0089 6012 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:56:47.0136 6012 drmkaud - ok
20:56:47.0230 6012 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:56:47.0308 6012 DXGKrnl - ok
20:56:47.0354 6012 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
20:56:47.0417 6012 E1G60 - ok
20:56:47.0448 6012 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
20:56:47.0510 6012 EapHost - ok
20:56:47.0573 6012 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
20:56:47.0620 6012 Ecache - ok
20:56:47.0682 6012 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:56:47.0729 6012 ehRecvr - ok
20:56:47.0744 6012 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
20:56:47.0791 6012 ehSched - ok
20:56:47.0807 6012 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
20:56:47.0838 6012 ehstart - ok
20:56:47.0916 6012 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:56:47.0978 6012 elxstor - ok
20:56:48.0056 6012 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
20:56:48.0166 6012 EMDMgmt - ok
20:56:48.0197 6012 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:56:48.0275 6012 ErrDev - ok
20:56:48.0353 6012 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
20:56:48.0415 6012 EventSystem - ok
20:56:48.0509 6012 [ BA6063E3375F9BC11A9C8450A7F61E70 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:56:48.0602 6012 EvtEng ( UnsignedFile.Multi.Generic ) - warning
20:56:48.0602 6012 EvtEng - detected UnsignedFile.Multi.Generic (1)
20:56:48.0680 6012 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
20:56:48.0758 6012 exfat - ok
20:56:48.0821 6012 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:56:48.0899 6012 fastfat - ok
20:56:48.0977 6012 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:56:49.0039 6012 fdc - ok
20:56:49.0055 6012 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
20:56:49.0117 6012 fdPHost - ok
20:56:49.0133 6012 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
20:56:49.0195 6012 FDResPub - ok
20:56:49.0242 6012 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:56:49.0258 6012 FileInfo - ok
20:56:49.0273 6012 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:56:49.0304 6012 Filetrace - ok
20:56:49.0367 6012 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:56:49.0429 6012 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
20:56:49.0429 6012 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
20:56:49.0445 6012 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:56:49.0507 6012 flpydisk - ok
20:56:49.0570 6012 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:56:49.0585 6012 FltMgr - ok
20:56:49.0710 6012 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
20:56:49.0850 6012 FontCache - ok
20:56:49.0944 6012 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:56:49.0975 6012 FontCache3.0.0.0 - ok
20:56:50.0038 6012 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:56:50.0069 6012 Fs_Rec - ok
20:56:50.0116 6012 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:56:50.0147 6012 gagp30kx - ok
20:56:50.0225 6012 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
20:56:50.0318 6012 gpsvc - ok
20:56:50.0412 6012 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:56:50.0443 6012 gupdate - ok
20:56:50.0459 6012 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:56:50.0474 6012 gupdatem - ok
20:56:50.0537 6012 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:56:50.0568 6012 gusvc - ok
20:56:50.0615 6012 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:56:50.0724 6012 HdAudAddService - ok
20:56:50.0802 6012 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:56:50.0864 6012 HDAudBus - ok
20:56:50.0896 6012 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:56:50.0942 6012 HidBth - ok
20:56:50.0974 6012 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
20:56:51.0067 6012 HidIr - ok
20:56:51.0114 6012 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
20:56:51.0130 6012 hidserv - ok
20:56:51.0176 6012 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:56:51.0208 6012 HidUsb - ok
20:56:51.0239 6012 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:56:51.0301 6012 hkmsvc - ok
20:56:51.0332 6012 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
20:56:51.0348 6012 HpCISSs - ok
20:56:51.0395 6012 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
20:56:51.0426 6012 HSFHWAZL - ok
20:56:51.0488 6012 [ 7BC42C65B5C6281777C1A7605B253BA8 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
20:56:51.0582 6012 HSF_DPV - ok
20:56:51.0613 6012 [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
20:56:51.0629 6012 HSXHWAZL - ok
20:56:51.0707 6012 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:56:51.0800 6012 HTTP - ok
20:56:51.0847 6012 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
20:56:51.0878 6012 i2omp - ok
20:56:51.0956 6012 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:56:52.0003 6012 i8042prt - ok
20:56:52.0034 6012 [ 8EF427C54497C5F8A7A645990E4278C7 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
20:56:52.0066 6012 iaStor - ok
20:56:52.0112 6012 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
20:56:52.0144 6012 iaStorV - ok
20:56:52.0253 6012 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:56:52.0346 6012 idsvc - ok
20:56:52.0378 6012 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:56:52.0409 6012 iirsp - ok
20:56:52.0487 6012 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
20:56:52.0549 6012 IKEEXT - ok
20:56:52.0690 6012 [ 4A0F260DF9A5333C07F4AB40CA9D4F4B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:56:52.0846 6012 IntcAzAudAddService - ok
20:56:52.0877 6012 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
20:56:52.0924 6012 intelide - ok
20:56:52.0970 6012 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:56:53.0002 6012 intelppm - ok
20:56:53.0048 6012 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:56:53.0080 6012 IPBusEnum - ok
20:56:53.0111 6012 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:56:53.0142 6012 IpFilterDriver - ok
20:56:53.0173 6012 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:56:53.0220 6012 iphlpsvc - ok
20:56:53.0220 6012 IpInIp - ok
20:56:53.0251 6012 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
20:56:53.0282 6012 IPMIDRV - ok
20:56:53.0298 6012 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
20:56:53.0345 6012 IPNAT - ok
20:56:53.0360 6012 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:56:53.0392 6012 IRENUM - ok
20:56:53.0407 6012 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:56:53.0423 6012 isapnp - ok
20:56:53.0501 6012 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
20:56:53.0516 6012 iScsiPrt - ok
20:56:53.0548 6012 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
20:56:53.0563 6012 iteatapi - ok
20:56:53.0579 6012 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
20:56:53.0594 6012 iteraid - ok
20:56:53.0641 6012 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
20:56:53.0657 6012 IviRegMgr - ok
20:56:53.0688 6012 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:56:53.0704 6012 kbdclass - ok
20:56:53.0766 6012 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:56:53.0797 6012 kbdhid - ok
20:56:53.0844 6012 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
20:56:53.0891 6012 KeyIso - ok
20:56:53.0953 6012 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:56:53.0984 6012 KSecDD - ok
20:56:54.0047 6012 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
20:56:54.0078 6012 KtmRm - ok
20:56:54.0140 6012 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
20:56:54.0172 6012 LanmanServer - ok
20:56:54.0234 6012 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:56:54.0265 6012 LanmanWorkstation - ok
20:56:54.0296 6012 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:56:54.0328 6012 lltdio - ok
20:56:54.0359 6012 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:56:54.0406 6012 lltdsvc - ok
20:56:54.0421 6012 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:56:54.0468 6012 lmhosts - ok
20:56:54.0499 6012 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:56:54.0515 6012 LSI_FC - ok
20:56:54.0530 6012 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:56:54.0562 6012 LSI_SAS - ok
20:56:54.0577 6012 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:56:54.0593 6012 LSI_SCSI - ok
20:56:54.0608 6012 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
20:56:54.0640 6012 luafv - ok
20:56:54.0686 6012 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:56:54.0702 6012 Mcx2Svc - ok
20:56:54.0749 6012 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
20:56:54.0780 6012 mdmxsdk - ok
20:56:54.0827 6012 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
20:56:54.0842 6012 megasas - ok
20:56:54.0889 6012 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
20:56:54.0983 6012 MegaSR - ok
20:56:55.0045 6012 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
20:56:55.0139 6012 MMCSS - ok
20:56:55.0170 6012 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
20:56:55.0248 6012 Modem - ok
20:56:55.0264 6012 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:56:55.0342 6012 monitor - ok
20:56:55.0357 6012 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:56:55.0388 6012 mouclass - ok
20:56:55.0435 6012 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:56:55.0466 6012 mouhid - ok
20:56:55.0482 6012 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
20:56:55.0498 6012 MountMgr - ok
20:56:55.0576 6012 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:56:55.0591 6012 MozillaMaintenance - ok
20:56:55.0622 6012 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
20:56:55.0654 6012 mpio - ok
20:56:55.0685 6012 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:56:55.0732 6012 mpsdrv - ok
20:56:55.0810 6012 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
20:56:55.0903 6012 MpsSvc - ok
20:56:55.0950 6012 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
20:56:55.0981 6012 Mraid35x - ok
20:56:56.0044 6012 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:56:56.0075 6012 MRxDAV - ok
20:56:56.0137 6012 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:56:56.0168 6012 mrxsmb - ok
20:56:56.0200 6012 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:56:56.0246 6012 mrxsmb10 - ok
20:56:56.0262 6012 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:56:56.0293 6012 mrxsmb20 - ok
20:56:56.0340 6012 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
20:56:56.0371 6012 msahci - ok
20:56:56.0449 6012 [ A99D2C7E30AD63EF920A894131CAF5F7 ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
20:56:56.0465 6012 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - warning
20:56:56.0465 6012 MSCSPTISRV - detected UnsignedFile.Multi.Generic (1)
20:56:56.0480 6012 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:56:56.0512 6012 msdsm - ok
20:56:56.0543 6012 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
20:56:56.0621 6012 MSDTC - ok
20:56:56.0652 6012 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:56:56.0730 6012 Msfs - ok
20:56:56.0777 6012 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:56:56.0808 6012 msisadrv - ok
20:56:56.0855 6012 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:56:56.0902 6012 MSiSCSI - ok
20:56:56.0902 6012 msiserver - ok
20:56:56.0933 6012 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:56:56.0964 6012 MSKSSRV - ok
20:56:56.0995 6012 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:56:57.0042 6012 MSPCLOCK - ok
20:56:57.0058 6012 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:56:57.0104 6012 MSPQM - ok
20:56:57.0151 6012 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:56:57.0182 6012 MsRPC - ok
20:56:57.0198 6012 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:56:57.0214 6012 mssmbios - ok
20:56:57.0245 6012 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:56:57.0276 6012 MSTEE - ok
20:56:57.0323 6012 [ 036300114255B3C78BFB616CE8BC7AD9 ] MTOnlPktAlyX C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS
20:56:57.0338 6012 MTOnlPktAlyX ( UnsignedFile.Multi.Generic ) - warning
20:56:57.0338 6012 MTOnlPktAlyX - detected UnsignedFile.Multi.Generic (1)
20:56:57.0354 6012 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
20:56:57.0370 6012 Mup - ok
20:56:57.0416 6012 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
20:56:57.0448 6012 napagent - ok
20:56:57.0510 6012 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:56:57.0526 6012 NativeWifiP - ok
20:56:57.0604 6012 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:56:57.0713 6012 NDIS - ok
20:56:57.0760 6012 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:56:57.0822 6012 NdisTapi - ok
20:56:57.0838 6012 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:56:57.0900 6012 Ndisuio - ok
20:56:57.0931 6012 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:56:57.0962 6012 NdisWan - ok
20:56:57.0978 6012 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:56:58.0009 6012 NDProxy - ok
20:56:58.0040 6012 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:56:58.0072 6012 NetBIOS - ok
20:56:58.0118 6012 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
20:56:58.0150 6012 netbt - ok
20:56:58.0181 6012 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
20:56:58.0196 6012 Netlogon - ok
20:56:58.0228 6012 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
20:56:58.0274 6012 Netman - ok
20:56:58.0290 6012 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
20:56:58.0337 6012 netprofm - ok
20:56:58.0399 6012 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:56:58.0415 6012 NetTcpPortSharing - ok
20:56:59.0600 6012 [ BA420E8EBFCAD35581FE8E4C64F71469 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
20:56:59.0866 6012 NETw5v32 - ok
20:56:59.0912 6012 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:56:59.0944 6012 nfrd960 - ok
20:56:59.0959 6012 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:57:00.0053 6012 NlaSvc - ok
20:57:00.0100 6012 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:57:00.0178 6012 Npfs - ok
20:57:00.0209 6012 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
20:57:00.0287 6012 nsi - ok
20:57:00.0302 6012 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:57:00.0365 6012 nsiproxy - ok
20:57:00.0427 6012 [ B30F5C423B45A6668EADAD883678E2D0 ] NSUService C:\Program Files\sony\Network Utility\NSUService.exe
20:57:00.0443 6012 NSUService ( UnsignedFile.Multi.Generic ) - warning
20:57:00.0443 6012 NSUService - detected UnsignedFile.Multi.Generic (1)
20:57:00.0536 6012 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:57:00.0677 6012 Ntfs - ok
20:57:00.0724 6012 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
20:57:00.0833 6012 ntrigdigi - ok
20:57:00.0895 6012 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
20:57:00.0926 6012 Null - ok
20:57:00.0958 6012 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:57:00.0973 6012 nvraid - ok
20:57:00.0989 6012 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:57:01.0004 6012 nvstor - ok
20:57:01.0020 6012 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:57:01.0051 6012 nv_agp - ok
20:57:01.0051 6012 NwlnkFlt - ok
20:57:01.0051 6012 NwlnkFwd - ok
20:57:01.0176 6012 [ E54AA592A65F317390EEE386A8821692 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:57:01.0254 6012 odserv - ok
20:57:01.0332 6012 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
20:57:01.0379 6012 ohci1394 - ok
20:57:01.0410 6012 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:57:01.0441 6012 ose - ok
20:57:01.0519 6012 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
20:57:01.0644 6012 p2pimsvc - ok
20:57:01.0675 6012 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
20:57:01.0738 6012 p2psvc - ok
20:57:01.0784 6012 [ 41C33FB4FD929FED732A00D2DAEF5BE0 ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
20:57:01.0831 6012 PACSPTISVR ( UnsignedFile.Multi.Generic ) - warning
20:57:01.0831 6012 PACSPTISVR - detected UnsignedFile.Multi.Generic (1)
20:57:01.0878 6012 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
20:57:01.0987 6012 Parport - ok
20:57:02.0034 6012 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:57:02.0081 6012 partmgr - ok
20:57:02.0096 6012 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
20:57:02.0206 6012 Parvdm - ok
20:57:02.0252 6012 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
20:57:02.0315 6012 PcaSvc - ok
20:57:02.0377 6012 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
20:57:02.0424 6012 pci - ok
20:57:02.0440 6012 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
20:57:02.0471 6012 pciide - ok
20:57:02.0486 6012 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:57:02.0518 6012 pcmcia - ok
20:57:02.0564 6012 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:57:02.0705 6012 PEAUTH - ok
20:57:02.0783 6012 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
20:57:02.0923 6012 pla - ok
20:57:02.0986 6012 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:57:03.0017 6012 PlugPlay - ok
20:57:03.0064 6012 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
20:57:03.0126 6012 PNRPAutoReg - ok
20:57:03.0173 6012 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
20:57:03.0251 6012 PNRPsvc - ok
20:57:03.0282 6012 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:57:03.0329 6012 PolicyAgent - ok
20:57:03.0360 6012 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:57:03.0391 6012 PptpMiniport - ok
20:57:03.0422 6012 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
20:57:03.0454 6012 Processor - ok
20:57:03.0500 6012 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
20:57:03.0516 6012 ProfSvc - ok
20:57:03.0532 6012 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
20:57:03.0563 6012 ProtectedStorage - ok
20:57:03.0610 6012 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
20:57:03.0641 6012 PSched - ok
20:57:03.0672 6012 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
20:57:03.0688 6012 PxHelp20 - ok
20:57:03.0750 6012 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:57:03.0812 6012 ql2300 - ok
20:57:03.0828 6012 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:57:03.0844 6012 ql40xx - ok
20:57:03.0890 6012 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
20:57:03.0906 6012 QWAVE - ok
20:57:03.0922 6012 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:57:03.0937 6012 QWAVEdrv - ok
20:57:03.0968 6012 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:57:04.0000 6012 RasAcd - ok
20:57:04.0015 6012 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
20:57:04.0046 6012 RasAuto - ok
20:57:04.0062 6012 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:57:04.0124 6012 Rasl2tp - ok
20:57:04.0140 6012 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
20:57:04.0187 6012 RasMan - ok
20:57:04.0218 6012 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:57:04.0234 6012 RasPppoe - ok
20:57:04.0280 6012 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:57:04.0296 6012 RasSstp - ok
20:57:04.0343 6012 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:57:04.0405 6012 rdbss - ok
20:57:04.0436 6012 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:57:04.0468 6012 RDPCDD - ok
20:57:04.0483 6012 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
20:57:04.0514 6012 rdpdr - ok
20:57:04.0530 6012 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:57:04.0561 6012 RDPENCDD - ok
20:57:04.0608 6012 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:57:04.0655 6012 RDPWD - ok
20:57:04.0686 6012 [ 001B4278407F4303EFC902A2B16F2453 ] regi C:\Windows\system32\drivers\regi.sys
20:57:04.0702 6012 regi - ok
20:57:04.0764 6012 [ 7EEEEC28A34516E66137F355DCC15BDB ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:57:04.0811 6012 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
20:57:04.0811 6012 RegSrvc - detected UnsignedFile.Multi.Generic (1)
20:57:04.0858 6012 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:57:04.0889 6012 RemoteAccess - ok
20:57:04.0936 6012 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:57:04.0967 6012 RemoteRegistry - ok
20:57:05.0029 6012 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:57:05.0060 6012 RFCOMM - ok
20:57:05.0092 6012 [ F7D9ECF41EBD3CF6C65944368150F66B ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
20:57:05.0123 6012 rimsptsk - ok
20:57:05.0123 6012 [ 1BE6C42767A7C67BA31AE32B293B37A3 ] risdptsk C:\Windows\system32\DRIVERS\risdptsk.sys
20:57:05.0154 6012 risdptsk - ok
20:57:05.0170 6012 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
20:57:05.0201 6012 RpcLocator - ok
20:57:05.0232 6012 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
20:57:05.0294 6012 RpcSs - ok
20:57:05.0341 6012 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:57:05.0372 6012 rspndr - ok
20:57:05.0466 6012 [ 065A51298212455584F1811B033B617E ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
20:57:05.0482 6012 RTHDMIAzAudService - ok
20:57:05.0560 6012 [ DF1970AB067B4BA4221F0AD0AB9EBB30 ] RtkAudioService C:\Windows\RtkAudioService.exe
20:57:05.0560 6012 RtkAudioService ( UnsignedFile.Multi.Generic ) - warning
20:57:05.0560 6012 RtkAudioService - detected UnsignedFile.Multi.Generic (1)
20:57:05.0591 6012 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
20:57:05.0606 6012 SamSs - ok
20:57:05.0669 6012 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
20:57:05.0684 6012 SASDIFSV - ok
20:57:05.0700 6012 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
20:57:05.0716 6012 SASKUTIL - ok
20:57:05.0731 6012 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:57:05.0747 6012 sbp2port - ok
20:57:05.0794 6012 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:57:05.0825 6012 SCardSvr - ok
20:57:05.0872 6012 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
20:57:05.0965 6012 Schedule - ok
20:57:06.0028 6012 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:57:06.0043 6012 SCPolicySvc - ok
20:57:06.0090 6012 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
20:57:06.0121 6012 sdbus - ok
20:57:06.0152 6012 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:57:06.0184 6012 SDRSVC - ok
20:57:06.0199 6012 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:57:06.0262 6012 secdrv - ok
20:57:06.0262 6012 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
20:57:06.0293 6012 seclogon - ok
20:57:06.0324 6012 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
20:57:06.0355 6012 SENS - ok
20:57:06.0371 6012 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
20:57:06.0433 6012 Serenum - ok
20:57:06.0449 6012 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
20:57:06.0511 6012 Serial - ok
20:57:06.0527 6012 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:57:06.0558 6012 sermouse - ok
20:57:06.0574 6012 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
20:57:06.0620 6012 SessionEnv - ok
20:57:06.0652 6012 [ 8B7C1768D2CDE2E02E09A66563DDFD16 ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
20:57:06.0683 6012 SFEP - ok
20:57:06.0698 6012 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:57:06.0730 6012 sffdisk - ok
20:57:06.0761 6012 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:57:06.0792 6012 sffp_mmc - ok
20:57:06.0808 6012 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:57:06.0839 6012 sffp_sd - ok
20:57:06.0839 6012 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:57:06.0901 6012 sfloppy - ok
20:57:06.0932 6012 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:57:06.0979 6012 SharedAccess - ok
20:57:07.0042 6012 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:57:07.0073 6012 ShellHWDetection - ok
20:57:07.0088 6012 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:57:07.0104 6012 sisagp - ok
20:57:07.0120 6012 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
20:57:07.0135 6012 SiSRaid2 - ok
20:57:07.0151 6012 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:57:07.0166 6012 SiSRaid4 - ok
20:57:07.0322 6012 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
20:57:07.0634 6012 slsvc - ok
20:57:07.0697 6012 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
20:57:07.0775 6012 SLUINotify - ok
20:57:07.0822 6012 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:57:07.0884 6012 Smb - ok
20:57:07.0931 6012 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:57:07.0962 6012 SNMPTRAP - ok
20:57:08.0040 6012 [ 1A9DD46C547646A54CDB4065C1996A07 ] SOHCImp C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe
20:57:08.0071 6012 SOHCImp - ok
20:57:08.0102 6012 [ 2E1B0D8278BB616148DDCA13DAE87544 ] SOHDms C:\Program Files\Sony\VAIO Media plus\SOHDms.exe
20:57:08.0134 6012 SOHDms - ok
20:57:08.0149 6012 [ 892529EE03211C35AEA7132E119F4862 ] SOHDs C:\Program Files\Sony\VAIO Media plus\SOHDs.exe
20:57:08.0180 6012 SOHDs - ok
20:57:08.0212 6012 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
20:57:08.0243 6012 spldr - ok
20:57:08.0305 6012 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
20:57:08.0352 6012 Spooler - ok
20:57:08.0383 6012 [ F63102F289AE2039940B22E9B2A8E0BD ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
20:57:08.0399 6012 SPTISRV ( UnsignedFile.Multi.Generic ) - warning
20:57:08.0399 6012 SPTISRV - detected UnsignedFile.Multi.Generic (1)
20:57:08.0446 6012 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:57:08.0508 6012 srv - ok
20:57:08.0539 6012 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:57:08.0602 6012 srv2 - ok
20:57:08.0617 6012 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:57:08.0648 6012 srvnet - ok
20:57:08.0695 6012 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:57:08.0758 6012 SSDPSRV - ok
20:57:08.0820 6012 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
20:57:08.0836 6012 ssmdrv - ok
20:57:08.0898 6012 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:57:08.0960 6012 SstpSvc - ok
20:57:09.0023 6012 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
20:57:09.0085 6012 stisvc - ok
20:57:09.0148 6012 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:57:09.0179 6012 swenum - ok
20:57:09.0241 6012 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
20:57:09.0319 6012 swprv - ok
20:57:09.0335 6012 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
20:57:09.0366 6012 Symc8xx - ok
20:57:09.0382 6012 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
20:57:09.0397 6012 Sym_hi - ok
20:57:09.0413 6012 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
20:57:09.0428 6012 Sym_u3 - ok
20:57:09.0491 6012 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
20:57:09.0584 6012 SysMain - ok
20:57:09.0631 6012 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:57:09.0662 6012 TabletInputService - ok
20:57:09.0725 6012 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:57:09.0787 6012 TapiSrv - ok
20:57:09.0818 6012 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
20:57:09.0881 6012 TBS - ok
20:57:09.0974 6012 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:57:10.0068 6012 Tcpip - ok
20:57:10.0146 6012 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
20:57:10.0208 6012 Tcpip6 - ok
20:57:10.0255 6012 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:57:10.0271 6012 tcpipreg - ok
20:57:10.0302 6012 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:57:10.0333 6012 TDPIPE - ok
20:57:10.0349 6012 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:57:10.0380 6012 TDTCP - ok
20:57:10.0411 6012 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:57:10.0458 6012 tdx - ok
20:57:10.0489 6012 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:57:10.0505 6012 TermDD - ok
20:57:10.0536 6012 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
20:57:10.0598 6012 TermService - ok
20:57:10.0630 6012 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
20:57:10.0645 6012 Themes - ok
20:57:10.0661 6012 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
20:57:10.0692 6012 THREADORDER - ok
20:57:10.0723 6012 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
20:57:10.0754 6012 TrkWks - ok
20:57:10.0817 6012 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:57:10.0848 6012 TrustedInstaller - ok
20:57:10.0848 6012 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:57:10.0879 6012 tssecsrv - ok
20:57:10.0895 6012 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
20:57:10.0926 6012 tunmp - ok
20:57:10.0973 6012 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:57:10.0988 6012 tunnel - ok
20:57:11.0004 6012 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:57:11.0020 6012 uagp35 - ok
20:57:11.0066 6012 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
20:57:11.0082 6012 uCamMonitor - ok
20:57:11.0098 6012 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:57:11.0129 6012 udfs - ok
20:57:11.0144 6012 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:57:11.0191 6012 UI0Detect - ok
20:57:11.0207 6012 UIUSys - ok
20:57:11.0222 6012 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:57:11.0238 6012 uliagpkx - ok
20:57:11.0269 6012 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
20:57:11.0300 6012 uliahci - ok
20:57:11.0332 6012 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
20:57:11.0347 6012 UlSata - ok
20:57:11.0378 6012 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
20:57:11.0394 6012 ulsata2 - ok
20:57:11.0410 6012 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:57:11.0441 6012 umbus - ok
20:57:11.0488 6012 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
20:57:11.0534 6012 upnphost - ok
20:57:11.0581 6012 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:57:11.0612 6012 usbccgp - ok
20:57:11.0628 6012 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:57:11.0690 6012 usbcir - ok
20:57:11.0706 6012 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:57:11.0737 6012 usbehci - ok
20:57:11.0800 6012 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:57:11.0831 6012 usbhub - ok
20:57:11.0846 6012 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:57:11.0893 6012 usbohci - ok
20:57:11.0909 6012 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
20:57:11.0956 6012 usbprint - ok
20:57:11.0987 6012 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:57:12.0002 6012 USBSTOR - ok
20:57:12.0034 6012 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:57:12.0049 6012 usbuhci - ok
20:57:12.0096 6012 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:57:12.0127 6012 usbvideo - ok
20:57:12.0190 6012 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
20:57:12.0205 6012 UxSms - ok
20:57:12.0268 6012 [ 2A640DC735CB0112AC1DCD1E1549B27E ] VAIO Entertainment TV Device Arbitration Service C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
20:57:12.0283 6012 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - warning
20:57:12.0283 6012 VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic (1)
20:57:12.0330 6012 [ 2C3DBB9B671AB95245DED1EFC5276CE9 ] VAIO Event Service C:\Program Files\sony\VAIO Event Service\VESMgr.exe
20:57:12.0346 6012 VAIO Event Service - ok
20:57:12.0408 6012 [ C1ED0F71D3B9EA8D774FC7C4CBF7EE7F ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
20:57:12.0455 6012 VAIO Power Management - ok
20:57:12.0502 6012 [ 7773EB681E99217FD92E5E8A5A199AE5 ] VCFw C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
20:57:12.0517 6012 VCFw ( UnsignedFile.Multi.Generic ) - warning
20:57:12.0517 6012 VCFw - detected UnsignedFile.Multi.Generic (1)
20:57:12.0595 6012 [ 2686B87EDC54ED215CE479AC9B7675DE ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
20:57:12.0658 6012 VcmIAlzMgr - ok
20:57:12.0736 6012 [ BB5781ED436D3E121F85617C3BBB7AD5 ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
20:57:12.0751 6012 VcmXmlIfHelper - ok
20:57:12.0782 6012 Vcsw - ok
20:57:12.0860 6012 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
20:57:12.0970 6012 vds - ok
20:57:13.0016 6012 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:57:13.0079 6012 vga - ok
20:57:13.0110 6012 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
20:57:13.0188 6012 VgaSave - ok
20:57:13.0235 6012 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:57:13.0266 6012 viaagp - ok
20:57:13.0297 6012 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
20:57:13.0360 6012 ViaC7 - ok
20:57:13.0375 6012 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
20:57:13.0406 6012 viaide - ok
20:57:13.0422 6012 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:57:13.0438 6012 volmgr - ok
20:57:13.0500 6012 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:57:13.0531 6012 volmgrx - ok
20:57:13.0578 6012 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:57:13.0609 6012 volsnap - ok
20:57:13.0640 6012 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:57:13.0672 6012 vsmraid - ok
20:57:13.0750 6012 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
20:57:13.0890 6012 VSS - ok
20:57:13.0937 6012 [ 071634532066C2E29350D450C3412837 ] VzCdbSvc C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
20:57:13.0952 6012 VzCdbSvc ( UnsignedFile.Multi.Generic ) - warning
20:57:13.0952 6012 VzCdbSvc - detected UnsignedFile.Multi.Generic (1)
20:57:13.0984 6012 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
20:57:14.0046 6012 W32Time - ok
20:57:14.0077 6012 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:57:14.0186 6012 WacomPen - ok
20:57:14.0218 6012 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
20:57:14.0280 6012 Wanarp - ok
20:57:14.0280 6012 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:57:14.0296 6012 Wanarpv6 - ok
20:57:14.0358 6012 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:57:14.0389 6012 wcncsvc - ok
20:57:14.0420 6012 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:57:14.0452 6012 WcsPlugInService - ok
20:57:14.0467 6012 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
20:57:14.0483 6012 Wd - ok
20:57:14.0545 6012 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:57:14.0639 6012 Wdf01000 - ok
20:57:14.0686 6012 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:57:14.0764 6012 WdiServiceHost - ok
20:57:14.0764 6012 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:57:14.0842 6012 WdiSystemHost - ok
20:57:14.0904 6012 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
20:57:14.0951 6012 WebClient - ok
20:57:14.0982 6012 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:57:15.0029 6012 Wecsvc - ok
20:57:15.0044 6012 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:57:15.0107 6012 wercplsupport - ok
20:57:15.0169 6012 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
20:57:15.0232 6012 WerSvc - ok
20:57:15.0278 6012 [ 090A2B8F055343815556A01F725F6C35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
20:57:15.0325 6012 WimFltr - ok
20:57:15.0372 6012 [ 5A77AC34A0FFB70CE8B35B524FEDE9BA ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
20:57:15.0466 6012 winachsf - ok
20:57:15.0575 6012 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:57:15.0606 6012 WinDefend - ok
20:57:15.0622 6012 WinHttpAutoProxySvc - ok
20:57:15.0715 6012 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:57:15.0778 6012 Winmgmt - ok
20:57:15.0856 6012 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
20:57:15.0996 6012 WinRM - ok
20:57:16.0074 6012 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:57:16.0168 6012 Wlansvc - ok
20:57:16.0199 6012 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:57:16.0246 6012 WmiAcpi - ok
20:57:16.0308 6012 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:57:16.0370 6012 wmiApSrv - ok
20:57:16.0448 6012 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:57:16.0573 6012 WMPNetworkSvc - ok
20:57:16.0589 6012 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:57:16.0682 6012 WPCSvc - ok
20:57:16.0745 6012 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:57:16.0792 6012 WPDBusEnum - ok
20:57:16.0916 6012 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:57:16.0994 6012 WPFFontCache_v0400 - ok
20:57:17.0026 6012 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:57:17.0088 6012 ws2ifsl - ok
20:57:17.0135 6012 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
20:57:17.0182 6012 wscsvc - ok
20:57:17.0197 6012 WSearch - ok
20:57:17.0322 6012 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
20:57:17.0509 6012 wuauserv - ok
20:57:17.0572 6012 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:57:17.0618 6012 WudfPf - ok
20:57:17.0634 6012 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:57:17.0681 6012 wudfsvc - ok
20:57:17.0712 6012 [ 88AF537264F2B818DA15479CEEAF5D7C ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
20:57:17.0743 6012 XAudio - ok
20:57:17.0774 6012 [ 15A317674A08DF26BE65164D959E9203 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
20:57:17.0837 6012 XAudioService - ok
20:57:17.0899 6012 [ 67E3D2AF24C3873E6A0CAC89DE78D63B ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
20:57:17.0962 6012 yukonwlh - ok
20:57:17.0977 6012 ================ Scan global ===============================
20:57:18.0008 6012 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
20:57:18.0071 6012 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
20:57:18.0133 6012 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
20:57:18.0196 6012 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
20:57:18.0196 6012 [Global] - ok
20:57:18.0196 6012 ================ Scan MBR ==================================
20:57:18.0227 6012 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
20:57:18.0648 6012 \Device\Harddisk0\DR0 - ok
20:57:18.0648 6012 ================ Scan VBR ==================================
20:57:18.0648 6012 [ ED639B3A56570686C5638809A668B898 ] \Device\Harddisk0\DR0\Partition1
20:57:18.0648 6012 \Device\Harddisk0\DR0\Partition1 - ok
20:57:18.0648 6012 ============================================================
20:57:18.0648 6012 Scan finished
20:57:18.0664 6012 ============================================================
20:57:18.0679 5888 Detected object count: 12
20:57:18.0679 5888 Actual detected object count: 12
21:00:01.0223 5888 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
21:00:01.0223 5888 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:00:01.0223 5888 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:00:01.0223 5888 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:00:01.0223 5888 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
21:00:01.0223 5888 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:00:01.0239 5888 MTOnlPktAlyX ( UnsignedFile.Multi.Generic ) - skipped by user
21:00:01.0239 5888 MTOnlPktAlyX ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:00:01.0239 5888 NSUService ( UnsignedFile.Multi.Generic ) - skipped by user
21:00:01.0239 5888 NSUService ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:00:01.0239 5888 PACSPTISVR ( UnsignedFile.Multi.Generic ) - skipped by user
21:00:01.0239 5888 PACSPTISVR ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:00:01.0239 5888 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:00:01.0239 5888 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:00:01.0254 5888 RtkAudioService ( UnsignedFile.Multi.Generic ) - skipped by user
21:00:01.0254 5888 RtkAudioService ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:00:01.0254 5888 SPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
21:00:01.0254 5888 SPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:00:01.0254 5888 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:00:01.0254 5888 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:00:01.0254 5888 VCFw ( UnsignedFile.Multi.Generic ) - skipped by user
21:00:01.0254 5888 VCFw ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:00:01.0254 5888 VzCdbSvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:00:01.0254 5888 VzCdbSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
08.01.2013, 23:40
| #6 |
| /// Malware-holic | Virus Big Fish Games TR/Agent.2409800 Hi sehr gut. malwarebytes: Downloade Dir bitte Malwarebytes
__________________ --> Virus Big Fish Games TR/Agent.2409800 |
|
10.01.2013, 19:46
| #7 |
| | Virus Big Fish Games TR/Agent.2409800 Hi, also hab heut den Suchlauf mit MWB gemacht. Es wurden keine Viren entdeckt. Ich lass jetzt Avira heut Abend auch nochmal suchen. hier sind die Log-Dateien Code:
ATTFilter Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.01.10.04 Windows Vista Service Pack 2 x86 NTFS Internet Explorer xxx Kögler :: xxx-PC [Administrator] 10.01.2013 13:46:53 mbam-log-2013-01-10 (13-46-53).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 456053 Laufzeit: 4 Stunde(n), 12 Minute(n), 31 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
10.01.2013, 19:47
| #8 |
| /// Malware-holic | Virus Big Fish Games TR/Agent.2409800 Hi kein Avira durchlauf, nur die angeforderten bitte. lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
12.01.2013, 18:26
| #9 |
| | Virus Big Fish Games TR/Agent.2409800 Hallo, also ich habe die Liste. Hab einige Programme markiert die wir selbst inst. haben. Bei dem Big Fish Games weiß ich allerdings net genau ob das nicht irgendwie scho vorinst. war. Also wir haben es definitiv nicht inst. Was ich auch noch dazu sagen wolllte, haben Anfang Juli 2012 den Pc komplett blatt gemacht und neu aufgezogen, da ich da auch scho mal Probleme mit einem Virus hatte. Die meisten Programme sind Sachen die standartmäßig drauf kommen wenn man alles neu macht. Ich hoffe du kannst mit der Liste etwas anfangen. Falls du noch was dazu wissen musst, meld dich! Schönen Abend Code:
ATTFilter 7-Zip 4.65 03.07.2012 3,13MB nötig Adobe Acrobat 9 Standard - English, Français, Deutsch Adobe Systems 25.11.2008 759MB 9.0.0 Adobe Flash Player 11 Plugin Adobe Systems Incorporated 06.01.2013 11.5.502.135 Adobe Flash Player ActiveX Adobe Systems Incorporated 03.07.2012 9.0.124.0 Adobe Photoshop Elements 6.0 Adobe Systems, Inc. 03.07.2012 375MB 6.0 Adobe Premiere Elements 4.0 Ihr Firmenname 03.07.2012 1,71GB 4.0 Adobe Premiere Elements 4.0 Templates Ihr Firmenname 03.07.2012 1,71GB 4.0.0 Adobe Reader 9.3 - Deutsch Adobe Systems Incorporated 03.07.2012 239MB 9.3.0 Alps Pointing-device for VAIO 25.11.2008 2,82MB ArcSoft Magic-i Visual Effects 2 ArcSoft 03.07.2012 34,7MB 2.0.1.39 ArcSoft WebCam Companion 2 ArcSoft 03.07.2012 24,3MB ATI Catalyst Install Manager ATI Technologies, Inc. 03.07.2012 13,6MB 3.0.682.0 Avira Antivirus Premium Avira 22.12.2012 223MB 13.0.0.2890 nötig Avira SearchFree Toolbar plus Web Protection Ask.com 11.12.2012 10,2MB 1.15.11.0 Avira SearchFree Toolbar plus Web Protection Updater Ask.com 11.12.2012 1,54MB 1.2.3.30498 Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter Sony Corporation 03.07.2012 56,5MB 2.5 Big Fish Games Spiel-Suite 03.07.2012 160MB unbekannt Canon Easy-WebPrint EX 04.07.2012 6,81MB notwendig Canon IJ Network Scan Utility 04.07.2012 1,07MB Canon IJ Network Tool 04.07.2012 2,90MB Canon Kurzwahlprogramm 04.07.2012 8,52MB Canon MP Navigator EX 3.1 04.07.2012 72,4MB Canon MX870 series Benutzerregistrierung 04.07.2012 1,09MB Canon MX870 series MP Drivers 03.07.2012 339MB Canon Utilities Easy-PhotoPrint EX 04.07.2012 221MB Canon Utilities My Printer 04.07.2012 5,23MB Canon Utilities Solution Menu 04.07.2012 3,05MB CCleaner Piriform 19.12.2012 5,08MB 3.26 Click to Disc Sony Corporation 03.07.2012 70,6MB 1.2.52.09250 Click to Disc Editor Sony Corporation 03.07.2012 186MB 1.2.51 Compatibility Pack für 2007 Office System Microsoft Corporation 03.07.2012 5,86MB 12.0.4518.1014 DHTML Editing Component Microsoft Corporation 03.07.2012 462KB 6.02.0001 Digimax Master Samsung 03.07.2012 161MB 1.0.35 nötig DivX Codec DivX, Inc. 03.07.2012 1,40MB 6.8.4 DivX Converter DivX, Inc. 03.07.2012 30,3MB 6.6.1 DivX Player 03.07.2012 15,4MB 6.8.2 DivX Web Player DivX,Inc. 03.07.2012 2,92MB 1.4.0 dm-Fotowelt 31.08.2012 340MB nötig Dolby Control Center Dolby 25.11.2008 46,9MB 1.2.0702 ElsterFormular für Unternehmer Landesfinanzdirektion Thüringen 06.07.2012 231MB 13.2.0.8623u nötig Google Chrome Google Inc. 11.01.2013 215MB 24.0.1312.52 Google Earth Google 03.07.2012 33,2MB 4.2.205.5730 HDAUDIO SoftV92 Data Fax Modem with SmartCP 25.11.2008 1,01MB unbekannt? InfraRecorder 03.07.2012 7,63MB unbekannt Intel(R) PROSet/Wireless WiFi-Software Intel(R) Corporation 03.07.2012 78,4MB 12.01.1000 Java(TM) 6 Update 37 Oracle 01.12.2012 95,7MB 6.0.370 Java(TM) 6 Update 7 Sun Microsystems, Inc. 25.11.2008 171MB 1.6.0.70 Landwirtschafts-Simulator 2009 Gold GIANTS Software 28.08.2012 274MB nötig Malwarebytes Anti-Malware Version 1.70.0.1100 Malwarebytes Corporation 04.01.2013 12,2MB 1.70.0.1100 nötig Me&My VAIO Sony Corporation 03.07.2012 69,8MB 1.0.0.11140 Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft Corporation 02.11.2012 74,3MB Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 03.07.2012 65,1MB Microsoft .NET Framework 4 Client Profile Microsoft Corporation 06.07.2012 120MB 4.0.30319 Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 06.07.2012 24,5MB 4.0.30319 Microsoft Office Home and Student 2007 Microsoft Corporation 03.07.2012 296MB 12.0.6215.1000 Microsoft Office PowerPoint Viewer 2007 (German) Microsoft Corporation 03.07.2012 3,40MB 12.0.4518.1014 Microsoft Office Suite Activation Assistant Microsoft Corporation 03.07.2012 8,36MB 2.9 Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 03.07.2012 2,37MB 8.0.56336 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 03.07.2012 602KB 9.0.30729 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 11.12.2012 11,1MB 10.0.40219 Microsoft Works Microsoft Corporation 03.07.2012 377MB 9.7.0621 Microsoft WSE 3.0 Runtime Microsoft Corp. 03.07.2012 942KB 3.0.5305.0 Mozilla Firefox 17.0.1 (x86 de) Mozilla 06.12.2012 41,2MB 17.0.1 Mozilla Maintenance Service Mozilla 06.12.2012 224KB 17.0.1 MSXML 4.0 SP2 (KB954430) Microsoft Corporation 04.07.2012 35,0KB 4.20.9870.0 MSXML 4.0 SP2 (KB973688) Microsoft Corporation 04.07.2012 1,33MB 4.20.9876.0 Music Transfer Sony Corporation 03.07.2012 40,7MB 1.2.00.17290 |
|
13.01.2013, 17:23
| #10 |
| /// Malware-holic | Virus Big Fish Games TR/Agent.2409800 ich möchte ja nicht wissen, was du selbst instaliert hast, bitte noch mal lesen, und liste entsprechend bearbeiten, danke
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
17.01.2013, 14:49
| #11 |
| | Virus Big Fish Games TR/Agent.2409800 Hallo und sorry für die späte Antwort. Hab jetzt die Liste nochmal überarbeitet und und mein Bestes gegeben.  Code:
ATTFilter 7-Zip 4.65, 03.07.2012, 3,13MB, nötig Adobe Acrobat 9 Standard - English, Français, Deutsch, nötig Adobe Systems, 25.11.2008, 759MB, 9.0.0, nötig Adobe Flash Player 11 Plugin, nötig Adobe Systems Incorporated, 06.01.2013, 11.5.502.135, nötig Adobe Flash Player ActiveX, nötig Adobe Systems Incorporated, 03.07.2012, 9.0.124.0, nötig Adobe Photoshop Elements 6.0, nötig Adobe Systems, Inc., 03.07.2012, 375MB, 6.0, nötig Adobe Premiere Elements 4.0, 03.07.2012, 1,71GB, 4.0, nötig Adobe Premiere Elements 4.0 Templates, 03.07.2012, 1,71GB, 4.0.0, nötig Adobe Reader 9.3 - Deutsch, nötig Adobe Systems Incorporated, 03.07.2012, 239MB, 9.3.0, nötig Alps Pointing-device for VAIO, 25.11.2008, 2,82MB, nötig ArcSoft Magic-i Visual Effects 2, nötig ArcSoft, 03.07.2012, 34,7MB, 2.0.1.39, nötig ArcSoft WebCam Companion 2, nötig ArcSoft, 03.07.2012, 24,3MB, nötig ATI Catalyst Install Manager ATI Technologies, Inc., 03.07.2012,13,6MB, 3.0.682.0, nötig Avira Antivirus Premium Avira, 22.12.2012, 223MB, 13.0.0.2890, nötig Avira SearchFree Toolbar plus Web Protection Ask.com 11.12.2012, 10,2MB, 1.15.11.0, nötig Avira SearchFree Toolbar plus Web Protection Updater, Ask.com, 11.12.2012 1,54MB, 1.2.3.30498, nötig Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter, Sony Corporation, 03.07.2012, 56,5MB, 2.5,nötig Big Fish Games Spiel-Suite, 03.07.2012, 160MB, unbekannt Canon Easy-WebPrint EX, 04.07.2012, 6,81MB, nötig Canon IJ Network Scan Utility, 04.07.2012, 1,07MB, nötig Canon IJ Network Tool, 04.07.2012, 2,90MB, nötig Canon Kurzwahlprogramm, 04.07.2012, 8,52MB, nötig Canon MP Navigator EX 3.1, 04.07.2012, 72,4MB, nötig Canon MX870 series Benutzerregistrierung, 04.07.2012, 1,09MB, nötig Canon MX870 series MP Drivers, 03.07.2012, 339MB, nötig Canon Utilities Easy-PhotoPrint EX, 04.07.2012, 221MB, nötig Canon Utilities My Printer, 04.07.2012, 5,23MB, nötig Canon Utilities Solution Menu, 04.07.2012, 3,05MB, nötig CCleaner, Piriform, 19.12.2012, 5,08MB, ,3.26, nötig Click to Disc, Sony Corporation, 03.07.2012, 70,6MB, 1.2.52.09250,nötig Click to Disc Editor, Sony Corporation, 03.07.2012, 186MB, 1.2.51, nötig Compatibility Pack für 2007 Office System, Microsoft Corporation, 03.07.2012, 5,86MB, 12.0.4518.1014, nötig DHTML Editing Component, Microsoft Corporation, 03.07.2012, 462KB, 6.02.0001, nötig Digimax Master, Samsung, 03.07.2012, 161MB,1.0.35, nötig DivX Codec, DivX, Inc., 03.07.2012, 1,40MB, 6.8.4, nötig DivX Converter, DivX, Inc., 03.07.2012, 30,3MB, 6.6.1, nötig DivX Player, 03.07.2012, 15,4MB, 6.8.2, nötig DivX Web Player, DivX,Inc., 03.07.2012, 2,92MB, 1.4.0, nötig dm-Fotowelt, 31.08.2012, 340MB, nötig Dolby Control Center, Dolby, 25.11.2008, 46,9MB, 1.2.0702, nötig ElsterFormular für Unternehmer, Landesfinanzdirektion Thüringen,06.07.2012, 231MB, 13.2.0.8623,nötig Google Chrome, Google Inc., 11.01.2013, 215MB, 24.0.1312.52, nötig Google Earth, Google, 03.07.2012, 33,2MB, 4.2.205.5730, nötig HDAUDIO SoftV92 Data Fax Modem with SmartCP, 25.11.2008, 1,01MB, unbekannt InfraRecorder, 03.07.2012, 7,63MB, unbekannt Intel(R) PROSet/Wireless WiFi-Software, Intel(R) Corporation, 03.07.2012, 78,4MB, 12.01.1000, nötig Java(TM) 6 Update 37, Oracle 01.12.2012, 95,7MB, 6.0.370, evtl. nur das aktuellste Java(TM) 6 Update 7 Sun Microsystems, Inc., 25.11.2008, 171MB,1.6.0.70, evtl. nur das aktuellste Landwirtschafts-Simulator 2009 Gold, GIANTS Software, 28.08.2012, 274MB, nötig Malwarebytes Anti-Malware Version 1.70.0.1100, Malwarebytes Corporation, 04.01.2013, 12,2MB, 1.70.0.1100, nötig Me&My VAIO Sony Corporation, 03.07.2012, 69,8MB, 1.0.0.11140, nötig Microsoft .NET Framework 3.5 Language Pack SP1 - DEU, Microsoft Corporation, 02.11.2012, 74,3MB, nötig Microsoft .NET Framework 3.5 SP1 Microsoft Corporation, 03.07.2012, 65,1MB, nötig Microsoft .NET Framework 4 Client Profile Microsoft Corporation, 06.07.2012 ,120MB 4.0.30319 nötig Microsoft .NET Framework 4 Client Profile DEU Language Pack, Microsoft Corporation 06.07.2012, 24,5MB, 4.0.30319, nötig Microsoft Office Home and Student 2007, Microsoft Corporation, 03.07.2012, 296MB, 12.0.6215.1000, nötig Microsoft Office PowerPoint Viewer 2007 (German), Microsoft Corporation, 03.07.2012, 3,40MB, 12.0.4518.1014, nötig Microsoft Office Suite Activation Assistant, Microsoft Corporation, 03.07.2012, 8,36MB, 2.9, nötig Microsoft Visual C++ 2005 Redistributable, Microsoft Corporation, 03.07.2012, 2,37MB, 8.0.56336, nötig Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729, Microsoft Corporation, 03.07.2012, 602KB, 9.0.30729, nötig Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219, Microsoft Corporation, 11.12.2012, 11,1MB, 10.0.40219, nötig Microsoft Works, Microsoft Corporation, 03.07.2012, 377MB, 9.7.0621, nötig Microsoft WSE 3.0 Runtime Microsoft Corp., 03.07.2012, 942KB, 3.0.5305.0, nötig Mozilla Firefox 17.0.1 (x86 de), Mozilla, 06.12.2012, 41,2MB, 17.0.1, nötig Mozilla Maintenance Service Mozilla, 06.12.2012, 224KB, 17.0.1, nötig MSXML 4.0 SP2 (KB954430), Microsoft Corporation, 04.07.2012, 35,0KB, 4.20.9870.0, nötig MSXML 4.0 SP2 (KB973688), Microsoft Corporation, 04.07.2012, 1,33MB, 4.20.9876.0, nötig Music Transfer, Sony Corporation, 03.07.2012, 40,7MB,1.2.00.17290, nötig |
|
17.01.2013, 14:55
| #12 |
| /// Malware-holic | Virus Big Fish Games TR/Agent.2409800 deinstaliere: Adobe Flash Player alle Adobe - Install Adobe Flash Player neueste version laden, instalieren. adobe reader: Adobe - Adobe Reader herunterladen - Alle Versionen haken bei mcafee security scan raus nehmen bitte auch mal den adobe reader wie folgt konfigurieren: adobe reader öffnen, bearbeiten, voreinstellungen. allgemein: nur zertifizierte zusatz module verwenden, anhaken. internet: hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc. es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht. bei javascript den haken bei java script verwenden raus nehmen bei updater, automatisch instalieren wählen. übernehmen /ok deinstaliere: Avira SearchFree : beide bitte Big Fish InfraRecorder, Java: alle downloade Java jre: Java-Downloads für alle Betriebssysteme klicke: Download der Java-Software für Windows Offline laden, und instalieren deinstaliere: öffne CCleaner, analysieren, starten, Pc neustarten. Downloade Dir bitte AdwCleaner auf deinen Desktop.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
21.01.2013, 11:15
| #13 |
| | Virus Big Fish Games TR/Agent.2409800 Ich hoffe dass ich alles richtig gemacht habe. Code:
ATTFilter
# AdwCleaner v2.106 - Datei am 21/01/2013 um 11:11:08 erstellt
# Aktualisiert am 17/01/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : xxx - xxx-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\xxx\Downloads\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gefunden : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\3k3t80pt.default\searchplugins\Askcom.xml
Ordner Gefunden : C:\Program Files\Ask.com
Ordner Gefunden : C:\Users\xxx\AppData\LocalLow\AskToolbar
Ordner Gefunden : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\3k3t80pt.default\extensions\toolbar@ask.com
Ordner Gefunden : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKCU\Software\APN
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gefunden : HKCU\Software\Ask.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gefunden : HKLM\Software\APN
Schlüssel Gefunden : HKLM\Software\AskToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gefunden : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gefunden : HKLM\SOFTWARE\Software
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16457
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE
-\\ Mozilla Firefox v18.0.1 (de)
Datei : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\3k3t80pt.default\prefs.js
Gefunden : user_pref("browser.search.defaultengine", "Ask.com");
Gefunden : user_pref("browser.search.defaultenginename", "Ask.com");
Gefunden : user_pref("browser.search.order.1", "Ask.com");
Gefunden : user_pref("browser.search.selectedEngine", "Ask.com");
Gefunden : user_pref("browser.startup.homepage", "hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale[...]
Gefunden : user_pref("extensions.asktb.FeaturePageVersion", "1");
Gefunden : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
Gefunden : user_pref("extensions.asktb.OOBEVersion", "1");
Gefunden : user_pref("extensions.asktb.apn_dbr", "ie_9.0.8112.16421");
Gefunden : user_pref("extensions.asktb.autofill-text-highlight-enabled", true);
Gefunden : user_pref("extensions.asktb.cbid", "^AGS");
Gefunden : user_pref("extensions.asktb.config-updated", false);
Gefunden : user_pref("extensions.asktb.crumb", "2012.12.11+13.13.17-toolbar001iad-DE-TXVuaWNoLEdlcm1hbnk%3D");
Gefunden : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://avira-int.ask.com/web?q={query}&qsrc=[...]
Gefunden : user_pref("extensions.asktb.domain", "avira-int.ask.com");
Gefunden : user_pref("extensions.asktb.domainName", "avira-int.ask.com");
Gefunden : user_pref("extensions.asktb.dtid", "^YYYYYY^YY^DE");
Gefunden : user_pref("extensions.asktb.ff-original-keyword-url", "");
Gefunden : user_pref("extensions.asktb.fresh-install", false);
Gefunden : user_pref("extensions.asktb.guid", "3d4e2a87-205b-4d04-ab52-56a08c7cf486");
Gefunden : user_pref("extensions.asktb.hpr", "YES");
Gefunden : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Gefunden : user_pref("extensions.asktb.if", "first");
Gefunden : user_pref("extensions.asktb.l", "dis");
Gefunden : user_pref("extensions.asktb.last-config-req", "1358704774210");
Gefunden : user_pref("extensions.asktb.locale", "de_DE");
Gefunden : user_pref("extensions.asktb.localePref", true);
Gefunden : user_pref("extensions.asktb.location", "Munich,Germany");
Gefunden : user_pref("extensions.asktb.nthp", "YES");
Gefunden : user_pref("extensions.asktb.nthp_prev", "2");
Gefunden : user_pref("extensions.asktb.o", "APN10261");
Gefunden : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Gefunden : user_pref("extensions.asktb.qsrc", "2871");
Gefunden : user_pref("extensions.asktb.r", "5");
Gefunden : user_pref("extensions.asktb.sa", "YES");
Gefunden : user_pref("extensions.asktb.saguid", "4D20FB5B-EAF0-4D15-AFB5-A868A46084A2");
Gefunden : user_pref("extensions.asktb.search-suggestions-enabled", true);
Gefunden : user_pref("extensions.asktb.silent-upgrade", true);
Gefunden : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Gefunden : user_pref("extensions.asktb.socialmini-first", true);
Gefunden : user_pref("extensions.asktb.socialmini-interval", "1200000");
Gefunden : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Gefunden : user_pref("extensions.asktb.socialmini-max-items", "30");
Gefunden : user_pref("extensions.asktb.socialmini-native-on", true);
Gefunden : user_pref("extensions.asktb.socialmini-speed", "5000");
Gefunden : user_pref("extensions.asktb.themeid", "");
Gefunden : user_pref("extensions.asktb.timeinstalled", "11.12.2012 22:14:29");
Gefunden : user_pref("extensions.asktb.to", "");
Gefunden : user_pref("extensions.asktb.v", "3.15.13.100015");
Gefunden : user_pref("extensions.asktb.version", "5.15.13.33021");
Gefunden : user_pref("extensions.enabledAddons", "totbff01%40telekom.de:3.0.42,toolbar%40ask.com:3.15.13.100015[...]
Gefunden : user_pref("extensions.totbff.homepage", "hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&loca[...]
Gefunden : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10261&loc[...]
-\\ Google Chrome v24.0.1312.52
Datei : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [11553 octets] - [21/01/2013 11:11:08]
########## EOF - C:\AdwCleaner[R1].txt - [11614 octets] ##########
Geändert von Heidi123 (21.01.2013 um 11:24 Uhr) |
|
21.01.2013, 13:43
| #14 |
| /// Malware-holic | Virus Big Fish Games TR/Agent.2409800 Hi, Downloade Dir bitte AdwCleaner auf deinen Desktop.
neustarten, teste bitte, wie der PC läuft, auch Programme wie browser.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
24.01.2013, 19:59
| #15 |
| | Virus Big Fish Games TR/Agent.2409800 Hallo, habe gerade adw Cleaner laufen lassen. Programme läuft gut. Mir ist nichts aufgefallen. Hier die Log-Dateien Code:
ATTFilter
# AdwCleaner v2.106 - Datei am 24/01/2013 um 19:47:29 erstellt
# Aktualisiert am 17/01/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : xxx - xxx-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\xxx\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\3k3t80pt.default\searchplugins\Askcom.xml
Gelöscht mit Neustart : C:\Program Files\Ask.com
Ordner Gelöscht : C:\Users\xxx\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\3k3t80pt.default\extensions\toolbar@ask.com
Ordner Gelöscht : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\APN
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKLM\Software\APN
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Software
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16457
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE --> hxxp://www.google.com
-\\ Mozilla Firefox v18.0.1 (de)
Datei : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\3k3t80pt.default\prefs.js
Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Gelöscht : user_pref("browser.search.defaultenginename", "Ask.com");
Gelöscht : user_pref("browser.search.order.1", "Ask.com");
Gelöscht : user_pref("browser.search.selectedEngine", "Ask.com");
Gelöscht : user_pref("browser.startup.homepage", "hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale[...]
Gelöscht : user_pref("extensions.asktb.FeaturePageVersion", "1");
Gelöscht : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
Gelöscht : user_pref("extensions.asktb.OOBEVersion", "1");
Gelöscht : user_pref("extensions.asktb.apn_dbr", "ie_9.0.8112.16421");
Gelöscht : user_pref("extensions.asktb.autofill-text-highlight-enabled", true);
Gelöscht : user_pref("extensions.asktb.cbid", "^AGS");
Gelöscht : user_pref("extensions.asktb.config-updated", false);
Gelöscht : user_pref("extensions.asktb.crumb", "2012.12.11+13.13.17-toolbar001iad-DE-TXVuaWNoLEdlcm1hbnk%3D");
Gelöscht : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://avira-int.ask.com/web?q={query}&qsrc=[...]
Gelöscht : user_pref("extensions.asktb.domain", "avira-int.ask.com");
Gelöscht : user_pref("extensions.asktb.domainName", "avira-int.ask.com");
Gelöscht : user_pref("extensions.asktb.dtid", "^YYYYYY^YY^DE");
Gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");
Gelöscht : user_pref("extensions.asktb.fresh-install", false);
Gelöscht : user_pref("extensions.asktb.guid", "3d4e2a87-205b-4d04-ab52-56a08c7cf486");
Gelöscht : user_pref("extensions.asktb.hpr", "YES");
Gelöscht : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Gelöscht : user_pref("extensions.asktb.if", "first");
Gelöscht : user_pref("extensions.asktb.l", "dis");
Gelöscht : user_pref("extensions.asktb.last-config-req", "1358968485364");
Gelöscht : user_pref("extensions.asktb.locale", "de_DE");
Gelöscht : user_pref("extensions.asktb.localePref", true);
Gelöscht : user_pref("extensions.asktb.location", "Munich,Germany");
Gelöscht : user_pref("extensions.asktb.nthp", "YES");
Gelöscht : user_pref("extensions.asktb.nthp_prev", "2");
Gelöscht : user_pref("extensions.asktb.o", "APN10261");
Gelöscht : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Gelöscht : user_pref("extensions.asktb.qsrc", "2871");
Gelöscht : user_pref("extensions.asktb.r", "5");
Gelöscht : user_pref("extensions.asktb.sa", "YES");
Gelöscht : user_pref("extensions.asktb.saguid", "4D20FB5B-EAF0-4D15-AFB5-A868A46084A2");
Gelöscht : user_pref("extensions.asktb.search-suggestions-enabled", true);
Gelöscht : user_pref("extensions.asktb.silent-upgrade", true);
Gelöscht : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Gelöscht : user_pref("extensions.asktb.socialmini-first", true);
Gelöscht : user_pref("extensions.asktb.socialmini-interval", "1200000");
Gelöscht : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Gelöscht : user_pref("extensions.asktb.socialmini-max-items", "30");
Gelöscht : user_pref("extensions.asktb.socialmini-native-on", true);
Gelöscht : user_pref("extensions.asktb.socialmini-speed", "5000");
Gelöscht : user_pref("extensions.asktb.themeid", "");
Gelöscht : user_pref("extensions.asktb.timeinstalled", "11.12.2012 22:14:29");
Gelöscht : user_pref("extensions.asktb.to", "");
Gelöscht : user_pref("extensions.asktb.v", "3.15.13.100015");
Gelöscht : user_pref("extensions.asktb.version", "5.15.13.33021");
Gelöscht : user_pref("extensions.enabledAddons", "totbff01%40telekom.de:3.0.42,toolbar%40ask.com:3.15.13.100015[...]
Gelöscht : user_pref("extensions.totbff.homepage", "hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&loca[...]
Gelöscht : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10261&loc[...]
-\\ Google Chrome v24.0.1312.52
Datei : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [11660 octets] - [21/01/2013 11:11:08]
AdwCleaner[S1].txt - [11529 octets] - [24/01/2013 19:47:29]
########## EOF - C:\AdwCleaner[S1].txt - [11590 octets] ##########
|
|
| Themen zu Virus Big Fish Games TR/Agent.2409800 |
| administrator, antivirus, autostart, avg, ccc.exe, csrss.exe, desktop, dllhost.exe, explorer.exe, home, infizierte, lsass.exe, modul, mom.exe, namen, programm, prozesse, registry, services.exe, spoolsv.exe, svchost.exe, virus, vista, warnung, windows, windows vista, winlogon.exe |
Linear-Darstellung
