Complitly - malware und Coupondropdown - adware auf meinem Computer

Nikko Laus · 03.03.2013, 20:18

Hallo,

ich habe festgestellt, dass sich auf meinem Laptop mindestens sowohl das Schadprogramm
"complitly" als auch "coupondropdown" befindet.
Ersteres zeigt sich durch die "Fremdvorschläge" in sämtlichen Eingabefeldern und zweites durch jede Menge ominöser Links (mit Verweis auf coupondropdown) auf sämtlichen Internetseiten.
Vor ein paar Tagen habe ich Malwarebytes Anti-Malware durchlaufen lassen, jedoch wurde nichts gefunden (Logfile habe ich leider nicht gespeichert).
Desweiteren lief auch Microsoft Security Essentials, ebenfalls ohne Befund.
Über Hilfe wäre ich sehr dankbar.
(Bin zum ersten Mal hier

Besten Gruß

Niko

markusg · 03.03.2013, 20:49

Hi

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die
OTL.exe
.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt in die
Textbox.

Code:

ATTFilter

activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Kopiere
nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

Nikko Laus · 03.03.2013, 21:44

Code:

ATTFilter

OTL logfile created on: 03.03.2013 21:20:41 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\der nikolaus\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19298)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,21 Gb Available Physical Memory | 60,33% Memory free
4,23 Gb Paging File | 3,01 Gb Available in Paging File | 71,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 145,34 Gb Total Space | 13,77 Gb Free Space | 9,47% Space Free | Partition Type: NTFS
Drive Q: | 78,12 Gb Total Space | 5,29 Gb Free Space | 6,78% Space Free | Partition Type: NTFS
 
Computer Name: ZAUBERKISTE2 | User Name: der nikolaus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.03.03 21:17:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\der nikolaus\Desktop\OTL.exe
PRC - [2012.03.26 16:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\msseces.exe
PRC - [2012.03.26 16:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft Security Client\MsMpEng.exe
PRC - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2011.06.14 17:35:02 | 000,201,080 | ---- | M] (Telefónica) -- Q:\programme\o2_stick\o2\Mobile Connection Manager\ImpWiFiSvc.exe
PRC - [2011.03.28 19:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2011.03.28 19:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2010.10.19 13:29:03 | 002,011,944 | ---- | M] (TeamViewer GmbH) -- Q:\programme\teamviewer\Version5\TeamViewer_Service.exe
PRC - [2010.09.13 14:56:02 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmplayer.exe
PRC - [2010.08.24 09:41:18 | 000,592,120 | ---- | M] (Cisco Systems, Inc.) -- C:\Programme\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
PRC - [2010.03.23 12:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) -- Q:\programme\vpn_uniHH\cvpnd.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2007.11.27 10:52:19 | 000,036,864 | ---- | M] (Sony NSCE) -- C:\Programme\Sony\Marketing Tools\MarketingTools.exe
PRC - [2007.10.31 13:13:44 | 000,921,600 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Power Management\SPMgr.exe
PRC - [2007.10.30 11:04:08 | 000,748,072 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2007.09.28 20:11:44 | 000,292,128 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
PRC - [2007.09.19 11:09:58 | 000,311,296 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\ISB Utility\ISBMgr.exe
PRC - [2007.09.02 12:58:52 | 000,495,616 | ---- | M] () -- Q:\programme\rocketdock\RocketDock\RocketDock\RocketDock.exe
PRC - [2007.08.28 15:27:12 | 000,131,072 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2007.08.28 15:27:10 | 000,192,512 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2007.08.14 20:05:18 | 000,182,392 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe
PRC - [2007.08.14 20:05:18 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2007.06.28 07:52:48 | 000,274,432 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2007.06.15 11:45:20 | 000,469,112 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\Wireless Switch Setting Utility\Switcher.exe
PRC - [2007.04.08 03:33:17 | 004,423,680 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.01.04 18:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006.11.02 10:45:59 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.08.31 13:43:48 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll
MOD - [2012.08.31 12:35:54 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8bbcd31ecc8edc7d1f9cdd83ef2bb2d3\System.ServiceProcess.ni.dll
MOD - [2012.08.31 12:35:48 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\508b444db523c5cf20ff12c7f440837b\System.Web.ni.dll
MOD - [2012.08.31 12:35:40 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012.08.31 12:35:31 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll
MOD - [2012.08.31 12:31:57 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012.08.31 12:31:36 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll
MOD - [2012.08.31 12:31:27 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll
MOD - [2012.08.31 12:30:11 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012.08.31 12:29:50 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2012.08.27 20:33:32 | 000,087,912 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.08.27 20:33:08 | 001,242,512 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.07.29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2009.03.30 05:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.03.30 05:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.08.25 10:57:55 | 001,675,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2783.40072__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2008.08.25 10:57:55 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2783.40300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2008.08.25 10:57:55 | 000,237,568 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2783.40029__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2008.08.25 10:57:55 | 000,184,320 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2783.40085__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2008.08.25 10:57:55 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2783.40293__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2008.08.25 10:57:55 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2783.40250__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2008.08.25 10:57:55 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2783.40064__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2008.08.25 10:57:55 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Runtime\2.0.2783.40085__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Runtime.dll
MOD - [2008.08.25 10:57:55 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2783.40186__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2008.08.25 10:57:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2783.40049__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2008.08.25 10:57:54 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2783.40327__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2008.08.25 10:57:31 | 000,331,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2783.40258__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2008.08.25 10:57:31 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2783.40334__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2008.08.25 10:57:31 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2783.40265__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2008.08.25 10:57:31 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2783.40043__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2008.08.25 10:57:31 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2783.40257__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2008.08.25 10:57:30 | 000,897,024 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2783.40294__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2008.08.25 10:57:30 | 000,790,528 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2783.40195__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2008.08.25 10:57:30 | 000,589,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2783.40098__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2008.08.25 10:57:30 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2783.40187__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2008.08.25 10:57:30 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2783.40050__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2008.08.25 10:57:30 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2783.40278__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2008.08.25 10:57:30 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2783.40237__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2008.08.25 10:57:30 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2783.40105__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2008.08.25 10:57:30 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2783.40092__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2008.08.25 10:57:30 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2783.40217__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2008.08.25 10:57:30 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2783.40194__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2008.08.25 10:57:30 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2783.40186__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2008.08.25 10:57:30 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2783.40104__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2008.08.25 10:57:30 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2783.40194__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2008.08.25 10:57:30 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2783.40216__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2008.08.25 10:57:30 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2783.40237__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2008.08.25 10:57:30 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2729.30202__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2008.08.25 10:57:30 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2729.30197__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2008.08.25 10:57:30 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2729.30224__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2008.08.25 10:57:30 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2729.30212__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2008.08.25 10:57:30 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2729.30222__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2008.08.25 10:57:29 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2729.30178__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2008.08.25 10:57:29 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2008.08.25 10:57:29 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2729.30174__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2008.08.25 10:57:29 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2729.30313__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2008.08.25 10:57:29 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2729.30184__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2008.08.25 10:57:29 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2729.30259__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2008.08.25 10:57:29 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2729.30211__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2008.08.25 10:57:29 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2729.30199__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2008.08.25 10:57:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2729.30207__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2008.08.25 10:57:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2729.30242__90ba9c70f846762e\DEM.OS.dll
MOD - [2008.08.25 10:57:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2729.30256__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2008.08.25 10:57:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2008.08.25 10:57:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2729.30203__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2008.08.25 10:57:29 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2008.08.25 10:57:28 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2729.30231__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2008.08.25 10:57:28 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Shared\2.0.2729.30219__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Shared.dll
MOD - [2008.08.25 10:57:28 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2729.30226__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2008.08.25 10:57:28 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2729.30199__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2008.08.25 10:57:28 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2729.30231__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2008.08.25 10:57:28 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2729.30227__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2008.08.25 10:57:28 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2729.30264__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2008.08.25 10:57:28 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2729.30225__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2008.08.25 10:57:28 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2729.30230__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2008.08.25 10:57:28 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2729.30213__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2008.08.25 10:57:28 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2729.30219__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2008.08.25 10:57:28 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2729.30259__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2008.08.25 10:57:28 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2729.30228__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2008.08.25 10:57:28 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2729.30212__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2008.08.25 10:57:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2729.30185__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2008.08.25 10:57:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2729.30216__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2008.08.25 10:57:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2729.30208__90ba9c70f846762e\APM.Foundation.dll
MOD - [2008.08.25 10:57:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2729.30216__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2008.08.25 10:57:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2729.30241__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2008.08.25 10:57:27 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2729.30176__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2008.08.25 10:57:27 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2008.08.25 10:57:27 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2729.30201__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2008.08.25 10:57:17 | 001,507,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2783.40037__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2008.08.25 10:57:17 | 000,471,040 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2783.40058__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2008.08.25 10:57:17 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2783.40314__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2008.08.25 10:57:17 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2783.40021__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2008.08.25 10:57:17 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2783.40312__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2008.08.25 10:57:17 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2729.30193__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2008.08.25 10:57:17 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2729.30209__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2008.08.25 10:57:17 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2729.30205__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2008.08.25 10:57:17 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2783.40357__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2008.08.25 10:57:17 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2729.30188__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2008.08.25 10:57:17 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2729.30258__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2008.08.25 10:57:17 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2729.30211__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2008.08.25 10:57:17 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2729.30214__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2008.08.25 10:57:17 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2783.40019__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2008.08.25 10:57:16 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2783.40022__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2008.08.25 10:57:16 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2783.40021__90ba9c70f846762e\APM.Server.dll
MOD - [2008.08.25 10:57:16 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2783.40020__90ba9c70f846762e\AEM.Server.dll
MOD - [2008.08.25 10:57:16 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2783.40313__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2008.08.25 10:57:16 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2008.08.25 10:57:16 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2729.30243__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2007.10.30 10:57:58 | 000,126,976 | ---- | M] () -- C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2007.10.30 10:44:52 | 000,393,216 | ---- | M] () -- C:\Windows\System32\btwhidcs.dll
MOD - [2007.10.19 01:22:14 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2007.09.02 12:58:52 | 000,495,616 | ---- | M] () -- Q:\programme\rocketdock\RocketDock\RocketDock\RocketDock.exe
MOD - [2007.09.02 12:57:36 | 000,069,632 | ---- | M] () -- Q:\programme\rocketdock\RocketDock\RocketDock\RocketDock.dll
MOD - [2007.03.02 10:44:34 | 000,073,728 | ---- | M] () -- c:\Programme\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
MOD - [2006.12.03 15:53:06 | 000,126,464 | ---- | M] () -- Q:\programme\winrar\480208368 FunkyHagi\WinRAR 3.62 German incl. Regkey post by Rostocker\RarExt.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon -- (CLTNetCnService)
SRV - [2012.05.03 07:31:10 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.03.26 16:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.03.26 16:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011.06.14 17:35:02 | 000,201,080 | ---- | M] (Telefónica) [Auto | Running] -- Q:\programme\o2_stick\o2\Mobile Connection Manager\ImpWiFiSvc.exe -- (TGCM_ImportWiFiSvc)
SRV - [2011.03.28 19:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.10.19 13:29:03 | 002,011,944 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- Q:\programme\teamviewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010.08.24 09:41:18 | 000,592,120 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Programme\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)
SRV - [2010.03.23 12:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- Q:\programme\vpn_uniHH\cvpnd.exe -- (CVPND)
SRV - [2008.01.19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.19 08:36:49 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008.01.19 08:36:15 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2008.01.19 08:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2007.09.28 20:11:44 | 000,292,128 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2007.09.20 17:52:32 | 000,079,136 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2007.08.28 15:27:12 | 000,131,072 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2007.08.28 15:27:10 | 000,192,512 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2007.08.14 20:05:18 | 000,182,392 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2007.06.28 07:53:04 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2007.06.28 07:52:48 | 000,274,432 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2007.06.20 14:35:06 | 002,523,136 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2007.06.20 14:34:52 | 000,499,712 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2007.06.20 14:34:50 | 001,089,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-UCLS-UPnP)
SRV - [2007.06.20 14:34:50 | 001,089,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP)
SRV - [2007.06.20 14:34:50 | 000,397,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-UCLS-HTTP)
SRV - [2007.06.20 14:34:50 | 000,397,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP)
SRV - [2007.01.10 15:51:06 | 000,745,472 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Media Integrated Server\UCLS.exe -- (VAIOMediaPlatform-UCLS-AppServer)
SRV - [2007.01.04 18:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006.12.14 01:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006.12.14 01:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006.12.14 00:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012.03.20 19:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010.10.09 07:48:36 | 000,072,576 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2010.08.27 06:53:46 | 000,116,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2010.08.07 10:48:42 | 000,106,880 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010.07.27 02:52:02 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2010.06.23 08:21:32 | 000,259,176 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2010.05.11 09:19:20 | 000,019,680 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vpnva.sys -- (vpnva)
DRV - [2010.04.19 20:29:20 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010.03.23 12:15:36 | 000,308,859 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2009.04.06 07:13:52 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2009.04.06 07:13:52 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2008.11.16 17:39:44 | 000,131,984 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dne2000.sys -- (DNE)
DRV - [2007.11.16 01:29:22 | 000,818,688 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2007.10.19 01:22:07 | 002,930,176 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007.10.17 01:01:59 | 000,073,472 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FLx86.sys -- (R5U870FLx86)
DRV - [2007.10.17 01:01:59 | 000,043,904 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FUx86.sys -- (R5U870FUx86)
DRV - [2007.10.16 04:57:24 | 000,743,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007.09.26 12:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)
DRV - [2007.09.19 13:38:18 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2007.09.05 01:02:46 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.08.29 02:58:45 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2007.06.14 14:41:00 | 000,466,048 | ---- | M] (LITEON) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Ltn_stk7070P.sys -- (Ltn_stk7070P)
DRV - [2007.06.13 19:30:20 | 000,013,440 | ---- | M] (LITEON) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Ltn_stkrc.sys -- (Ltn_stkrc)
DRV - [2007.05.26 09:03:06 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007.04.17 19:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2007.01.18 18:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2006.11.02 08:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2004.03.24 03:12:34 | 000,017,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\nsndis5.sys -- (NSNDIS5)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
IE - HKLM\..\SearchScopes,DefaultScope = {CB268FF0-2AD2-49E0-A107-97B621FD80DE}
IE - HKLM\..\SearchScopes\{CB268FF0-2AD2-49E0-A107-97B621FD80DE}: "URL" = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://partnerpage.google.com/eu.s [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://partnerpage.google.com/eu.s [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=06af44b9000000000000001de08f9523
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {CB268FF0-2AD2-49E0-A107-97B621FD80DE}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&affID=119776&babsrc=SP_ss&mntrId=06af44b9000000000000001de08f9523
IE - HKCU\..\SearchScopes\{CB268FF0-2AD2-49E0-A107-97B621FD80DE}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SNYK_de
IE - HKCU\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "dict.cc Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT65619&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "www.gmx.de"
FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
FF - prefs.js..extensions.enabledAddons: %7BD4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389%7D:0.9.10
FF - prefs.js..extensions.enabledAddons: support%40Senseless.TV:1
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130129
FF - prefs.js..extensions.enabledAddons: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.6
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.14
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: Q:\programme\itunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player:  File not found
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: Q:\programme\veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: Q:\programme\veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player:  File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.04.04 11:16:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\support@Senseless.TV: C:\Users\der nikolaus\AppData\Roaming\SenselessTV\ffextension [2012.11.21 21:16:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files\firefox\components [2013.01.14 19:48:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files\firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 0.9\extensions\\Components: Q:\programme\sunbird\Mozilla Sunbird\components [2012.09.18 17:38:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 0.9\extensions\\Plugins: Q:\programme\sunbird\Mozilla Sunbird\plugins [2012.09.18 17:38:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\support@Senseless.TV: C:\Users\der nikolaus\AppData\Roaming\SenselessTV\ffextension [2012.11.21 21:16:21 | 000,000,000 | ---D | M]
 
[2009.01.23 23:50:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\der nikolaus\AppData\Roaming\mozilla\Extensions
[2013.02.27 13:36:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\der nikolaus\AppData\Roaming\mozilla\Firefox\Profiles\5od8u7k5.default\extensions
[2013.02.15 10:45:33 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\der nikolaus\AppData\Roaming\mozilla\Firefox\Profiles\5od8u7k5.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2013.01.30 14:25:44 | 000,000,000 | ---D | M] (WOT) -- C:\Users\der nikolaus\AppData\Roaming\mozilla\Firefox\Profiles\5od8u7k5.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013.02.25 20:36:59 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\der nikolaus\AppData\Roaming\mozilla\Firefox\Profiles\5od8u7k5.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.01.17 18:14:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\der nikolaus\AppData\Roaming\mozilla\Sunbird\Profiles\3jtwtphq.default\extensions
[2013.02.13 16:17:28 | 000,384,155 | ---- | M] () (No name found) -- C:\Users\der nikolaus\AppData\Roaming\mozilla\firefox\profiles\5od8u7k5.default\extensions\{7CA9CF31-1C73-46CD-8377-85AB71EA771F}.xpi
[2013.02.14 21:56:15 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\der nikolaus\AppData\Roaming\mozilla\firefox\profiles\5od8u7k5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.01.23 01:33:04 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\der nikolaus\AppData\Roaming\mozilla\firefox\profiles\5od8u7k5.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2011.11.06 22:35:21 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\der nikolaus\AppData\Roaming\mozilla\firefox\profiles\5od8u7k5.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2010.03.16 12:49:46 | 000,000,913 | ---- | M] () -- C:\Users\der nikolaus\AppData\Roaming\mozilla\firefox\profiles\5od8u7k5.default\searchplugins\conduit.xml
[2013.02.19 21:43:13 | 000,001,294 | ---- | M] () -- C:\Users\der nikolaus\AppData\Roaming\mozilla\firefox\profiles\5od8u7k5.default\searchplugins\delta.xml
[2012.11.21 21:16:21 | 000,000,000 | ---D | M] (SenselessTV Video Plugin) -- C:\USERS\DER NIKOLAUS\APPDATA\ROAMING\SENSELESSTV\FFEXTENSION
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - Q:\programme\orbit_downloader\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (SenselessTV Video Plugin) - {991D97B8-F0D8-4EA1-9100-7A65EA2D3A63} - C:\Users\der nikolaus\AppData\Roaming\SenselessTV\bho.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Programme\Sony\Marketing Tools\MarketingTools.exe (Sony NSCE)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] c:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [GameXN GO] C:\ProgramData\GameXN\GameXNGO.exe (EasyBits Software AS)
O4 - HKCU..\Run: [PMCLoader] Q:\programme\tvneu\PMCLoader.exe (Pinnacle Systems GmbH)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Download by Orbit - Q:\programme\orbit_downloader\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - Q:\programme\orbit_downloader\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Do&wnload selected by Orbit - Q:\programme\orbit_downloader\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - Q:\programme\orbit_downloader\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Google Sidewiki... - Reg Error: Value error. File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - Reg Error: Value error. File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Translate this web page with Babylon - res://Q:\programme\babylon9\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O8 - Extra context menu item: Translate with Babylon - res://Q:\programme\babylon9\Utils\BabylonIEPI.dll/Action.htm File not found
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/de-at/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 vpnweb.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1C4F3241-906E-4E09-B5AC-D1576752D337}: DhcpNameServer = 193.189.244.225 193.189.244.206
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3871E549-263E-4C48-BEB1-0548CB2F6913}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~2\browse~1\261095~1.52\{c16c1~1\browse~1.dll) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\der nikolaus\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\der nikolaus\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{31b8e568-9aed-11de-a741-001e3d3afc93}\Shell\explore\command - "" = G:\.////OPOP/\\\\severina.exe
O33 - MountPoints2\{31b8e568-9aed-11de-a741-001e3d3afc93}\Shell\open\command - "" = G:\OPOP/////\\\\severina.exe
O33 - MountPoints2\{66669fa9-7820-11e2-88e8-001e101f0781}\Shell - "" = AutoRun
O33 - MountPoints2\{66669fa9-7820-11e2-88e8-001e101f0781}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{66669fb2-7820-11e2-88e8-001e101fcbf4}\Shell - "" = AutoRun
O33 - MountPoints2\{66669fb2-7820-11e2-88e8-001e101fcbf4}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{ac89c9d3-6619-11e1-b8ce-001a807dbfc1}\Shell - "" = AutoRun
O33 - MountPoints2\{ac89c9d3-6619-11e1-b8ce-001a807dbfc1}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{ac89c9de-6619-11e1-b8ce-001e101f305e}\Shell - "" = AutoRun
O33 - MountPoints2\{ac89c9de-6619-11e1-b8ce-001e101f305e}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{d9e8c3d1-61cc-11df-8453-001e3d3afc93}\Shell\AutoRun\command - "" = G:\RECYCLER\recycld.exe e
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.03.03 21:17:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\der nikolaus\Desktop\OTL.exe
[2013.03.03 16:43:56 | 000,000,000 | ---D | C] -- C:\Users\der nikolaus\Desktop\Bewerbung
[2013.02.19 21:42:47 | 000,000,000 | ---D | C] -- C:\Users\der nikolaus\AppData\Roaming\Babylon
[2013.02.19 21:42:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013.02.19 21:42:34 | 000,000,000 | ---D | C] -- C:\Users\der nikolaus\AppData\Local\PutLockerDownloader
[2013.02.19 21:42:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013.02.19 21:42:29 | 000,000,000 | ---D | C] -- C:\Program Files\PutLockerDownloader
[2013.02.19 21:42:26 | 000,000,000 | ---D | C] -- C:\Users\der nikolaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PutLockerDownloader.com
[2013.02.15 13:51:49 | 000,000,000 | ---D | C] -- C:\Users\der nikolaus\Desktop\LottaLeben
[2013.02.10 15:58:57 | 000,000,000 | ---D | C] -- C:\Users\der nikolaus\Desktop\camera
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.03.03 21:17:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\der nikolaus\Desktop\OTL.exe
[2013.03.03 20:35:54 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.03 20:35:54 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.03 18:34:01 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.03 15:34:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.03 14:35:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.28 09:52:20 | 000,076,968 | ---- | M] () -- C:\Users\der nikolaus\Desktop\dhl1.jpg
[2013.02.26 12:16:22 | 000,322,868 | ---- | M] () -- C:\Users\der nikolaus\Desktop\TableA2011.pdf
[2013.02.21 21:20:04 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2013.02.21 21:17:34 | 2145,837,056 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.20 22:42:47 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013.02.19 16:55:15 | 000,656,536 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.02.19 16:55:15 | 000,611,608 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.02.19 16:55:15 | 000,135,806 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.02.19 16:55:15 | 000,112,392 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.02.18 14:14:19 | 000,137,206 | ---- | M] () -- C:\Users\der nikolaus\Desktop\ar181-ii.pdf
[2013.02.15 13:47:42 | 010,947,509 | ---- | M] () -- C:\Users\der nikolaus\Desktop\Lotta_Boden.png
[2013.02.15 13:46:12 | 009,847,846 | ---- | M] () -- C:\Users\der nikolaus\Desktop\Lotta_rainy.png
[2013.02.15 13:43:23 | 019,867,791 | ---- | M] () -- C:\Users\der nikolaus\Desktop\Lotta&Sylvia_schwimmen.png
[2013.02.12 10:55:40 | 002,976,678 | ---- | M] () -- C:\Users\der nikolaus\Desktop\IMG_0171.JPG
[2013.02.10 16:13:00 | 003,075,023 | ---- | M] () -- C:\Users\der nikolaus\Desktop\IMG_0149.JPG
[2013.02.07 17:42:41 | 000,280,935 | ---- | M] () -- C:\Users\der nikolaus\Desktop\Quack_Paper_AFK_Theorie_2008_04.pdf
[2013.02.07 16:55:07 | 000,041,993 | ---- | M] () -- C:\Users\der nikolaus\Desktop\Masterarbeitsthema-1.pdf
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.02.28 09:52:20 | 000,076,968 | ---- | C] () -- C:\Users\der nikolaus\Desktop\dhl1.jpg
[2013.02.26 12:15:53 | 000,322,868 | ---- | C] () -- C:\Users\der nikolaus\Desktop\TableA2011.pdf
[2013.02.18 14:14:19 | 000,137,206 | ---- | C] () -- C:\Users\der nikolaus\Desktop\ar181-ii.pdf
[2013.02.15 13:47:39 | 010,947,509 | ---- | C] () -- C:\Users\der nikolaus\Desktop\Lotta_Boden.png
[2013.02.15 13:46:10 | 009,847,846 | ---- | C] () -- C:\Users\der nikolaus\Desktop\Lotta_rainy.png
[2013.02.15 13:43:19 | 019,867,791 | ---- | C] () -- C:\Users\der nikolaus\Desktop\Lotta&Sylvia_schwimmen.png
[2013.02.15 13:36:54 | 002,976,678 | ---- | C] () -- C:\Users\der nikolaus\Desktop\IMG_0171.JPG
[2013.02.15 13:35:08 | 002,979,153 | ---- | C] () -- C:\Users\der nikolaus\Desktop\IMG_0007.JPG
[2013.02.15 13:35:01 | 003,075,023 | ---- | C] () -- C:\Users\der nikolaus\Desktop\IMG_0149.JPG
[2013.02.07 17:42:40 | 000,280,935 | ---- | C] () -- C:\Users\der nikolaus\Desktop\Quack_Paper_AFK_Theorie_2008_04.pdf
[2013.02.07 16:55:06 | 000,041,993 | ---- | C] () -- C:\Users\der nikolaus\Desktop\Masterarbeitsthema-1.pdf
[2012.11.26 17:06:56 | 000,088,688 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll
[2011.07.09 08:13:31 | 000,000,028 | ---- | C] () -- C:\Windows\v2d.INI
[2010.09.18 09:25:03 | 000,000,000 | ---- | C] () -- C:\Users\der nikolaus\s-1-5-21-686742593-2601072095-3177035695-1001.rrr
[2010.09.16 11:48:24 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.03.17 21:51:47 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2009.01.23 19:19:18 | 000,219,136 | ---- | C] () -- C:\Users\der nikolaus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.01.23 19:19:18 | 000,008,268 | ---- | C] () -- C:\Users\der nikolaus\AppData\Local\d3d9caps.dat
[2009.01.23 19:19:04 | 002,359,296 | ---- | C] () -- C:\Users\der nikolaus\NTUSER.bak
 
========== ZeroAccess Check ==========
 
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013.02.19 21:42:47 | 000,000,000 | ---D | M] -- C:\Users\der nikolaus\AppData\Roaming\Babylon
[2012.04.14 08:49:02 | 000,000,000 | ---D | M] -- C:\Users\der nikolaus\AppData\Roaming\cacaoweb
[2011.03.04 12:14:56 | 000,000,000 | ---D | M] -- C:\Users\der nikolaus\AppData\Roaming\Canneverbe Limited
[2011.02.25 00:15:02 | 000,000,000 | ---D | M] -- C:\Users\der nikolaus\AppData\Roaming\FreeHideIP
[2013.02.22 10:40:29 | 000,000,000 | ---D | M] -- C:\Users\der nikolaus\AppData\Roaming\go
[2010.04.08 19:57:32 | 000,000,000 | ---D | M] -- C:\Users\der nikolaus\AppData\Roaming\GrabPro
[2011.03.19 14:53:11 | 000,000,000 | ---D | M] -- C:\Users\der nikolaus\AppData\Roaming\HandBrake
[2010.09.13 17:36:03 | 000,000,000 | ---D | M] -- C:\Users\der nikolaus\AppData\Roaming\ICQ
[2009.01.31 22:46:23 | 000,000,000 | ---D | M] -- C:\Users\der nikolaus\AppData\Roaming\InterVideo
[2009.07.12 22:12:06 | 000,000,000 | ---D | M] -- C:\Users\der nikolaus\AppData\Roaming\OpenOffice.org
[2011.02.05 08:26:59 | 000,000,000 | ---D | M] -- C:\Users\der nikolaus\AppData\Roaming\Orbit
[2011.02.03 16:25:19 | 000,000,000 | ---D | M] -- C:\Users\der nikolaus\AppData\Roaming\ProgSense
[2010.09.18 09:25:19 | 000,000,000 | ---D | M] -- C:\Users\der nikolaus\AppData\Roaming\Registry Mechanic
[2012.11.21 21:16:25 | 000,000,000 | ---D | M] -- C:\Users\der nikolaus\AppData\Roaming\SenselessTV
[2010.11.21 15:03:30 | 000,000,000 | ---D | M] -- C:\Users\der nikolaus\AppData\Roaming\TeamViewer
[2012.03.06 12:12:54 | 000,000,000 | ---D | M] -- C:\Users\der nikolaus\AppData\Roaming\Telefónica
[2012.03.06 12:12:53 | 000,000,000 | ---D | M] -- C:\Users\der nikolaus\AppData\Roaming\TGCMLog
[2009.12.31 12:30:50 | 000,000,000 | ---D | M] -- C:\Users\der nikolaus\AppData\Roaming\uTorrent
[2013.01.16 14:48:55 | 000,000,000 | ---D | M] -- C:\Users\der nikolaus\AppData\Roaming\WinFF
[2011.07.09 08:24:57 | 000,000,000 | ---D | M] -- C:\Users\der nikolaus\AppData\Roaming\Xilisoft
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2009.01.23 19:19:36 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2009.10.24 12:59:37 | 000,000,000 | ---D | M] -- C:\alterrechner
[2010.09.17 16:18:45 | 000,000,000 | ---D | M] -- C:\Big Fish Games
[2010.09.17 21:18:36 | 000,000,000 | -HSD | M] -- C:\Boot
[2008.08.25 11:19:32 | 000,000,000 | ---D | M] -- C:\Documentation
[2006.11.02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2007.11.26 15:18:22 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.02.03 16:27:04 | 000,000,000 | ---D | M] -- C:\downloads
[2010.09.16 11:39:46 | 000,000,000 | ---D | M] -- C:\ec66c74a8159ec4e8937b35590
[2008.08.25 11:01:23 | 000,000,000 | -H-D | M] -- C:\InstantON
[2011.07.25 14:22:19 | 000,000,000 | ---D | M] -- C:\movit
[2010.09.17 18:21:06 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2013.02.19 22:47:52 | 000,000,000 | R--D | M] -- C:\Program Files
[2013.02.21 21:17:31 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2007.11.26 15:18:22 | 000,000,000 | -HSD | M] -- C:\Programme
[2013.03.03 21:22:51 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2009.02.15 11:39:02 | 000,000,000 | R--D | M] -- C:\Users
[2011.07.09 08:14:04 | 000,000,000 | ---D | M] -- C:\v2d
[2009.09.18 20:18:56 | 000,000,000 | ---D | M] -- C:\VAIO Entertainment
[2013.01.24 17:43:38 | 000,000,000 | ---D | M] -- C:\vorüb
[2013.02.26 10:01:40 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2006.11.02 10:44:49 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2006.11.02 10:44:49 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2006.11.02 10:44:49 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2006.11.02 10:44:49 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2009.04.11 07:27:17 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
[2006.11.02 14:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006.11.02 14:01:49 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.01 11:56:37 | 000,001,094 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2009.07.01 11:56:38 | 000,001,098 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
 
< MD5 for: AGP440.SYS  >
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2009.01.24 15:18:54 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2009.01.24 15:18:54 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2009.01.24 15:18:53 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2009.01.24 15:18:30 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2009.01.24 15:18:29 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2009.01.24 15:18:29 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.01.25 21:20:45 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2009.01.25 21:20:44 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2009.01.24 15:18:30 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2007.11.26 15:54:04 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=63B4F59D7C89B1BF5277F1FFEFD491CD -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll
[2007.11.26 15:54:04 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=9D9F061EDA75425FC67F0365E3467C86 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll
[2008.01.19 08:36:46 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2006.11.02 10:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2006.11.02 09:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys
[2008.01.19 06:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.19 06:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\system32\*.dll /lockedfiles >
[2007.10.19 01:22:06 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
 
< %USERPROFILE%\*.* >
[2010.09.18 14:49:54 | 002,359,296 | ---- | M] () -- C:\Users\der nikolaus\NTUSER.bak
[2013.03.03 21:35:18 | 002,883,584 | ---- | M] () -- C:\Users\der nikolaus\NTUSER.DAT
[2013.03.03 21:35:18 | 000,262,144 | -H-- | M] () -- C:\Users\der nikolaus\ntuser.dat.LOG1
[2009.01.23 19:19:19 | 000,000,000 | -H-- | M] () -- C:\Users\der nikolaus\ntuser.dat.LOG2
[2013.02.20 22:42:34 | 000,065,536 | -HS- | M] () -- C:\Users\der nikolaus\NTUSER.DAT{147f33dd-b657-11e1-a2e5-001e3d3afc93}.TM.blf
[2013.02.20 22:42:34 | 000,524,288 | -HS- | M] () -- C:\Users\der nikolaus\NTUSER.DAT{147f33dd-b657-11e1-a2e5-001e3d3afc93}.TMContainer00000000000000000001.regtrans-ms
[2012.07.01 09:11:17 | 000,524,288 | -HS- | M] () -- C:\Users\der nikolaus\NTUSER.DAT{147f33dd-b657-11e1-a2e5-001e3d3afc93}.TMContainer00000000000000000002.regtrans-ms
[2010.09.17 21:28:48 | 000,065,536 | -HS- | M] () -- C:\Users\der nikolaus\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.09.17 21:28:48 | 000,524,288 | -HS- | M] () -- C:\Users\der nikolaus\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2009.01.23 20:06:02 | 000,524,288 | -HS- | M] () -- C:\Users\der nikolaus\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2012.06.14 14:58:18 | 000,065,536 | -HS- | M] () -- C:\Users\der nikolaus\NTUSER.DAT{5540a52b-a9b5-11e1-948f-001e3d3afc93}.TM.blf
[2012.06.14 14:58:17 | 000,524,288 | -HS- | M] () -- C:\Users\der nikolaus\NTUSER.DAT{5540a52b-a9b5-11e1-948f-001e3d3afc93}.TMContainer00000000000000000001.regtrans-ms
[2012.05.29 18:40:58 | 000,524,288 | -HS- | M] () -- C:\Users\der nikolaus\NTUSER.DAT{5540a52b-a9b5-11e1-948f-001e3d3afc93}.TMContainer00000000000000000002.regtrans-ms
[2012.05.27 21:37:08 | 000,065,536 | -HS- | M] () -- C:\Users\der nikolaus\NTUSER.DAT{a8d905c8-c2ff-11df-a424-001a807dbfc1}.TM.blf
[2012.05.27 21:37:08 | 000,524,288 | -HS- | M] () -- C:\Users\der nikolaus\NTUSER.DAT{a8d905c8-c2ff-11df-a424-001a807dbfc1}.TMContainer00000000000000000001.regtrans-ms
[2010.09.18 14:58:58 | 000,524,288 | -HS- | M] () -- C:\Users\der nikolaus\NTUSER.DAT{a8d905c8-c2ff-11df-a424-001a807dbfc1}.TMContainer00000000000000000002.regtrans-ms
[2010.09.18 14:49:54 | 000,065,536 | -HS- | M] () -- C:\Users\der nikolaus\NTUSER.DAT{b95595a9-c297-11df-8e59-001a807dbfc1}.TM.blf
[2010.09.18 14:49:54 | 000,524,288 | -HS- | M] () -- C:\Users\der nikolaus\NTUSER.DAT{b95595a9-c297-11df-8e59-001a807dbfc1}.TMContainer00000000000000000001.regtrans-ms
[2010.09.18 07:28:27 | 000,524,288 | -HS- | M] () -- C:\Users\der nikolaus\NTUSER.DAT{b95595a9-c297-11df-8e59-001a807dbfc1}.TMContainer00000000000000000002.regtrans-ms
[2007.11.26 15:19:58 | 000,000,020 | -HS- | M] () -- C:\Users\der nikolaus\ntuser.ini
[2010.09.18 13:03:31 | 000,262,144 | -H-- | M] () -- C:\Users\der nikolaus\NTUSER.tmp.LOG1
[2010.09.17 21:18:39 | 000,000,000 | -H-- | M] () -- C:\Users\der nikolaus\NTUSER.tmp.LOG2
[2010.09.18 09:25:03 | 000,000,000 | ---- | M] () -- C:\Users\der nikolaus\s-1-5-21-686742593-2601072095-3177035695-1001.rrr
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
 
<           >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >

Nikko Laus · 03.03.2013, 21:45

Code:

ATTFilter

OTL Extras logfile created on: 03.03.2013 21:20:41 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\der nikolaus\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19298)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,21 Gb Available Physical Memory | 60,33% Memory free
4,23 Gb Paging File | 3,01 Gb Available in Paging File | 71,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 145,34 Gb Total Space | 13,77 Gb Free Space | 9,47% Space Free | Partition Type: NTFS
Drive Q: | 78,12 Gb Total Space | 5,29 Gb Free Space | 6,78% Space Free | Partition Type: NTFS
 
Computer Name: ZAUBERKISTE2 | User Name: der nikolaus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- Q:\programme\vlc\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- Q:\programme\vlc\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "Q:\programme\winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "Q:\programme\winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "Q:\programme\winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"Q:\programme\orbit_downloader\Orbitdownloader\orbitdm.exe" = Q:\programme\orbit_downloader\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"Q:\programme\orbit_downloader\Orbitdownloader\orbitnet.exe" = Q:\programme\orbit_downloader\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{292FF26C-C926-4745-A5A4-81DF685890E5}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{35F48918-46EA-406D-9081-56F35A7F17C1}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{3876BCE0-91AF-4D10-9871-B0016FE3D21F}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{45A603E9-C36F-4827-981C-7D6CEC62D688}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{52A8E41D-EA7B-404F-B2D0-EAD30AA9916A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{5F42B86F-8080-4AA2-B9BD-B8605FCA7ADB}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{68DAF90F-CEF7-459C-A495-2D86F1674D66}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{6F8B8503-8EA4-490C-BBD4-B933E62BB2A8}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{820F9D13-3032-4E27-8625-A4DDDC17917F}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{A194C3E7-3AF8-48D8-A97E-1DBC8962599B}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{A35A12AE-3BC7-4B5B-8BC0-7A422D473944}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{A4BA5F10-4C6F-4A6F-A9A8-7B3C457CD814}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{AA73395F-514E-45B5-BB45-9777AA1317FF}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{AB51E1A4-5438-4360-A010-EF93E4627C57}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{CA18582B-CD65-4DD0-BE83-ED790D4687A2}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{DCA5C8CE-F90A-49F9-A0CF-4398ECEFA287}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{E3AC9C23-46AD-4676-9069-2CEE5529E400}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{F47C1577-8491-470F-AAE7-815BB417DEE0}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0501E84B-64B3-4570-9737-CF109A26DA36}" = protocol=17 | dir=in | app=q:\programme\teamviewer\version5\teamviewer.exe | 
"{06DAB27C-9B7D-4FF1-B5B6-55A3DEE5AF9D}" = protocol=17 | dir=in | app=q:\programme\videospin\programs\rm.exe | 
"{07BD41DE-5C18-4E98-B909-5884E4EDDE9D}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbstreamerclient.exe | 
"{0EA89BE2-8F12-4151-A779-BA242A807327}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{16FF902F-3EE6-4570-87F6-F5D69D61BD30}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1AD269FE-798E-4E92-887B-C52C20E6FBFC}" = protocol=6 | dir=in | app=q:\programme\utorrent\utorrent.exe | 
"{1E373E7E-4C25-48C4-BCDA-4A751C53B780}" = protocol=17 | dir=in | app=q:\programme\utorrent\utorrent.exe | 
"{20364E6F-168B-4281-932D-AB86F10A25EC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{21DDEE1E-D46D-406E-83CC-BD6B6430FC71}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{226ACB16-8F49-4F3F-811E-AEFA19D69D4A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{258E06B1-6A76-4C09-9677-32468FDC5826}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2DA49C53-E8C9-4FEF-9808-D1F0A026D59F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2EB5E738-72EC-4FAB-A7B9-C877C9656385}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe | 
"{3075FC7B-7D48-4652-BD1F-95BE2C3E52A1}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{30A4826B-4A93-4A53-9837-D17E97F77639}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe | 
"{32B95197-D42E-467B-A918-4B94DFB358EA}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{35A60D4D-F823-476F-8CA2-6185825BCFFC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{35C50D3D-987B-4384-94F1-E522B1782700}" = protocol=17 | dir=in | app=q:\programme\videospin\programs\umi.exe | 
"{39748EEE-46F7-4722-B485-A3FD9E35C136}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbir.exe | 
"{3B3465CE-CC52-4933-A914-EB3594FBF7FF}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3E770942-56F6-488C-84BF-29E3EA780BFF}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3F02FE6A-06DB-48D1-9BC5-10D14C8D8BAD}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{3F9B054A-EEB2-4578-ADFE-E4C2E46E0063}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{4AFE7AE9-58EC-4AC4-AEEF-D55F132EADAA}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{4BBFFE25-32E3-41DF-A2DE-2F862D06C214}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe | 
"{4CE5E5C6-B400-4EBE-B71A-FEFA6F2B2DE8}" = protocol=17 | dir=in | app=q:\programme\videospin\programs\videospin.exe | 
"{509DE338-FE47-4BE1-880E-CFB8E4ACB36D}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{51DC1F2A-F75A-49BC-9E15-3E1861D7A490}" = protocol=17 | dir=in | app=q:\programme\videospin\programs\umi.exe | 
"{5EAF97BE-A947-4248-AB8E-35052C38C162}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orb.exe | 
"{6440B6C9-C181-444F-82DD-7F2193102A4E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6866FEC6-A9BD-4CA7-B288-A5FED7CEB431}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{69FBFD31-A656-4F33-9055-BCE6395C4EB4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6A6DF78C-9189-4FEA-8FAF-4140BCB1C22E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{704D73BD-0334-4C97-ADC1-C3471F97293B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{71F82C6C-94D2-480C-BC64-4A86DBE8AD72}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{87EE2734-F9DF-41C8-A119-3606FB7A7CA1}" = dir=in | app=q:\programme\itunes\itunes.exe | 
"{88E0397F-407B-4A5E-8745-E7E04C101455}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{94509F98-52B7-4653-A887-3C47FF79C259}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{96CD2D74-565C-465E-9BE9-718E9571E49A}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbir.exe | 
"{97462BD4-0F92-4685-8B5C-7D6573C0D00D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9A1E5045-DA9F-4F22-9865-F22D5B963B1D}" = protocol=6 | dir=in | app=q:\programme\videospin\programs\umi.exe | 
"{9C629206-95A3-4634-8653-D40A89272731}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9C699E71-203C-4AC0-A5D0-8BF3CAE1CBD9}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9D5C7DDA-874F-407E-8538-F1899213C2A7}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{9DBD5634-BCB6-40E3-8D9C-F2926BC607FF}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{9FB885B8-6801-440B-92D4-CA907A576740}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A50A10DD-C4D4-4391-B619-643CCAAABE76}" = protocol=6 | dir=in | app=q:\programme\videospin\programs\videospin.exe | 
"{A7A9EADF-4C4B-4EA0-977C-30823CE0172A}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{A83ABB94-0F8E-4F03-B1A4-C5FDF3687AC3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{AD47FBF8-3E75-47CB-A4F0-E84A8408E8D7}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B87204B7-31E2-4848-A253-ABEFDF058F46}" = protocol=6 | dir=in | app=q:\programme\teamviewer\version5\teamviewer.exe | 
"{BE881FBE-1803-44D9-ABB0-7F1D0FA920CC}" = protocol=6 | dir=in | app=q:\programme\videospin\programs\rm.exe | 
"{C07039ED-A110-42A1-9578-5BD69057953F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C0BEA4F2-89E4-4425-AE97-0D6C441DF3BB}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C68F1635-996A-4EAB-8FB5-81A915748338}" = protocol=6 | dir=in | app=q:\programme\videospin\programs\rm.exe | 
"{D05B6DAB-DDAA-4070-ACBA-A5890235E6FA}" = protocol=17 | dir=in | app=q:\programme\teamviewer\version5\teamviewer_service.exe | 
"{D4D4CFD1-EA82-4E8E-8D5F-7D424D38DFD5}" = protocol=6 | dir=in | app=q:\programme\videospin\programs\videospin.exe | 
"{D69EF439-4BD0-4DA3-B3E7-63820923CDF4}" = protocol=17 | dir=in | app=q:\programme\videospin\programs\videospin.exe | 
"{D86418E8-6247-42BD-8899-BE93255B32E7}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D867FC93-8FD8-4952-94C2-1481433EC09C}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbstreamerclient.exe | 
"{DAE2373D-F9D4-49A2-978A-011D35D47800}" = protocol=6 | dir=in | app=q:\programme\teamviewer\version5\teamviewer_service.exe | 
"{DBA0B643-CB09-4363-BD57-1B687BCBAF73}" = protocol=6 | dir=in | app=q:\programme\videospin\programs\umi.exe | 
"{DC9E383B-3466-4D89-9726-8D0365F93BC6}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 
"{DEEEAB6A-D9B1-4004-BA5E-5D84F0C8A33D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E22799BB-B80C-4C00-A0C9-3334AE58AFEB}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E6DECB0B-7E80-4E6A-B0A7-888E884E0959}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{E7BD6A64-ACFA-4D4A-9EAA-A16A717BEC26}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orb.exe | 
"{EA05DC1E-1523-43BA-B776-5E0002330B12}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{F10F20AD-1940-4FC3-86D5-09BC1341A40E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F5926C60-97AA-4408-9FBD-B321B5FC8CE2}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{F697FE71-F55B-411B-971F-AB833F59095B}" = protocol=17 | dir=in | app=q:\programme\videospin\programs\rm.exe | 
"{F96566E9-570A-4A1D-91A0-F83C8305D5C3}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe | 
"{F9876312-F488-45B1-9571-9C98D85AA16D}" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"{FD9D5CD8-17F9-4209-B6D6-629E8EC4B072}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"TCP Query User{18ECBEA6-EFC7-4F72-842D-94884B66FC63}C:\users\der nikolaus\appdata\roaming\cacaoweb\cacaoweb.exe" = protocol=6 | dir=in | app=c:\users\der nikolaus\appdata\roaming\cacaoweb\cacaoweb.exe | 
"TCP Query User{1E2A14AF-F4AB-47EE-B0BC-5D7F00247360}C:\program files\orbit_download\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbit_download\orbitdownloader\orbitnet.exe | 
"TCP Query User{205E1061-EA27-489F-85E7-5AB990718603}Q:\programme\firefox\firefox.exe" = protocol=6 | dir=in | app=q:\programme\firefox\firefox.exe | 
"TCP Query User{432A11AC-3991-4FAE-851F-706D03DAFC18}Q:\programme\icq\icq6.5\icq.exe" = protocol=6 | dir=in | app=q:\programme\icq\icq6.5\icq.exe | 
"TCP Query User{5A83B59B-754B-4268-AE7F-AD073C2C95E1}Q:\programme\firefox\plugin-container.exe" = protocol=6 | dir=in | app=q:\programme\firefox\plugin-container.exe | 
"TCP Query User{5DBAFC7D-4046-4D93-BB9A-F95EE81F0819}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"TCP Query User{7157A9CF-266B-4444-9E86-AD9586783F1A}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{7FA453D2-5E01-40B7-82B2-A1F6225DE533}Q:\programme\sop\sopcast\sopcast.exe" = protocol=6 | dir=in | app=q:\programme\sop\sopcast\sopcast.exe | 
"TCP Query User{B08D2B15-D7A6-4724-9CDC-9149F3A12B3C}Q:\programme\sop\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=q:\programme\sop\sopcast\adv\sopadver.exe | 
"TCP Query User{B5937134-DAC8-405B-9DA0-CC1706D32520}Q:\programme\icq\icq6.5\icq.exe" = protocol=6 | dir=in | app=q:\programme\icq\icq6.5\icq.exe | 
"TCP Query User{DFCB586F-7EA6-44CB-ADAF-9DFB0C3E26D8}Q:\programme\tvu\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=q:\programme\tvu\tvuplayer\tvuplayer.exe | 
"TCP Query User{ECF7E95B-3640-4886-B614-D5DED5D647E1}Q:\programme\sop\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=q:\programme\sop\sopcast\adv\sopadver.exe | 
"TCP Query User{EDB473F8-4D42-40F4-AD4B-A9543ADDCBB0}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{EE0003F5-A964-4670-A5D7-2B44F7341708}Q:\programme\pl\zattoo\zattood.exe" = protocol=6 | dir=in | app=q:\programme\pl\zattoo\zattood.exe | 
"TCP Query User{F45C9913-E7B7-42D1-A054-794387C61D6E}Q:\programme\[no-steam] counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=q:\programme\[no-steam] counter-strike 1.6\hl.exe | 
"TCP Query User{F6938653-072D-473C-8469-390AC283EA21}Q:\programme\sop\sopcast\sopcast.exe" = protocol=6 | dir=in | app=q:\programme\sop\sopcast\sopcast.exe | 
"TCP Query User{F6A78217-327A-4A6C-B4AC-14E63747BE50}Q:\programme\firefox\firefox.exe" = protocol=6 | dir=in | app=q:\programme\firefox\firefox.exe | 
"TCP Query User{FE5B4134-7D88-4DCC-88C8-72AD6586DC88}Q:\programme\orbit_downloader\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=q:\programme\orbit_downloader\orbitdownloader\orbitnet.exe | 
"TCP Query User{FFB16BE3-7878-47CA-9061-C175E0CC4E2C}C:\program files\orbit_download\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbit_download\orbitdownloader\orbitnet.exe | 
"UDP Query User{082B5179-01C7-4A1F-B135-F11E2A21F994}Q:\programme\sop\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=q:\programme\sop\sopcast\adv\sopadver.exe | 
"UDP Query User{1EE25F72-678B-417E-9D88-D928B19F0FB3}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{301E34C7-CAFF-455C-98FB-9FDB0DE4E51D}C:\program files\orbit_download\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbit_download\orbitdownloader\orbitnet.exe | 
"UDP Query User{437E6304-6626-4437-BDB5-FA7D3E0A411E}Q:\programme\firefox\firefox.exe" = protocol=17 | dir=in | app=q:\programme\firefox\firefox.exe | 
"UDP Query User{52617B15-F3A5-4092-BC0B-5CB63CCBC5B7}C:\program files\orbit_download\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbit_download\orbitdownloader\orbitnet.exe | 
"UDP Query User{64EEC546-4985-4CFF-AFA3-747F110E7165}Q:\programme\firefox\plugin-container.exe" = protocol=17 | dir=in | app=q:\programme\firefox\plugin-container.exe | 
"UDP Query User{7843777B-CA3D-45AF-BD94-D6BADA8A6A33}Q:\programme\tvu\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=q:\programme\tvu\tvuplayer\tvuplayer.exe | 
"UDP Query User{86421689-1823-4BF5-B050-3422E1D913E1}Q:\programme\sop\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=q:\programme\sop\sopcast\adv\sopadver.exe | 
"UDP Query User{88FA6E87-C815-43F8-9E6A-DC29DA6F2D24}Q:\programme\sop\sopcast\sopcast.exe" = protocol=17 | dir=in | app=q:\programme\sop\sopcast\sopcast.exe | 
"UDP Query User{8DE4B3E7-E690-41F4-9534-CAA186C22CCE}Q:\programme\orbit_downloader\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=q:\programme\orbit_downloader\orbitdownloader\orbitnet.exe | 
"UDP Query User{969D8871-188C-4EE2-A61B-A412C3A18286}Q:\programme\pl\zattoo\zattood.exe" = protocol=17 | dir=in | app=q:\programme\pl\zattoo\zattood.exe | 
"UDP Query User{B859AC8B-2D3C-4127-962B-A29F5483ECDA}Q:\programme\icq\icq6.5\icq.exe" = protocol=17 | dir=in | app=q:\programme\icq\icq6.5\icq.exe | 
"UDP Query User{BA7B0B15-078F-4C04-A90C-3305913E12AC}Q:\programme\firefox\firefox.exe" = protocol=17 | dir=in | app=q:\programme\firefox\firefox.exe | 
"UDP Query User{CF6F1912-0FA2-4E36-B316-837A380D1401}Q:\programme\icq\icq6.5\icq.exe" = protocol=17 | dir=in | app=q:\programme\icq\icq6.5\icq.exe | 
"UDP Query User{D52098DA-2B28-4F17-9EF1-4E4D78403300}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{E2CE084F-1741-4276-A374-08E5C2088247}C:\users\der nikolaus\appdata\roaming\cacaoweb\cacaoweb.exe" = protocol=17 | dir=in | app=c:\users\der nikolaus\appdata\roaming\cacaoweb\cacaoweb.exe | 
"UDP Query User{E2DC018E-A12B-4F66-949C-96FF46FDB6B4}Q:\programme\sop\sopcast\sopcast.exe" = protocol=17 | dir=in | app=q:\programme\sop\sopcast\sopcast.exe | 
"UDP Query User{E4CEA514-AD37-4926-9186-4E20A1745880}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"UDP Query User{FBB41483-7DCB-45DF-A0FC-F89C18C30238}Q:\programme\[no-steam] counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=q:\programme\[no-steam] counter-strike 1.6\hl.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00E3E16A-EF37-6F18-2501-821AAB6903AB}" = ccc-core-static
"{017FDD1B-A971-4084-B652-584181002812}" = VAIO Content Metadata Intelligent Analyzing Manager
"{0299E902-A8ED-7748-4A47-8080C42436F2}" = Catalyst Control Center Core Implementation
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.1.0.2200
"{0474CEF2-37AE-441D-8FDE-A1EF7EAD01B9}" = Cisco AnyConnect VPN Client
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D8189EB-8824-AA13-6A45-8201E3353AC8}" = CCC Help German
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{14F47992-EF70-16D9-1DD6-8A240073CD82}" = ATI Catalyst Install Manager
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{165E861A-D87F-5BED-190E-8EBC4ECCE65E}" = Catalyst Control Center Graphics Light
"{17F8195F-91B9-35A7-E4B9-6E54C0B7B9B3}" = CCC Help Korean
"{1EDDE5D9-7455-3159-41BE-1BC8C76B8950}" = CCC Help Spanish
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{248BF282-92C4-4C53-09F4-454E81503277}" = Catalyst Control Center Localization Italian
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{28549656-3CB3-44B6-9FAB-925A18DAC796}" = VAIO Movie Story
"{28B52CF6-FC4D-38E7-2438-62EB527780FD}" = Catalyst Control Center Graphics Full Existing
"{29ADBAC3-97C3-1963-0F76-1687F73154D7}" = Catalyst Control Center Localization French
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{2E0993DB-99D1-3D3D-FDD8-757F7C44BB7F}" = CCC Help French
"{2E2F4CB9-70B3-B6BA-1241-BC53FE5BE5DA}" = Catalyst Control Center Localization Thai
"{31E6A959-22FA-51B9-4E5A-1E2D2C0C8F1E}" = CCC Help Hungarian
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{356181AD-C50C-394F-20D8-C6CB0A961589}" = Catalyst Control Center Localization Portuguese
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4203C377-8F5B-4B3C-9096-6FC7C2CB9BC5}" = VAIO Content Metadata XML Interface Library
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{46B9C26B-4370-C68D-1743-4F13AC12B4CD}" = CCC Help Turkish
"{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 3
"{495B3F8D-06AA-216A-6159-C9EABA6B7D8E}" = CCC Help Chinese Traditional
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A074D34-1F3D-B98F-CFF9-B2794DA33871}" = Catalyst Control Center Localization Danish
"{4A790D47-EBBF-659B-96BD-46AF5D69730B}" = Catalyst Control Center Localization Chinese Traditional
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{4FE475AA-C4CC-115A-1422-5DFB86FC806D}" = Catalyst Control Center Localization Hungarian
"{500162A0-4DD5-460A-BAFD-895AAE48C532}" = VAIO Media Content Collection 6.0
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack
"{5463642B-44B3-34D3-E64E-0ACAA949BB5A}" = CCC Help Finnish
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 6.0
"{568457D9-A55B-D9BC-13EC-14C84E69BD86}" = Catalyst Control Center Graphics Full New
"{56A6F256-5323-4617-3AE8-45B28B559E37}" = CCC Help English
"{57A3A36F-626E-8848-D9E0-41FCDC92FECA}" = CCC Help Portuguese
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 6.0
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{63A6E9A9-A190-46D4-9430-2DB28654AFD8}" = Norton 360
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{6788581C-ECDA-326B-EE71-F9BE4635355F}" = Catalyst Control Center Localization Korean
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69351E9E-23ED-41D5-B146-EDBF83C63B66}" = VAIO Content Metadata Manager Setting
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6CE464DB-CD52-F4F9-FB58-BC934702A499}" = CCC Help Japanese
"{6D2576EC-A0E9-418A-A09A-409933A3B6F4}" = VAIO Camera Capture Utility
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7193B0D6-65E4-6FB1-EB23-E9CE6D611BDC}" = CCC Help Czech
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 6.1
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7CB64BD2-0FB7-E037-6924-EA2B8BE44E7E}" = CCC Help Greek
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F6C2F96-3302-784E-BF0D-65D794E39BC2}" = Catalyst Control Center Localization Norwegian
"{802889F8-6AF5-45A5-9764-CA5B999E50FC}" = VAIO Power Management
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84EA9BEB-AFF7-06C6-60DF-608807EA7DF2}" = Catalyst Control Center Localization German
"{8550D6A8-0DBC-AC89-F12B-71167346845E}" = Catalyst Control Center Localization Dutch
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A2224A1-7C5F-170C-74B6-6EEF9F92FCC3}" = CCC Help Norwegian
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = 
"{96E425D4-2DB1-6B29-0944-7DC78E9EEF81}" = Catalyst Control Center Localization Finnish
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E332EEA-DCFC-424B-E499-0D35FFAD4D76}" = Catalyst Control Center Localization Greek
"{9F165569-C622-3F85-0F90-23CF9B0B7E50}" = Catalyst Control Center Localization Turkish
"{9FA8B5F5-4BDC-4CF4-9202-AA97FF79AE98}" = VAIO Media
"{A38F2A2D-F9AC-6303-A14D-DD2D77519627}" = Catalyst Control Center Localization Polish
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA346790-8BF2-4826-9E30-18E9BB547663}" = VAIO Content Metadata Manager Setting
"{ABF29EC7-47C1-4C63-8FE7-3824FD66F357}" = VAIO Content Metadata Intelligent Analyzing Manager
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.1 - Deutsch
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 6.0
"{B07FD2DE-87AB-976B-9E7E-9CD9598D1188}" = CCC Help Italian
"{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}" = Cisco Systems VPN Client 5.0.07.0290
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B5E2DF30-1061-4DB4-AF28-08996C8E5680}" = VAIO Content Metadata XML Interface Library
"{B74686F4-939E-9D89-2C09-3B0FCB3C2B37}" = Catalyst Control Center Localization Japanese
"{B7FB0C86-41A4-4402-9A33-912C462042A0}" = Roxio Easy Media Creator Home
"{B982D59B-B732-C911-51F3-CC962F906573}" = ccc-utility
"{BFCBC9EC-8ECC-2E8F-85DF-9D02C3B6E8AD}" = CCC Help Thai
"{C1141112-2968-FB36-0DF7-9D61AE6A0DCF}" = CCC Help Chinese Standard
"{C11B0B31-C101-4B56-8BA8-F5113022EF2B}" = VAIO Content Metadata Intelligent Analyzing Manager
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C9B56B00-7A33-378D-E64E-E044BE535A46}" = Catalyst Control Center Localization Chinese Standard
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D765F1CE-5AE5-4C47-B134-AE58AC474740}" = OpenOffice.org 3.1
"{D79FDDB3-D6DD-63CC-BA61-D5406F392979}" = Catalyst Control Center Localization Russian
"{DA3C6D93-6EB8-BF5C-2C14-2B1A08284DBD}" = Catalyst Control Center Graphics Previews Vista
"{DEFB9CA4-6242-B988-E263-CD102219F54F}" = Skins
"{DF02B276-8216-D2FC-1E3D-E6382F8F6D91}" = Catalyst Control Center Localization Swedish
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E40EE28E-1009-B9B3-1E6B-635E878EAFF4}" = CCC Help Danish
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E626EA97-DC4B-B9C2-5120-F826D00623D5}" = Catalyst Control Center Localization Spanish
"{E6707034-D7A4-49B1-94D0-F5AACE46F06C}" = Instant Mode
"{E89D31F3-7F6C-47A3-8669-0A8DDE27B664}" = VAIO Media Registration Tool
"{E8EF1266-1D1F-C2FB-1E98-2FB9E71B3C7C}" = Catalyst Control Center Graphics Previews Common
"{ED1273B9-C028-C97D-BBF4-B667AD1644AE}" = CCC Help Dutch
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FD0F66-34CF-4555-8B13-BCFC96F3864C}" = Branding
"{F2D89AED-46DA-3DAF-CE35-BEA81D3CCE4B}" = CCC Help Polish
"{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}" = Pinnacle TVCenter Pro
"{F536B64C-FA0C-AAEE-AE89-E15B12E7C659}" = CCC Help Swedish
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" = 
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F76F1E24-BFF9-9754-FDB4-595A7DFF8651}" = CCC Help Russian
"{F8ECA4D4-3CB6-3B1C-A20A-884D5744C0FF}" = Catalyst Control Center Localization Czech
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"552F499C400E44850820F2525C7611BF677CAB6E" = Windows-Treiberpaket - Sony Ericsson Mobile Communications (ggsemc) USB  (02/22/2011 2.2.0.5)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"CutePDF Writer Installation" = CutePDF Writer 3.0
"DivX Setup" = DivX-Setup
"dt icon module" = 
"Free Video Dub_is1" = Free Video Dub version 1.8.12.602
"gtfirstboot Setting Request" = 
"HandBrake" = HandBrake 0.9.5
"HijackThis" = HijackThis 2.0.2
"HUAWEI DataCard Driver" = HUAWEI DataCard Driver 4.20.12.00
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"MarketingTools" = Vaio Marketing Tools
"MFU Module" = 
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 18.0 (x86 de)" = Mozilla Firefox 18.0 (x86 de)
"Mozilla Sunbird (0.9)" = Mozilla Sunbird (0.9)
"o2DE" = Mobile Connection Manager
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-15-19-01
"Orbit_is1" = Orbit Downloader
"PDFTK Builder_is1" = PDFTK Builder 3.5.3
"RocketDock_is1" = RocketDock 1.3.5
"Senseless.TV Video Plugin" = Senseless.TV Video Plugin 1.0
"SopCast" = SopCast 3.5.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 5" = TeamViewer 5
"Total Video2Dvd 3.30_is1" = Total Video2Dvd 3.30
"TVUPlayer" = TVUPlayer 2.5.2.2
"uTorrent" = µTorrent
"VAIO Help and Support" = 
"VAIO_My Club VAIO" = My Club VAIO
"VAIO_Photoshop" = 
"VAIO_Standard" = 
"Veetle TV" = Veetle TV 0.9.18
"VLC media player" = VLC media player 0.9.8a
"Winamp" = Winamp
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Xilisoft Video Converter Ultimate 6" = Xilisoft Video Converter Ultimate 6
"YTdetect" = Yahoo! Detect
"Zattoo" = Zattoo 3.3.4 Beta
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = GameXN GO
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 25.07.2011 17:41:21 | Computer Name = ZAUBERKISTE2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9485
 
Error - 25.07.2011 17:42:21 | Computer Name = ZAUBERKISTE2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 25.07.2011 17:42:21 | Computer Name = ZAUBERKISTE2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 69436
 
Error - 25.07.2011 17:42:21 | Computer Name = ZAUBERKISTE2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 69436
 
Error - 25.07.2011 17:42:22 | Computer Name = ZAUBERKISTE2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 25.07.2011 17:42:22 | Computer Name = ZAUBERKISTE2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 70778
 
Error - 25.07.2011 17:42:22 | Computer Name = ZAUBERKISTE2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 70778
 
Error - 25.07.2011 17:42:23 | Computer Name = ZAUBERKISTE2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 25.07.2011 17:42:23 | Computer Name = ZAUBERKISTE2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 71948
 
Error - 25.07.2011 17:42:23 | Computer Name = ZAUBERKISTE2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 71948
 
[ Cisco AnyConnect VPN Client Events ]
Error - 01.03.2013 07:23:31 | Computer Name = zauberkiste2 | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::internalCallbackHandler File: .\MainThread.cpp
Line:
 5065 Invoked Function: CMainThread::noticeHandler Return Code: -33095647 (0xFE070021)
Description:
 ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 01.03.2013 07:23:31 | Computer Name = zauberkiste2 | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::callbackHandler File: .\MainThread.cpp Line: 
4991 Invoked Function: internalCallbackHandler Return Code: -33095647 (0xFE070021)
Description:
 ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 01.03.2013 07:23:46 | Computer Name = zauberkiste2 | Source = vpnagent | ID = 67108866
Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp
Line:
 2460 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647 
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 01.03.2013 07:23:46 | Computer Name = zauberkiste2 | Source = vpnagent | ID = 67108866
Description = Function: CRouteMgr::UpdatePublicAddress File: .\RouteMgr.cpp Line: 
2188 Invoked Function: CChangeRouteTable::FindBestRouteInterface Return Code: -33095647
 (0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 01.03.2013 07:23:46 | Computer Name = zauberkiste2 | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::applyHostConfigForNoVpn File: .\MainThread.cpp
Line:
 7566 Invoked Function: CHostConfigMgr::DeterminePublicInterface Return Code: -33095647
 (0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 01.03.2013 07:23:46 | Computer Name = zauberkiste2 | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::genericNoticeHandler File: .\MainThread.cpp Line:
 5601 Invoked Function: CMainThread::applyHostConfigForNoVpn Return Code: -33095647
 (0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 01.03.2013 07:23:46 | Computer Name = zauberkiste2 | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::processNotice File: .\MainThread.cpp Line: 5341
Invoked
 Function: CMainThread::genericNoticeHandler Return Code: -33095647 (0xFE070021) Description:
 ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 01.03.2013 07:23:46 | Computer Name = zauberkiste2 | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::noticeHandler File: .\MainThread.cpp Line: 5303
Invoked
 Function: CMainThread::processNotice Return Code: -33095647 (0xFE070021) Description:
 ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 01.03.2013 07:23:46 | Computer Name = zauberkiste2 | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::internalCallbackHandler File: .\MainThread.cpp
Line:
 5065 Invoked Function: CMainThread::noticeHandler Return Code: -33095647 (0xFE070021)
Description:
 ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 01.03.2013 07:23:46 | Computer Name = zauberkiste2 | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::callbackHandler File: .\MainThread.cpp Line: 
4991 Invoked Function: internalCallbackHandler Return Code: -33095647 (0xFE070021)
Description:
 ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
[ System Events ]
Error - 20.02.2013 06:10:34 | Computer Name = zauberkiste2 | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 20.02.2013 17:41:59 | Computer Name = zauberkiste2 | Source = DCOM | ID = 10010
Description = 
 
Error - 21.02.2013 16:19:19 | Computer Name = zauberkiste2 | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 22.02.2013 07:01:22 | Computer Name = zauberkiste2 | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
 \Device\NetBT_Tcpip_{4BB12A21-C32B-49C7-B1CF-F770510B5135} vom Serverdienst nicht
 gebunden werden. Der Serverdienst konnte nicht gestartet werden.
 
Error - 26.02.2013 05:58:56 | Computer Name = zauberkiste2 | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
 \Device\NetBT_Tcpip_{4BB12A21-C32B-49C7-B1CF-F770510B5135} vom Serverdienst nicht
 gebunden werden. Der Serverdienst konnte nicht gestartet werden.
 
Error - 26.02.2013 06:18:11 | Computer Name = zauberkiste2 | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
 \Device\NetBT_Tcpip_{4BB12A21-C32B-49C7-B1CF-F770510B5135} vom Serverdienst nicht
 gebunden werden. Der Serverdienst konnte nicht gestartet werden.
 
Error - 26.02.2013 06:45:32 | Computer Name = zauberkiste2 | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
 \Device\NetBT_Tcpip_{4BB12A21-C32B-49C7-B1CF-F770510B5135} vom Serverdienst nicht
 gebunden werden. Der Serverdienst konnte nicht gestartet werden.
 
Error - 26.02.2013 07:58:06 | Computer Name = zauberkiste2 | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
 \Device\NetBT_Tcpip_{4BB12A21-C32B-49C7-B1CF-F770510B5135} vom Serverdienst nicht
 gebunden werden. Der Serverdienst konnte nicht gestartet werden.
 
Error - 26.02.2013 09:35:40 | Computer Name = zauberkiste2 | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
 \Device\NetBT_Tcpip_{4BB12A21-C32B-49C7-B1CF-F770510B5135} vom Serverdienst nicht
 gebunden werden. Der Serverdienst konnte nicht gestartet werden.
 
Error - 26.02.2013 09:55:58 | Computer Name = zauberkiste2 | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
 \Device\NetBT_Tcpip_{4BB12A21-C32B-49C7-B1CF-F770510B5135} vom Serverdienst nicht
 gebunden werden. Der Serverdienst konnte nicht gestartet werden.
 
 
< End of report >

markusg · 04.03.2013, 20:19

Hi,

otl fix

Fixen mit OTL

Starte bitte die OTL.exe.
Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:

ATTFilter

:OTL
O20 - AppInit_DLLs: (c:\progra~2\browse~1\261095~1.52\{c16c1~1\browse~1.dll) -  File not found
O33 - MountPoints2\{31b8e568-9aed-11de-a741-001e3d3afc93}\Shell\explore\command - "" = G:\.////OPOP/\\\\severina.exe
O33 - MountPoints2\{31b8e568-9aed-11de-a741-001e3d3afc93}\Shell\open\command - "" = G:\OPOP/////\\\\severina.exe
O33 - MountPoints2\{66669fa9-7820-11e2-88e8-001e101f0781}\Shell - "" = AutoRun
O33 - MountPoints2\{66669fa9-7820-11e2-88e8-001e101f0781}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{66669fb2-7820-11e2-88e8-001e101fcbf4}\Shell - "" = AutoRun
O33 - MountPoints2\{66669fb2-7820-11e2-88e8-001e101fcbf4}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{ac89c9d3-6619-11e1-b8ce-001a807dbfc1}\Shell - "" = AutoRun
O33 - MountPoints2\{ac89c9d3-6619-11e1-b8ce-001a807dbfc1}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{ac89c9de-6619-11e1-b8ce-001e101f305e}\Shell - "" = AutoRun
O33 - MountPoints2\{ac89c9de-6619-11e1-b8ce-001e101f305e}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{d9e8c3d1-61cc-11df-8453-001e3d3afc93}\Shell\AutoRun\command - "" = G:\RECYCLER\recycld.exe e
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
:files
:Commands
[emptytemp]

Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
Schließe bitte nun alle Programme.
Klicke nun bitte auf den Fix Button.
OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
Kopiere nun den Inhalt hier in Deinen Thread

Nikko Laus · 04.03.2013, 21:42

Code:

ATTFilter

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~2\browse~1\261095~1.52\{c16c1~1\browse~1.dll deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{31b8e568-9aed-11de-a741-001e3d3afc93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31b8e568-9aed-11de-a741-001e3d3afc93}\ not found.
File G:\.////OPOP/\\\\severina.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{31b8e568-9aed-11de-a741-001e3d3afc93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31b8e568-9aed-11de-a741-001e3d3afc93}\ not found.
File G:\OPOP/////\\\\severina.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{66669fa9-7820-11e2-88e8-001e101f0781}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66669fa9-7820-11e2-88e8-001e101f0781}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{66669fa9-7820-11e2-88e8-001e101f0781}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66669fa9-7820-11e2-88e8-001e101f0781}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{66669fb2-7820-11e2-88e8-001e101fcbf4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66669fb2-7820-11e2-88e8-001e101fcbf4}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{66669fb2-7820-11e2-88e8-001e101fcbf4}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66669fb2-7820-11e2-88e8-001e101fcbf4}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ac89c9d3-6619-11e1-b8ce-001a807dbfc1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ac89c9d3-6619-11e1-b8ce-001a807dbfc1}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ac89c9d3-6619-11e1-b8ce-001a807dbfc1}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ac89c9d3-6619-11e1-b8ce-001a807dbfc1}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ac89c9de-6619-11e1-b8ce-001e101f305e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ac89c9de-6619-11e1-b8ce-001e101f305e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ac89c9de-6619-11e1-b8ce-001e101f305e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ac89c9de-6619-11e1-b8ce-001e101f305e}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d9e8c3d1-61cc-11df-8453-001e3d3afc93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d9e8c3d1-61cc-11df-8453-001e3d3afc93}\ not found.
File G:\RECYCLER\recycld.exe e not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ not found.
File G:\AutoRun.exe not found.
========== FILES ==========
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
 
User: All Users
 
User: Default
->Temp folder emptied: 16384 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 157 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: der nikolaus
->Temp folder emptied: 46427 bytes
->Temporary Internet Files folder emptied: 311698 bytes
->Java cache emptied: 743432652 bytes
->FireFox cache emptied: 67408912 bytes
->Flash cache emptied: 9896 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1547142 bytes
%systemroot%\System32 .tmp files removed: 3522560 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 45538 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 779,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 03042013_213434

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

markusg · 04.03.2013, 22:08

Hi,
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Nikko Laus · 04.03.2013, 22:22

Code:

ATTFilter

22:16:00.0446 2860  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:16:00.0696 2860  ============================================================
22:16:00.0696 2860  Current date / time: 2013/03/04 22:16:00.0696
22:16:00.0696 2860  SystemInfo:
22:16:00.0696 2860  
22:16:00.0696 2860  OS Version: 6.0.6002 ServicePack: 2.0
22:16:00.0696 2860  Product type: Workstation
22:16:00.0696 2860  ComputerName: ZAUBERKISTE2
22:16:00.0696 2860  UserName: der nikolaus
22:16:00.0696 2860  Windows directory: C:\Windows
22:16:00.0696 2860  System windows directory: C:\Windows
22:16:00.0696 2860  Processor architecture: Intel x86
22:16:00.0696 2860  Number of processors: 2
22:16:00.0696 2860  Page size: 0x1000
22:16:00.0696 2860  Boot type: Normal boot
22:16:00.0696 2860  ============================================================
22:16:02.0833 2860  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:16:02.0833 2860  ============================================================
22:16:02.0833 2860  \Device\Harddisk0\DR0:
22:16:02.0833 2860  MBR partitions:
22:16:02.0833 2860  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x12D5000, BlocksNum 0x122B0170
22:16:02.0833 2860  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x13585800, BlocksNum 0x9C3F800
22:16:02.0833 2860  ============================================================
22:16:02.0864 2860  C: <-> \Device\Harddisk0\DR0\Partition1
22:16:03.0020 2860  Q: <-> \Device\Harddisk0\DR0\Partition2
22:16:03.0020 2860  ============================================================
22:16:03.0020 2860  Initialize success
22:16:03.0020 2860  ============================================================
22:16:34.0064 3296  ============================================================
22:16:34.0064 3296  Scan started
22:16:34.0064 3296  Mode: Manual; SigCheck; TDLFS; 
22:16:34.0064 3296  ============================================================
22:16:34.0517 3296  ================ Scan system memory ========================
22:16:34.0517 3296  System memory - ok
22:16:34.0517 3296  ================ Scan services =============================
22:16:34.0719 3296  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
22:16:34.0860 3296  ACPI - ok
22:16:34.0953 3296  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
22:16:34.0985 3296  adp94xx - ok
22:16:35.0000 3296  [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci         C:\Windows\system32\drivers\adpahci.sys
22:16:35.0016 3296  adpahci - ok
22:16:35.0047 3296  [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
22:16:35.0063 3296  adpu160m - ok
22:16:35.0078 3296  [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320         C:\Windows\system32\drivers\adpu320.sys
22:16:35.0094 3296  adpu320 - ok
22:16:35.0109 3296  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:16:35.0187 3296  AeLookupSvc - ok
22:16:35.0234 3296  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
22:16:35.0265 3296  AFD - ok
22:16:35.0297 3296  [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440          C:\Windows\system32\drivers\agp440.sys
22:16:35.0312 3296  agp440 - ok
22:16:35.0328 3296  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
22:16:35.0328 3296  aic78xx - ok
22:16:35.0390 3296  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
22:16:35.0499 3296  ALG - ok
22:16:35.0546 3296  [ 90395B64600EBB4552E26E178C94B2E4 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:16:35.0546 3296  aliide - ok
22:16:35.0562 3296  [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
22:16:35.0577 3296  amdagp - ok
22:16:35.0593 3296  [ 0577DF1D323FE75A739C787893D300EA ] amdide          C:\Windows\system32\drivers\amdide.sys
22:16:35.0593 3296  amdide - ok
22:16:35.0609 3296  [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
22:16:35.0780 3296  AmdK7 - ok
22:16:35.0811 3296  [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
22:16:35.0843 3296  AmdK8 - ok
22:16:35.0889 3296  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
22:16:35.0921 3296  Appinfo - ok
22:16:36.0045 3296  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:16:36.0061 3296  Apple Mobile Device - ok
22:16:36.0077 3296  [ 5F673180268BB1FDB69C99B6619FE379 ] arc             C:\Windows\system32\drivers\arc.sys
22:16:36.0092 3296  arc - ok
22:16:36.0092 3296  [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
22:16:36.0108 3296  arcsas - ok
22:16:36.0155 3296  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:16:36.0201 3296  AsyncMac - ok
22:16:36.0217 3296  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys
22:16:36.0233 3296  atapi - ok
22:16:36.0295 3296  [ D5ABEB24A3A3138B35F88931FB04E100 ] athr            C:\Windows\system32\DRIVERS\athr.sys
22:16:36.0404 3296  athr - ok
22:16:36.0482 3296  [ 983F6E0FEBE34A887633581B948D0ED6 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
22:16:36.0545 3296  Ati External Event Utility - ok
22:16:36.0654 3296  [ 932481DB5F321E7BD56D3D7BAA1FB3C3 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
22:16:36.0888 3296  atikmdag - ok
22:16:36.0935 3296  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:16:36.0966 3296  AudioEndpointBuilder - ok
22:16:36.0966 3296  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
22:16:36.0997 3296  Audiosrv - ok
22:16:37.0044 3296  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:16:37.0075 3296  Beep - ok
22:16:37.0122 3296  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
22:16:37.0137 3296  BFE - ok
22:16:37.0231 3296  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
22:16:37.0293 3296  BITS - ok
22:16:37.0309 3296  blbdrive - ok
22:16:37.0403 3296  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:16:37.0418 3296  Bonjour Service - ok
22:16:37.0465 3296  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:16:37.0512 3296  bowser - ok
22:16:37.0527 3296  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
22:16:37.0559 3296  BrFiltLo - ok
22:16:37.0574 3296  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
22:16:37.0590 3296  BrFiltUp - ok
22:16:37.0637 3296  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
22:16:37.0668 3296  Browser - ok
22:16:37.0683 3296  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
22:16:37.0746 3296  Brserid - ok
22:16:37.0761 3296  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
22:16:37.0824 3296  BrSerWdm - ok
22:16:37.0824 3296  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
22:16:37.0886 3296  BrUsbMdm - ok
22:16:37.0902 3296  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
22:16:37.0949 3296  BrUsbSer - ok
22:16:37.0964 3296  [ 6D39C954799B63BA866910234CF7D726 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
22:16:38.0027 3296  BthEnum - ok
22:16:38.0042 3296  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
22:16:38.0089 3296  BTHMODEM - ok
22:16:38.0120 3296  [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
22:16:38.0151 3296  BthPan - ok
22:16:38.0198 3296  [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
22:16:38.0245 3296  BTHPORT - ok
22:16:38.0292 3296  [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ         C:\Windows\System32\bthserv.dll
22:16:38.0323 3296  BthServ - ok
22:16:38.0370 3296  [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
22:16:38.0385 3296  BTHUSB - ok
22:16:38.0417 3296  [ 7F256D9FFF384FAA40DF5DB1CB8531D9 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
22:16:38.0432 3296  btwaudio - ok
22:16:38.0448 3296  [ D87D990131AAABB27D4046790292366D ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
22:16:38.0463 3296  btwavdt - ok
22:16:38.0495 3296  [ D02F4D18AA4A38F781BEEFEB1892E144 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
22:16:38.0495 3296  btwl2cap - ok
22:16:38.0510 3296  [ E1771C0FB49E747AB2B2D29DA50510F9 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
22:16:38.0526 3296  btwrchid - ok
22:16:38.0573 3296  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:16:38.0588 3296  cdfs - ok
22:16:38.0651 3296  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:16:38.0713 3296  cdrom - ok
22:16:38.0760 3296  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
22:16:38.0791 3296  CertPropSvc - ok
22:16:38.0807 3296  [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass        C:\Windows\system32\drivers\circlass.sys
22:16:38.0853 3296  circlass - ok
22:16:38.0900 3296  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
22:16:38.0916 3296  CLFS - ok
22:16:38.0994 3296  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:16:39.0009 3296  clr_optimization_v2.0.50727_32 - ok
22:16:39.0087 3296  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:16:39.0103 3296  clr_optimization_v4.0.30319_32 - ok
22:16:39.0119 3296  CLTNetCnService - ok
22:16:39.0150 3296  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:16:39.0181 3296  CmBatt - ok
22:16:39.0197 3296  [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:16:39.0212 3296  cmdide - ok
22:16:39.0212 3296  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:16:39.0228 3296  Compbatt - ok
22:16:39.0228 3296  COMSysApp - ok
22:16:39.0259 3296  [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
22:16:39.0259 3296  crcdisk - ok
22:16:39.0275 3296  [ 22A7F883508176489F559EE745B5BF5D ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
22:16:39.0321 3296  Crusoe - ok
22:16:39.0368 3296  [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:16:39.0384 3296  CryptSvc - ok
22:16:39.0415 3296  [ B5ECADF7708960F1818C7FA015F4C239 ] CVirtA          C:\Windows\system32\DRIVERS\CVirtA.sys
22:16:39.0446 3296  CVirtA - ok
22:16:39.0618 3296  [ 66257CB4E4FB69887CDDC71663741435 ] CVPND           Q:\programme\vpn_uniHH\cvpnd.exe
22:16:40.0070 3296  CVPND - ok
22:16:40.0117 3296  [ 18994842386FD3039279D7865740ABBD ] CVPNDRVA        C:\Windows\system32\Drivers\CVPNDRVA.sys
22:16:40.0133 3296  CVPNDRVA ( UnsignedFile.Multi.Generic ) - warning
22:16:40.0133 3296  CVPNDRVA - detected UnsignedFile.Multi.Generic (1)
22:16:40.0179 3296  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:16:40.0211 3296  DcomLaunch - ok
22:16:40.0257 3296  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:16:40.0289 3296  DfsC - ok
22:16:40.0398 3296  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
22:16:40.0538 3296  DFSR - ok
22:16:40.0601 3296  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
22:16:40.0616 3296  Dhcp - ok
22:16:40.0647 3296  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
22:16:40.0663 3296  disk - ok
22:16:40.0694 3296  [ F206E28ED74C491FD5D7C0A1119CE37F ] DMICall         C:\Windows\system32\DRIVERS\DMICall.sys
22:16:40.0694 3296  DMICall - ok
22:16:40.0725 3296  [ B5AA5AA5AC327BD7C1AEC0C58F0C1144 ] DNE             C:\Windows\system32\DRIVERS\dne2000.sys
22:16:40.0725 3296  DNE - ok
22:16:40.0772 3296  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:16:40.0803 3296  Dnscache - ok
22:16:40.0850 3296  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:16:40.0866 3296  dot3svc - ok
22:16:40.0913 3296  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
22:16:40.0944 3296  DPS - ok
22:16:40.0959 3296  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:16:40.0991 3296  drmkaud - ok
22:16:41.0053 3296  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:16:41.0084 3296  DXGKrnl - ok
22:16:41.0115 3296  [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
22:16:41.0162 3296  E1G60 - ok
22:16:41.0225 3296  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
22:16:41.0256 3296  EapHost - ok
22:16:41.0287 3296  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
22:16:41.0287 3296  Ecache - ok
22:16:41.0381 3296  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:16:41.0412 3296  ehRecvr - ok
22:16:41.0459 3296  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
22:16:41.0474 3296  ehSched - ok
22:16:41.0490 3296  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
22:16:41.0505 3296  ehstart - ok
22:16:41.0537 3296  [ E8F3F21A71720C84BCF423B80028359F ] elxstor         C:\Windows\system32\drivers\elxstor.sys
22:16:41.0552 3296  elxstor - ok
22:16:41.0615 3296  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
22:16:41.0646 3296  EMDMgmt - ok
22:16:41.0739 3296  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
22:16:41.0786 3296  EventSystem - ok
22:16:41.0817 3296  [ E1556AF3FB0284C32896B9AC8494D9C2 ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys
22:16:41.0880 3296  ewusbnet - ok
22:16:41.0927 3296  [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev     C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
22:16:41.0989 3296  ew_hwusbdev - ok
22:16:42.0005 3296  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
22:16:42.0036 3296  exfat - ok
22:16:42.0067 3296  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:16:42.0083 3296  fastfat - ok
22:16:42.0129 3296  [ 63BDADA84951B9C03E641800E176898A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
22:16:42.0176 3296  fdc - ok
22:16:42.0223 3296  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
22:16:42.0239 3296  fdPHost - ok
22:16:42.0270 3296  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:16:42.0301 3296  FDResPub - ok
22:16:42.0348 3296  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:16:42.0348 3296  FileInfo - ok
22:16:42.0410 3296  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:16:42.0426 3296  Filetrace - ok
22:16:42.0441 3296  [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
22:16:42.0473 3296  flpydisk - ok
22:16:42.0519 3296  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:16:42.0535 3296  FltMgr - ok
22:16:42.0597 3296  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
22:16:42.0644 3296  FontCache - ok
22:16:42.0738 3296  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:16:42.0753 3296  FontCache3.0.0.0 - ok
22:16:42.0785 3296  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:16:42.0847 3296  Fs_Rec - ok
22:16:42.0863 3296  [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
22:16:42.0878 3296  gagp30kx - ok
22:16:42.0909 3296  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\Drivers\GEARAspiWDM.sys
22:16:42.0925 3296  GEARAspiWDM - ok
22:16:42.0972 3296  [ 007AEA2E06E7CEF7372E40C277163959 ] ggflt           C:\Windows\system32\DRIVERS\ggflt.sys
22:16:42.0987 3296  ggflt - ok
22:16:43.0003 3296  [ C73DE35960CA75C5AB4AE636B127C64E ] ggsemc          C:\Windows\system32\DRIVERS\ggsemc.sys
22:16:43.0019 3296  ggsemc - ok
22:16:43.0081 3296  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:16:43.0112 3296  gpsvc - ok
22:16:43.0175 3296  [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9c45530e1d252 C:\Program Files\Google\Update\GoogleUpdate.exe
22:16:43.0190 3296  gupdate1c9c45530e1d252 - ok
22:16:43.0190 3296  [ 626A24ED1228580B9518C01930936DF9 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
22:16:43.0206 3296  gupdatem - ok
22:16:43.0237 3296  [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:16:43.0253 3296  HdAudAddService - ok
22:16:43.0284 3296  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
22:16:43.0331 3296  HDAudBus - ok
22:16:43.0377 3296  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
22:16:43.0409 3296  HidBth - ok
22:16:43.0440 3296  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
22:16:43.0487 3296  HidIr - ok
22:16:43.0518 3296  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
22:16:43.0533 3296  hidserv - ok
22:16:43.0580 3296  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:16:43.0596 3296  HidUsb - ok
22:16:43.0643 3296  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:16:43.0689 3296  hkmsvc - ok
22:16:43.0736 3296  [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
22:16:43.0736 3296  HpCISSs - ok
22:16:43.0767 3296  [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL        C:\Windows\system32\DRIVERS\VSTAZL3.SYS
22:16:43.0799 3296  HSFHWAZL - ok
22:16:43.0845 3296  [ 7BC42C65B5C6281777C1A7605B253BA8 ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys
22:16:43.0939 3296  HSF_DPV - ok
22:16:44.0001 3296  [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E ] HSXHWAZL        C:\Windows\system32\DRIVERS\HSXHWAZL.sys
22:16:44.0033 3296  HSXHWAZL - ok
22:16:44.0064 3296  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:16:44.0142 3296  HTTP - ok
22:16:44.0189 3296  [ BED3A9F86A637CC6C2C5296CD82423D8 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
22:16:44.0204 3296  huawei_enumerator - ok
22:16:44.0267 3296  [ A89423D0132C8AB69BA621B6CE191714 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
22:16:44.0313 3296  hwdatacard - ok
22:16:44.0376 3296  [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
22:16:44.0391 3296  i2omp - ok
22:16:44.0423 3296  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
22:16:44.0454 3296  i8042prt - ok
22:16:44.0469 3296  [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
22:16:44.0485 3296  iaStorV - ok
22:16:44.0516 3296  [ DAF66902F08796F9C694901660E5A64A ] IDriverT        c:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
22:16:44.0516 3296  IDriverT ( UnsignedFile.Multi.Generic ) - warning
22:16:44.0516 3296  IDriverT - detected UnsignedFile.Multi.Generic (1)
22:16:44.0594 3296  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:16:44.0641 3296  idsvc - ok
22:16:44.0688 3296  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
22:16:44.0688 3296  iirsp - ok
22:16:44.0766 3296  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
22:16:44.0797 3296  IKEEXT - ok
22:16:44.0844 3296  [ 2BD6633DB50A98534AA3262E0F9F5A14 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
22:16:45.0156 3296  IntcAzAudAddService - ok
22:16:45.0203 3296  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:16:45.0234 3296  intelide - ok
22:16:45.0249 3296  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:16:45.0281 3296  intelppm - ok
22:16:45.0343 3296  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:16:45.0359 3296  IPBusEnum - ok
22:16:45.0405 3296  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:16:45.0421 3296  IpFilterDriver - ok
22:16:45.0452 3296  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:16:45.0483 3296  iphlpsvc - ok
22:16:45.0499 3296  IpInIp - ok
22:16:45.0530 3296  [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
22:16:45.0561 3296  IPMIDRV - ok
22:16:45.0624 3296  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
22:16:45.0639 3296  IPNAT - ok
22:16:45.0702 3296  [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
22:16:45.0749 3296  iPod Service - ok
22:16:45.0795 3296  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:16:45.0811 3296  IRENUM - ok
22:16:45.0858 3296  [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:16:45.0858 3296  isapnp - ok
22:16:45.0920 3296  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
22:16:45.0920 3296  iScsiPrt - ok
22:16:45.0951 3296  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
22:16:45.0951 3296  iteatapi - ok
22:16:45.0967 3296  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
22:16:45.0983 3296  iteraid - ok
22:16:46.0014 3296  [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr       C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
22:16:46.0014 3296  IviRegMgr - ok
22:16:46.0045 3296  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:16:46.0061 3296  kbdclass - ok
22:16:46.0092 3296  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:16:46.0123 3296  kbdhid - ok
22:16:46.0170 3296  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
22:16:46.0185 3296  KeyIso - ok
22:16:46.0248 3296  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:16:46.0279 3296  KSecDD - ok
22:16:46.0326 3296  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:16:46.0373 3296  KtmRm - ok
22:16:46.0466 3296  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:16:46.0529 3296  LanmanServer - ok
22:16:46.0591 3296  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:16:46.0622 3296  LanmanWorkstation - ok
22:16:46.0685 3296  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:16:46.0716 3296  lltdio - ok
22:16:46.0763 3296  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:16:46.0809 3296  lltdsvc - ok
22:16:46.0825 3296  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:16:46.0872 3296  lmhosts - ok
22:16:46.0903 3296  [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
22:16:46.0919 3296  LSI_FC - ok
22:16:46.0919 3296  [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
22:16:46.0934 3296  LSI_SAS - ok
22:16:46.0950 3296  [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
22:16:46.0965 3296  LSI_SCSI - ok
22:16:46.0997 3296  [ 23B55D27A0AFB7FE9CBCB20B617CC168 ] Ltn_stk7070P    C:\Windows\system32\DRIVERS\Ltn_stk7070P.sys
22:16:47.0090 3296  Ltn_stk7070P - ok
22:16:47.0137 3296  [ 1FA7503D019291C027FEDAE509BC5500 ] Ltn_stkrc       C:\Windows\system32\DRIVERS\Ltn_stkrc.sys
22:16:47.0153 3296  Ltn_stkrc - ok
22:16:47.0199 3296  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
22:16:47.0215 3296  luafv - ok
22:16:47.0262 3296  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:16:47.0277 3296  Mcx2Svc - ok
22:16:47.0309 3296  [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
22:16:47.0309 3296  mdmxsdk - ok
22:16:47.0324 3296  [ D153B14FC6598EAE8422A2037553ADCE ] megasas         C:\Windows\system32\drivers\megasas.sys
22:16:47.0340 3296  megasas - ok
22:16:47.0387 3296  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
22:16:47.0402 3296  MMCSS - ok
22:16:47.0465 3296  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
22:16:47.0480 3296  Modem - ok
22:16:47.0511 3296  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:16:47.0543 3296  monitor - ok
22:16:47.0558 3296  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:16:47.0574 3296  mouclass - ok
22:16:47.0574 3296  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:16:47.0605 3296  mouhid - ok
22:16:47.0667 3296  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
22:16:47.0683 3296  MountMgr - ok
22:16:47.0730 3296  [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
22:16:47.0745 3296  MpFilter - ok
22:16:47.0777 3296  [ 583A41F26278D9E0EA548163D6139397 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:16:47.0792 3296  mpio - ok
22:16:47.0839 3296  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:16:47.0870 3296  mpsdrv - ok
22:16:47.0933 3296  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:16:47.0979 3296  MpsSvc - ok
22:16:47.0995 3296  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
22:16:47.0995 3296  Mraid35x - ok
22:16:48.0042 3296  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:16:48.0057 3296  MRxDAV - ok
22:16:48.0104 3296  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:16:48.0135 3296  mrxsmb - ok
22:16:48.0151 3296  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:16:48.0167 3296  mrxsmb10 - ok
22:16:48.0182 3296  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:16:48.0213 3296  mrxsmb20 - ok
22:16:48.0229 3296  [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:16:48.0245 3296  msahci - ok
22:16:48.0291 3296  [ 8E46A7BAC823DD82D4FB2A34C3DF4C1D ] MSCSPTISRV      C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
22:16:48.0291 3296  MSCSPTISRV ( UnsignedFile.Multi.Generic ) - warning
22:16:48.0291 3296  MSCSPTISRV - detected UnsignedFile.Multi.Generic (1)
22:16:48.0323 3296  [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:16:48.0323 3296  msdsm - ok
22:16:48.0401 3296  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
22:16:48.0416 3296  MSDTC - ok
22:16:48.0479 3296  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:16:48.0494 3296  Msfs - ok
22:16:48.0525 3296  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:16:48.0525 3296  msisadrv - ok
22:16:48.0588 3296  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:16:48.0619 3296  MSiSCSI - ok
22:16:48.0619 3296  msiserver - ok
22:16:48.0681 3296  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:16:48.0697 3296  MSKSSRV - ok
22:16:48.0759 3296  [ 24516BF4E12A46CB67302E2CDCB8CDDF ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
22:16:48.0775 3296  MsMpSvc - ok
22:16:48.0775 3296  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:16:48.0806 3296  MSPCLOCK - ok
22:16:48.0806 3296  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:16:48.0837 3296  MSPQM - ok
22:16:48.0884 3296  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:16:48.0900 3296  MsRPC - ok
22:16:48.0915 3296  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
22:16:48.0915 3296  mssmbios - ok
22:16:48.0978 3296  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:16:48.0993 3296  MSTEE - ok
22:16:49.0009 3296  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
22:16:49.0025 3296  Mup - ok
22:16:49.0071 3296  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
22:16:49.0087 3296  napagent - ok
22:16:49.0134 3296  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:16:49.0149 3296  NativeWifiP - ok
22:16:49.0212 3296  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:16:49.0227 3296  NDIS - ok
22:16:49.0290 3296  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:16:49.0305 3296  NdisTapi - ok
22:16:49.0368 3296  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:16:49.0399 3296  Ndisuio - ok
22:16:49.0446 3296  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:16:49.0461 3296  NdisWan - ok
22:16:49.0508 3296  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:16:49.0539 3296  NDProxy - ok
22:16:49.0586 3296  [ 7AFD0E39AB15CB355487B7CC19F4E2C5 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl.sys
22:16:49.0586 3296  Netaapl ( UnsignedFile.Multi.Generic ) - warning
22:16:49.0586 3296  Netaapl - detected UnsignedFile.Multi.Generic (1)
22:16:49.0649 3296  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:16:49.0680 3296  NetBIOS - ok
22:16:49.0711 3296  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
22:16:49.0742 3296  netbt - ok
22:16:49.0758 3296  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
22:16:49.0758 3296  Netlogon - ok
22:16:49.0820 3296  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
22:16:49.0867 3296  Netman - ok
22:16:49.0914 3296  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
22:16:49.0945 3296  netprofm - ok
22:16:49.0992 3296  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:16:49.0992 3296  NetTcpPortSharing - ok
22:16:50.0054 3296  [ A15F219208843A5A210C8CB391384453 ] NETw3v32        C:\Windows\system32\DRIVERS\NETw3v32.sys
22:16:50.0163 3296  NETw3v32 - ok
22:16:50.0288 3296  [ 6522DD40A5F67CED020BD81B856613FB ] NETw4v32        C:\Windows\system32\DRIVERS\NETw4v32.sys
22:16:50.0397 3296  NETw4v32 - ok
22:16:50.0429 3296  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
22:16:50.0444 3296  nfrd960 - ok
22:16:50.0491 3296  [ B52F26BADE7D7E4A79706E3FD91834CD ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:16:50.0507 3296  NisDrv - ok
22:16:50.0553 3296  [ 290C0D4C4889398797F8DF3BE00B9698 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
22:16:50.0569 3296  NisSrv - ok
22:16:50.0616 3296  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:16:50.0663 3296  NlaSvc - ok
22:16:50.0725 3296  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:16:50.0741 3296  Npfs - ok
22:16:50.0803 3296  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
22:16:50.0819 3296  nsi - ok
22:16:50.0865 3296  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:16:50.0897 3296  nsiproxy - ok
22:16:50.0912 3296  [ 53F7546E8DAEFB3A0813F5E19C4613C9 ] NSNDIS5         C:\Windows\system32\NSNDIS5.SYS
22:16:50.0912 3296  NSNDIS5 ( UnsignedFile.Multi.Generic ) - warning
22:16:50.0912 3296  NSNDIS5 - detected UnsignedFile.Multi.Generic (1)
22:16:50.0975 3296  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:16:51.0021 3296  Ntfs - ok
22:16:51.0053 3296  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
22:16:51.0099 3296  ntrigdigi - ok
22:16:51.0146 3296  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
22:16:51.0162 3296  Null - ok
22:16:51.0193 3296  [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:16:51.0209 3296  nvraid - ok
22:16:51.0224 3296  [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:16:51.0224 3296  nvstor - ok
22:16:51.0240 3296  [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:16:51.0255 3296  nv_agp - ok
22:16:51.0255 3296  NwlnkFlt - ok
22:16:51.0271 3296  NwlnkFwd - ok
22:16:51.0318 3296  [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
22:16:51.0333 3296  ohci1394 - ok
22:16:51.0380 3296  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
22:16:51.0443 3296  p2pimsvc - ok
22:16:51.0458 3296  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
22:16:51.0474 3296  p2psvc - ok
22:16:51.0521 3296  [ 753A8F339F231D2B857E2CCD51A6E6CA ] PACSPTISVR      C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
22:16:51.0552 3296  PACSPTISVR ( UnsignedFile.Multi.Generic ) - warning
22:16:51.0552 3296  PACSPTISVR - detected UnsignedFile.Multi.Generic (1)
22:16:51.0599 3296  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
22:16:51.0630 3296  Parport - ok
22:16:51.0661 3296  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:16:51.0677 3296  partmgr - ok
22:16:51.0692 3296  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
22:16:51.0723 3296  Parvdm - ok
22:16:51.0786 3296  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:16:51.0801 3296  PcaSvc - ok
22:16:51.0848 3296  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
22:16:51.0864 3296  pci - ok
22:16:51.0879 3296  [ 3B1901E401473E03EB8C874271E50C26 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:16:51.0895 3296  pciide - ok
22:16:51.0911 3296  [ 3BB2244F343B610C29C98035504C9B75 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
22:16:51.0926 3296  pcmcia - ok
22:16:51.0957 3296  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:16:52.0020 3296  PEAUTH - ok
22:16:52.0129 3296  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
22:16:52.0254 3296  pla - ok
22:16:52.0316 3296  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:16:52.0332 3296  PlugPlay - ok
22:16:52.0394 3296  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
22:16:52.0425 3296  PNRPAutoReg - ok
22:16:52.0441 3296  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
22:16:52.0628 3296  PNRPsvc - ok
22:16:52.0706 3296  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:16:52.0769 3296  PolicyAgent - ok
22:16:52.0831 3296  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:16:52.0862 3296  PptpMiniport - ok
22:16:52.0909 3296  [ 0E3CEF5D28B40CF273281D620C50700A ] Processor       C:\Windows\system32\drivers\processr.sys
22:16:52.0971 3296  Processor - ok
22:16:52.0971 3296  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:16:53.0003 3296  ProfSvc - ok
22:16:53.0003 3296  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
22:16:53.0018 3296  ProtectedStorage - ok
22:16:53.0065 3296  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
22:16:53.0081 3296  PSched - ok
22:16:53.0096 3296  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
22:16:53.0143 3296  PxHelp20 - ok
22:16:53.0174 3296  [ CCDAC889326317792480C0A67156A1EC ] ql2300          C:\Windows\system32\drivers\ql2300.sys
22:16:53.0221 3296  ql2300 - ok
22:16:53.0252 3296  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
22:16:53.0268 3296  ql40xx - ok
22:16:53.0330 3296  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
22:16:53.0361 3296  QWAVE - ok
22:16:53.0408 3296  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:16:53.0424 3296  QWAVEdrv - ok
22:16:53.0455 3296  [ 68E04F3944E6F82C64B53F8A8F13FB3A ] R5U870FLx86     C:\Windows\system32\Drivers\R5U870FLx86.sys
22:16:53.0471 3296  R5U870FLx86 - ok
22:16:53.0502 3296  [ 7F1356060D1894B46554A0D8E6F13958 ] R5U870FUx86     C:\Windows\system32\Drivers\R5U870FUx86.sys
22:16:53.0502 3296  R5U870FUx86 - ok
22:16:53.0549 3296  [ 70DBDAB246C18B78E2200D6401D038BE ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
22:16:53.0580 3296  RapiMgr - ok
22:16:53.0627 3296  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:16:53.0642 3296  RasAcd - ok
22:16:53.0689 3296  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
22:16:53.0720 3296  RasAuto - ok
22:16:53.0767 3296  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:16:53.0783 3296  Rasl2tp - ok
22:16:53.0845 3296  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
22:16:53.0876 3296  RasMan - ok
22:16:53.0907 3296  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:16:53.0939 3296  RasPppoe - ok
22:16:53.0985 3296  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:16:54.0001 3296  RasSstp - ok
22:16:54.0048 3296  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:16:54.0079 3296  rdbss - ok
22:16:54.0126 3296  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:16:54.0157 3296  RDPCDD - ok
22:16:54.0219 3296  [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
22:16:54.0266 3296  rdpdr - ok
22:16:54.0266 3296  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:16:54.0297 3296  RDPENCDD - ok
22:16:54.0344 3296  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:16:54.0375 3296  RDPWD - ok
22:16:54.0407 3296  [ 001B4278407F4303EFC902A2B16F2453 ] regi            C:\Windows\system32\drivers\regi.sys
22:16:54.0422 3296  regi - ok
22:16:54.0469 3296  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:16:54.0500 3296  RemoteAccess - ok
22:16:54.0531 3296  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:16:54.0563 3296  RemoteRegistry - ok
22:16:54.0578 3296  [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
22:16:54.0609 3296  RFCOMM - ok
22:16:54.0641 3296  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
22:16:54.0656 3296  RpcLocator - ok
22:16:54.0687 3296  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
22:16:54.0719 3296  RpcSs - ok
22:16:54.0750 3296  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:16:54.0781 3296  rspndr - ok
22:16:54.0843 3296  [ 2D19A7469EA19993D0C12E627F4530BC ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
22:16:54.0859 3296  RTL8169 - ok
22:16:54.0875 3296  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
22:16:54.0890 3296  SamSs - ok
22:16:54.0921 3296  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:16:54.0921 3296  sbp2port - ok
22:16:54.0968 3296  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:16:54.0999 3296  SCardSvr - ok
22:16:55.0031 3296  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
22:16:55.0077 3296  Schedule - ok
22:16:55.0140 3296  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:16:55.0155 3296  SCPolicySvc - ok
22:16:55.0202 3296  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:16:55.0233 3296  SDRSVC - ok
22:16:55.0265 3296  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:16:55.0296 3296  secdrv - ok
22:16:55.0343 3296  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
22:16:55.0374 3296  seclogon - ok
22:16:55.0389 3296  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
22:16:55.0421 3296  SENS - ok
22:16:55.0436 3296  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
22:16:55.0483 3296  Serenum - ok
22:16:55.0499 3296  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
22:16:55.0545 3296  Serial - ok
22:16:55.0577 3296  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
22:16:55.0592 3296  sermouse - ok
22:16:55.0655 3296  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
22:16:55.0670 3296  SessionEnv - ok
22:16:55.0717 3296  [ 8B7C1768D2CDE2E02E09A66563DDFD16 ] SFEP            C:\Windows\system32\DRIVERS\SFEP.sys
22:16:55.0733 3296  SFEP - ok
22:16:55.0764 3296  [ 103B79418DA647736EE95645F305F68A ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:16:55.0795 3296  sffdisk - ok
22:16:55.0795 3296  [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:16:55.0857 3296  sffp_mmc - ok
22:16:55.0873 3296  [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:16:55.0920 3296  sffp_sd - ok
22:16:55.0920 3296  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
22:16:55.0967 3296  sfloppy - ok
22:16:56.0013 3296  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:16:56.0029 3296  SharedAccess - ok
22:16:56.0076 3296  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:16:56.0107 3296  ShellHWDetection - ok
22:16:56.0123 3296  [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
22:16:56.0138 3296  sisagp - ok
22:16:56.0201 3296  [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
22:16:56.0201 3296  SiSRaid2 - ok
22:16:56.0216 3296  [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:16:56.0232 3296  SiSRaid4 - ok
22:16:56.0294 3296  [ 579BA0A911FF5EA70CB604CD3B744B0A ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
22:16:56.0310 3296  SkypeUpdate - ok
22:16:56.0435 3296  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
22:16:56.0669 3296  slsvc - ok
22:16:56.0715 3296  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
22:16:56.0731 3296  SLUINotify - ok
22:16:56.0778 3296  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:16:56.0793 3296  Smb - ok
22:16:56.0825 3296  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:16:56.0840 3296  SNMPTRAP - ok
22:16:56.0903 3296  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
22:16:56.0918 3296  spldr - ok
22:16:56.0949 3296  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
22:16:56.0965 3296  Spooler - ok
22:16:56.0996 3296  [ E3E6C96B0EF4492C3C8FD0DEEF4E35A1 ] SPTISRV         C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
22:16:56.0996 3296  SPTISRV ( UnsignedFile.Multi.Generic ) - warning
22:16:56.0996 3296  SPTISRV - detected UnsignedFile.Multi.Generic (1)
22:16:57.0043 3296  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:16:57.0074 3296  srv - ok
22:16:57.0105 3296  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:16:57.0137 3296  srv2 - ok
22:16:57.0168 3296  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:16:57.0183 3296  srvnet - ok
22:16:57.0261 3296  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:16:57.0293 3296  SSDPSRV - ok
22:16:57.0355 3296  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:16:57.0386 3296  SstpSvc - ok
22:16:57.0449 3296  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
22:16:57.0464 3296  stisvc - ok
22:16:57.0480 3296  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
22:16:57.0495 3296  swenum - ok
22:16:57.0605 3296  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
22:16:57.0620 3296  swprv - ok
22:16:57.0683 3296  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
22:16:57.0683 3296  Symc8xx - ok
22:16:57.0714 3296  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
22:16:57.0714 3296  Sym_hi - ok
22:16:57.0729 3296  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
22:16:57.0745 3296  Sym_u3 - ok
22:16:57.0792 3296  [ 99DA94793332AADBB17BBB521AE56E21 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
22:16:57.0823 3296  SynTP - ok
22:16:57.0901 3296  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
22:16:57.0948 3296  SysMain - ok
22:16:58.0026 3296  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:16:58.0041 3296  TabletInputService - ok
22:16:58.0088 3296  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:16:58.0104 3296  TapiSrv - ok
22:16:58.0166 3296  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
22:16:58.0197 3296  TBS - ok
22:16:58.0260 3296  [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:16:58.0307 3296  Tcpip - ok
22:16:58.0338 3296  [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
22:16:58.0369 3296  Tcpip6 - ok
22:16:58.0385 3296  [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:16:58.0416 3296  tcpipreg - ok
22:16:58.0447 3296  [ 07D174A992AB0EA6001F390DE1AFA27B ] TcUsb           C:\Windows\system32\Drivers\tcusb.sys
22:16:58.0447 3296  TcUsb - ok
22:16:58.0494 3296  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:16:58.0525 3296  TDPIPE - ok
22:16:58.0572 3296  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:16:58.0603 3296  TDTCP - ok
22:16:58.0634 3296  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:16:58.0681 3296  tdx - ok
22:16:58.0868 3296  [ 2A64C802F4C8AA00AC8472C771688E00 ] TeamViewer5     Q:\programme\teamviewer\Version5\TeamViewer_Service.exe
22:16:58.0946 3296  TeamViewer5 - ok
22:16:59.0024 3296  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
22:16:59.0040 3296  TermDD - ok
22:16:59.0055 3296  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
22:16:59.0118 3296  TermService - ok
22:16:59.0258 3296  [ AB10AFD7809ABA275A8E20F215C5C0BD ] TGCM_ImportWiFiSvc Q:\programme\o2_stick\o2\Mobile Connection Manager\ImpWiFiSvc.exe
22:16:59.0461 3296  TGCM_ImportWiFiSvc - ok
22:16:59.0492 3296  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
22:16:59.0508 3296  Themes - ok
22:16:59.0523 3296  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
22:16:59.0539 3296  THREADORDER - ok
22:16:59.0586 3296  [ 030F439AC1CCDA7AC6CE01CC02102045 ] ti21sony        C:\Windows\system32\drivers\ti21sony.sys
22:16:59.0617 3296  ti21sony - ok
22:16:59.0695 3296  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
22:16:59.0711 3296  TrkWks - ok
22:16:59.0773 3296  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:16:59.0789 3296  TrustedInstaller - ok
22:16:59.0851 3296  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:16:59.0867 3296  tssecsrv - ok
22:16:59.0898 3296  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
22:16:59.0913 3296  tunmp - ok
22:16:59.0929 3296  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:16:59.0929 3296  tunnel - ok
22:16:59.0960 3296  [ C3ADE15414120033A36C0F293D4A4121 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:16:59.0960 3296  uagp35 - ok
22:17:00.0007 3296  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:17:00.0023 3296  udfs - ok
22:17:00.0069 3296  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:17:00.0101 3296  UI0Detect - ok
22:17:00.0101 3296  UIUSys - ok
22:17:00.0116 3296  [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:17:00.0132 3296  uliagpkx - ok
22:17:00.0147 3296  [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci         C:\Windows\system32\drivers\uliahci.sys
22:17:00.0163 3296  uliahci - ok
22:17:00.0163 3296  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
22:17:00.0179 3296  UlSata - ok
22:17:00.0194 3296  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
22:17:00.0210 3296  ulsata2 - ok
22:17:00.0272 3296  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:17:00.0288 3296  umbus - ok
22:17:00.0335 3296  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
22:17:00.0366 3296  upnphost - ok
22:17:00.0397 3296  [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
22:17:00.0444 3296  USBAAPL - ok
22:17:00.0475 3296  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:17:00.0522 3296  usbccgp - ok
22:17:00.0553 3296  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:17:00.0615 3296  usbcir - ok
22:17:00.0631 3296  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
22:17:00.0647 3296  usbehci - ok
22:17:00.0693 3296  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:17:00.0725 3296  usbhub - ok
22:17:00.0740 3296  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:17:00.0787 3296  usbohci - ok
22:17:00.0803 3296  [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
22:17:00.0834 3296  usbprint - ok
22:17:00.0881 3296  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:17:00.0927 3296  USBSTOR - ok
22:17:00.0959 3296  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
22:17:00.0974 3296  usbuhci - ok
22:17:00.0990 3296  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
22:17:01.0021 3296  usbvideo - ok
22:17:01.0068 3296  [ 35C9095FA7076466AFBFC5B9EC4B779E ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
22:17:01.0083 3296  usb_rndisx - ok
22:17:01.0115 3296  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
22:17:01.0146 3296  UxSms - ok
22:17:01.0193 3296  [ AFBCD738DF9DE3B6D71AFC704E7F27FB ] VAIO Entertainment TV Device Arbitration Service C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
22:17:01.0349 3296  VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - warning
22:17:01.0349 3296  VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic (1)
22:17:01.0395 3296  [ 8A9F18ADAD471402236CA931553BF79B ] VAIO Event Service C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
22:17:01.0411 3296  VAIO Event Service - ok
22:17:01.0520 3296  [ 0A4CD617ED1F03C8B7310FC4871173A4 ] VAIOMediaPlatform-IntegratedServer-AppServer C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
22:17:02.0097 3296  VAIOMediaPlatform-IntegratedServer-AppServer ( UnsignedFile.Multi.Generic ) - warning
22:17:02.0097 3296  VAIOMediaPlatform-IntegratedServer-AppServer - detected UnsignedFile.Multi.Generic (1)
22:17:02.0175 3296  [ 56E33AAA46CBA8431E72486196AFB3A1 ] VAIOMediaPlatform-IntegratedServer-HTTP C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
22:17:02.0222 3296  VAIOMediaPlatform-IntegratedServer-HTTP ( UnsignedFile.Multi.Generic ) - warning
22:17:02.0222 3296  VAIOMediaPlatform-IntegratedServer-HTTP - detected UnsignedFile.Multi.Generic (1)
22:17:02.0285 3296  [ ADDF0E4E19BD2FF0A0B852D324FDC281 ] VAIOMediaPlatform-IntegratedServer-UPnP C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
22:17:02.0504 3296  VAIOMediaPlatform-IntegratedServer-UPnP ( UnsignedFile.Multi.Generic ) - warning
22:17:02.0504 3296  VAIOMediaPlatform-IntegratedServer-UPnP - detected UnsignedFile.Multi.Generic (1)
22:17:02.0551 3296  [ 52D4F568FE7D05AE5026B8717EEB59EB ] VAIOMediaPlatform-UCLS-AppServer C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
22:17:02.0644 3296  VAIOMediaPlatform-UCLS-AppServer ( UnsignedFile.Multi.Generic ) - warning
22:17:02.0644 3296  VAIOMediaPlatform-UCLS-AppServer - detected UnsignedFile.Multi.Generic (1)
22:17:02.0691 3296  [ 56E33AAA46CBA8431E72486196AFB3A1 ] VAIOMediaPlatform-UCLS-HTTP C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
22:17:02.0722 3296  VAIOMediaPlatform-UCLS-HTTP ( UnsignedFile.Multi.Generic ) - warning
22:17:02.0722 3296  VAIOMediaPlatform-UCLS-HTTP - detected UnsignedFile.Multi.Generic (1)
22:17:02.0800 3296  [ ADDF0E4E19BD2FF0A0B852D324FDC281 ] VAIOMediaPlatform-UCLS-UPnP C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
22:17:02.0878 3296  VAIOMediaPlatform-UCLS-UPnP ( UnsignedFile.Multi.Generic ) - warning
22:17:02.0878 3296  VAIOMediaPlatform-UCLS-UPnP - detected UnsignedFile.Multi.Generic (1)
22:17:02.0925 3296  [ 6EF45DF2FCC4AE35C715A6C9B5C68B17 ] VcmIAlzMgr      C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
22:17:02.0941 3296  VcmIAlzMgr - ok
22:17:02.0988 3296  [ C4DE5BA157FD83BBDAEB70EE27417E0E ] VcmXmlIfHelper  C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
22:17:02.0988 3296  VcmXmlIfHelper - ok
22:17:03.0003 3296  Vcsw - ok
22:17:03.0066 3296  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
22:17:03.0222 3296  vds - ok
22:17:03.0284 3296  [ 7D92BE0028ECDEDEC74617009084B5EF ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:17:03.0346 3296  vga - ok
22:17:03.0393 3296  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:17:03.0424 3296  VgaSave - ok
22:17:03.0440 3296  [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp          C:\Windows\system32\drivers\viaagp.sys
22:17:03.0456 3296  viaagp - ok
22:17:03.0471 3296  [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
22:17:03.0502 3296  ViaC7 - ok
22:17:03.0518 3296  [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide          C:\Windows\system32\drivers\viaide.sys
22:17:03.0518 3296  viaide - ok
22:17:03.0534 3296  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:17:03.0549 3296  volmgr - ok
22:17:03.0596 3296  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:17:03.0612 3296  volmgrx - ok
22:17:03.0658 3296  [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:17:03.0674 3296  volsnap - ok
22:17:03.0705 3296  [ 3730B7B03E2FD363D63E9327E0E1EBEA ] vpnagent        C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
22:17:03.0783 3296  vpnagent - ok
22:17:03.0814 3296  [ 1B7C80C66742DAFAA31F98AF4C3A5BC2 ] vpnva           C:\Windows\system32\DRIVERS\vpnva.sys
22:17:03.0830 3296  vpnva - ok
22:17:03.0861 3296  [ D984439746D42B30FC65A4C3546C6829 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
22:17:03.0877 3296  vsmraid - ok
22:17:03.0955 3296  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
22:17:04.0033 3296  VSS - ok
22:17:04.0111 3296  [ 2E785F4F92C4C67CEBB61DD55ED1F6A1 ] VzCdbSvc        C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
22:17:04.0189 3296  VzCdbSvc ( UnsignedFile.Multi.Generic ) - warning
22:17:04.0189 3296  VzCdbSvc - detected UnsignedFile.Multi.Generic (1)
22:17:04.0236 3296  [ 2D876CAD8C7FFB08179DFF361FF851E6 ] VzFw            C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
22:17:04.0314 3296  VzFw ( UnsignedFile.Multi.Generic ) - warning
22:17:04.0314 3296  VzFw - detected UnsignedFile.Multi.Generic (1)
22:17:04.0360 3296  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
22:17:04.0392 3296  W32Time - ok
22:17:04.0423 3296  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
22:17:04.0470 3296  WacomPen - ok
22:17:04.0548 3296  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
22:17:04.0563 3296  Wanarp - ok
22:17:04.0579 3296  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:17:04.0594 3296  Wanarpv6 - ok
22:17:04.0626 3296  [ 779F9C90D3FE9C70B6FFD8EF035F3E83 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
22:17:04.0704 3296  WcesComm - ok
22:17:04.0766 3296  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:17:04.0797 3296  wcncsvc - ok
22:17:04.0813 3296  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:17:04.0844 3296  WcsPlugInService - ok
22:17:04.0875 3296  [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd              C:\Windows\system32\drivers\wd.sys
22:17:04.0891 3296  Wd - ok
22:17:04.0922 3296  [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:17:04.0969 3296  Wdf01000 - ok
22:17:05.0031 3296  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:17:05.0078 3296  WdiServiceHost - ok
22:17:05.0078 3296  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:17:05.0109 3296  WdiSystemHost - ok
22:17:05.0156 3296  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
22:17:05.0187 3296  WebClient - ok
22:17:05.0218 3296  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:17:05.0265 3296  Wecsvc - ok
22:17:05.0312 3296  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:17:05.0359 3296  wercplsupport - ok
22:17:05.0406 3296  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:17:05.0437 3296  WerSvc - ok
22:17:05.0468 3296  [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
22:17:05.0484 3296  WimFltr - ok
22:17:05.0530 3296  [ 5A77AC34A0FFB70CE8B35B524FEDE9BA ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
22:17:05.0593 3296  winachsf - ok
22:17:05.0718 3296  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
22:17:05.0733 3296  WinDefend - ok
22:17:05.0749 3296  WinHttpAutoProxySvc - ok
22:17:05.0811 3296  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:17:05.0842 3296  Winmgmt - ok
22:17:05.0920 3296  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
22:17:06.0030 3296  WinRM - ok
22:17:06.0139 3296  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:17:06.0232 3296  Wlansvc - ok
22:17:06.0420 3296  [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:17:06.0529 3296  wlidsvc - ok
22:17:06.0576 3296  [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:17:06.0607 3296  WmiAcpi - ok
22:17:06.0700 3296  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:17:06.0716 3296  wmiApSrv - ok
22:17:06.0810 3296  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
22:17:06.0888 3296  WMPNetworkSvc - ok
22:17:06.0950 3296  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:17:06.0997 3296  WPCSvc - ok
22:17:07.0075 3296  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:17:07.0106 3296  WPDBusEnum - ok
22:17:07.0137 3296  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
22:17:07.0184 3296  WpdUsb - ok
22:17:07.0293 3296  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:17:07.0324 3296  WPFFontCache_v0400 - ok
22:17:07.0371 3296  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:17:07.0402 3296  ws2ifsl - ok
22:17:07.0449 3296  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
22:17:07.0465 3296  wscsvc - ok
22:17:07.0465 3296  WSearch - ok
22:17:07.0558 3296  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
22:17:07.0683 3296  wuauserv - ok
22:17:07.0761 3296  [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:17:07.0792 3296  WUDFRd - ok
22:17:07.0839 3296  [ 575A4190D989F64732119E4114045A4F ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:17:07.0886 3296  wudfsvc - ok
22:17:07.0917 3296  [ 88AF537264F2B818DA15479CEEAF5D7C ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
22:17:07.0933 3296  XAudio - ok
22:17:07.0964 3296  [ 15A317674A08DF26BE65164D959E9203 ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
22:17:07.0995 3296  XAudioService - ok
22:17:08.0042 3296  ================ Scan global ===============================
22:17:08.0120 3296  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
22:17:08.0167 3296  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
22:17:08.0198 3296  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
22:17:08.0260 3296  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
22:17:08.0260 3296  [Global] - ok
22:17:08.0260 3296  ================ Scan MBR ==================================
22:17:08.0276 3296  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
22:17:08.0651 3296  \Device\Harddisk0\DR0 - ok
22:17:08.0651 3296  ================ Scan VBR ==================================
22:17:08.0651 3296  [ EC5ACC4E1ECF630F8F37647EC6702118 ] \Device\Harddisk0\DR0\Partition1
22:17:08.0667 3296  \Device\Harddisk0\DR0\Partition1 - ok
22:17:08.0683 3296  [ 80957766BE8CADD80C3284E1ADF9C6EA ] \Device\Harddisk0\DR0\Partition2
22:17:08.0683 3296  \Device\Harddisk0\DR0\Partition2 - ok
22:17:08.0683 3296  ============================================================
22:17:08.0683 3296  Scan finished
22:17:08.0683 3296  ============================================================
22:17:08.0683 2772  Detected object count: 16
22:17:08.0683 2772  Actual detected object count: 16
22:18:10.0037 2772  CVPNDRVA ( UnsignedFile.Multi.Generic ) - skipped by user
22:18:10.0037 2772  CVPNDRVA ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:18:10.0037 2772  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
22:18:10.0037 2772  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:18:10.0053 2772  MSCSPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
22:18:10.0053 2772  MSCSPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:18:10.0053 2772  Netaapl ( UnsignedFile.Multi.Generic ) - skipped by user
22:18:10.0053 2772  Netaapl ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:18:10.0053 2772  NSNDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
22:18:10.0053 2772  NSNDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:18:10.0053 2772  PACSPTISVR ( UnsignedFile.Multi.Generic ) - skipped by user
22:18:10.0053 2772  PACSPTISVR ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:18:10.0053 2772  SPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
22:18:10.0053 2772  SPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:18:10.0069 2772  VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:18:10.0069 2772  VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:18:10.0069 2772  VAIOMediaPlatform-IntegratedServer-AppServer ( UnsignedFile.Multi.Generic ) - skipped by user
22:18:10.0069 2772  VAIOMediaPlatform-IntegratedServer-AppServer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:18:10.0069 2772  VAIOMediaPlatform-IntegratedServer-HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
22:18:10.0069 2772  VAIOMediaPlatform-IntegratedServer-HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:18:10.0069 2772  VAIOMediaPlatform-IntegratedServer-UPnP ( UnsignedFile.Multi.Generic ) - skipped by user
22:18:10.0069 2772  VAIOMediaPlatform-IntegratedServer-UPnP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:18:10.0069 2772  VAIOMediaPlatform-UCLS-AppServer ( UnsignedFile.Multi.Generic ) - skipped by user
22:18:10.0069 2772  VAIOMediaPlatform-UCLS-AppServer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:18:10.0084 2772  VAIOMediaPlatform-UCLS-HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
22:18:10.0084 2772  VAIOMediaPlatform-UCLS-HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:18:10.0084 2772  VAIOMediaPlatform-UCLS-UPnP ( UnsignedFile.Multi.Generic ) - skipped by user
22:18:10.0084 2772  VAIOMediaPlatform-UCLS-UPnP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:18:10.0084 2772  VzCdbSvc ( UnsignedFile.Multi.Generic ) - skipped by user
22:18:10.0084 2772  VzCdbSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:18:10.0084 2772  VzFw ( UnsignedFile.Multi.Generic ) - skipped by user
22:18:10.0084 2772  VzFw ( UnsignedFile.Multi.Generic ) - User select action: Skip

markusg · 04.03.2013, 22:27

hi,
Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Nikko Laus · 04.03.2013, 23:21

Hi,
während des Durchlaufs kam die Meldung:
"Marketingtools.exe - Programmfehler
Die Anwendung hat einen Ausnahmefehler generiert, der nicht verarbeitet werden konnte.
Prozess -ID=0x948 (2376), Thread-ID = 0xedc (3804)
Klicken sie auf OK, um die Anwendung zu beenden, oder auf Abbrechen, um sie zu debuggen."
Habe auf Ok geklickt.

Code:

ATTFilter

ComboFix 13-03-04.01 - der nikolaus 04.03.2013  22:50:43.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.2046.1211 [GMT 1:00]
ausgeführt von:: c:\users\der nikolaus\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\FireFox\plugin-container.exe
c:\program files\FireFox\uninstall\helper.exe
c:\program files\FireFox\updater.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2
c:\users\der nikolaus\AppData\Local\TempDIR
c:\users\der nikolaus\AppData\Local\TempDIR\uhhwpaanleitung.pdf
c:\users\der nikolaus\AppData\Roaming\cacaoweb
c:\users\der nikolaus\AppData\Roaming\cacaoweb\npdfile.dat
c:\users\der nikolaus\AppData\Roaming\cacaoweb\replicating2851626516AFA3607819FD72B2EFD575.cacao
c:\users\der nikolaus\AppData\Roaming\cacaoweb\storage.db
c:\windows\system32\fsc.txt
c:\windows\system32\ide.txt
c:\windows\system32\klgd.bmp
c:\windows\system32\lpe.txt
c:\windows\system32\qks.txt
.
Infizierte Kopie von c:\windows\system32\userinit.exe wurde gefunden und desinfiziert 
Kopie von - c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe wurde wiederhergestellt 
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-02-04 bis 2013-03-04  ))))))))))))))))))))))))))))))
.
.
2013-03-04 21:56 . 2013-03-04 21:56	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-03-04 20:47 . 2013-02-08 00:45	6954968	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{00036068-316A-44A1-B50B-EB2D8FAABC0E}\mpengine.dll
2013-03-04 20:34 . 2013-03-04 20:34	--------	d-----w-	C:\_OTL
2013-03-02 20:20 . 2013-02-08 00:45	6954968	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-02-19 20:42 . 2013-02-19 20:42	--------	d-----w-	c:\users\der nikolaus\AppData\Roaming\Babylon
2013-02-19 20:42 . 2013-02-19 20:42	--------	d-----w-	c:\programdata\Babylon
2013-02-19 20:42 . 2013-02-19 20:42	--------	d-----w-	c:\users\der nikolaus\AppData\Local\PutLockerDownloader
2013-02-19 20:42 . 2013-02-19 21:46	--------	d-----w-	c:\programdata\Tarma Installer
2013-02-19 20:42 . 2013-02-19 20:42	--------	d-----w-	c:\program files\PutLockerDownloader
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-27 12:03 . 2012-04-04 10:09	691568	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-02-27 12:03 . 2011-10-24 15:52	71024	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-30 10:53 . 2009-10-04 20:47	232336	------w-	c:\windows\system32\MpSigStub.exe
2012-12-14 15:49 . 2012-01-23 18:32	21104	----a-w-	c:\windows\system32\drivers\mbam.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{991D97B8-F0D8-4EA1-9100-7A65EA2D3A63}]
2012-08-28 06:53	84840	----a-w-	c:\users\der nikolaus\AppData\Roaming\SenselessTV\bho.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PMCLoader"="q:\programme\tvneu\PMCLoader.exe" [2007-07-26 105544]
"GameXN GO"="c:\programdata\GameXN\GameXNGO.exe" [2012-04-23 347008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-10 835584]
"RtHDVCpl"="RtHDVCpl.exe" [2007-04-08 4423680]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-09-19 311296]
"MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2007-11-27 36864]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2006-11-02 215552]
"Skytel"="Skytel.exe" [2007-04-08 1822720]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]
"iTunesHelper"="q:\programme\itunes\iTunesHelper.exe" [2012-09-09 421776]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-10-30 748072]
VPN Client.lnk - c:\windows\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico [2010-7-28 6144]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-08-14 19:05	98304	----a-w-	c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs	REG_MULTI_SZ   	BthServ
WindowsMobile	REG_MULTI_SZ   	wcescomm rapimgr
LocalServiceRestricted	REG_MULTI_SZ   	WcesComm RapiMgr
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2013-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-23 20:50]
.
2013-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-23 20:50]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=06af44b9000000000000001de08f9523
IE: &Download by Orbit - q:\programme\orbit_downloader\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - q:\programme\orbit_downloader\Orbitdownloader\orbitmxt.dll/204
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Do&wnload selected by Orbit - q:\programme\orbit_downloader\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - q:\programme\orbit_downloader\Orbitdownloader\orbitmxt.dll/202
IE: Google Sidewiki...
IE: Nach Microsoft E&xel exportieren
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Translate this web page with Babylon - q:\programme\babylon9\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - q:\programme\babylon9\Utils\BabylonIEPI.dll/Action.htm
TCP: DhcpNameServer = 192.168.1.1
DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 - vpnweb.cab
FF - ProfilePath - c:\users\der nikolaus\AppData\Roaming\Mozilla\Firefox\Profiles\5od8u7k5.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT65619&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.gmx.de
FF - ExtSQL: !HIDDEN! 2012-11-21 21:16; support@Senseless.TV; c:\users\der nikolaus\AppData\Roaming\SenselessTV\ffextension
FF - user.js: extensions.delta.tlbrSrchUrl - 
FF - user.js: extensions.delta.id - 06af44b9000000000000001de08f9523
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15755
FF - user.js: extensions.delta.vrsn - 1.8.10.0
FF - user.js: extensions.delta.vrsni - 1.8.10.0
FF - user.js: extensions.delta.vrsnTs - 1.8.10.021:43
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-Mozilla Firefox 18.0 (x86 de) - c:\program files\firefox\uninstall\helper.exe
AddRemove-{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA} - c:\program files\InstallShield Installation Information\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}\Setup.exeUNINSTALL
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-03-04 23:02
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(3964)
c:\windows\system32\btmmhook.dll
c:\windows\system32\btncopy.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
q:\programme\vpn_uniHH\cvpnd.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
q:\programme\teamviewer\Version5\TeamViewer_Service.exe
q:\programme\o2_stick\o2\Mobile Connection Manager\ImpWiFiSvc.exe
c:\program files\Sony\VAIO Event Service\VESMgr.exe
c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
c:\program files\Sony\VAIO Event Service\VESMgrSub.exe
c:\windows\system32\conime.exe
c:\program files\Sony\Wireless Switch Setting Utility\Switcher.exe
c:\windows\RtHDVCpl.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
c:\program files\Windows Media Player\wmplayer.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-03-04  23:08:01 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-03-04 22:07
.
Vor Suchlauf: 15 Verzeichnis(se), 14.702.772.224 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 14.532.554.752 Bytes frei
.
- - End Of File - - 1E2941D209AA0FE3D69EA2173F4A21F4

markusg · 05.03.2013, 19:22

Hi,
öffne mal bitte Computer, c: qoobox
rechtsklick quarantain, mit winrar oder anderem archivierungsprogramm packen, archiv hochladen:
Trojaner-Board Upload Channel
und melden, wenn fertig

Nikko Laus · 06.03.2013, 17:56

Hi,
versuche seid einiger Zeit (gestern auch schon) die Datei hochzuladen...
(135MB) Verbindung wird nach einiger Zeit unterbrochen...
Ich arbeite daran..

Hi,
irgendwie ist es mir nicht möglich die Datei hochzuladen.
Habe es mit zwei unterschiedlichen Archivierungsprogrammen gepackt und versucht hochzuladen (auch von zwei unterschiedlichen Computern) und jedes Mal dauert es sehr lange und am Ende ist die Upload Channel Seite zu sehen und nichts scheint passiert zu sein..

markusg · 08.03.2013, 21:12

ok dann lassen wir das
lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

Nikko Laus · 08.03.2013, 23:21

hey
hier die Liste:

7-Zip 9.22beta 05.03.2013 4,72MB unnötig
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 07.03.2013 4,20MB 11.6.602.171 notwendig
Adobe Reader 9.5.4 - Deutsch Adobe Systems Incorporated 06.03.2013 118,3MB 9.5.4 notwendig
Adobe Shockwave Player 11.5 Adobe Systems, Inc. 17.09.2010 8,65MB 11.5.8.612 notwendig
Apple Application Support Apple Inc. 17.09.2012 65,1MB 2.2.2 unbekannt
Apple Mobile Device Support Apple Inc. 17.09.2012 23,2MB 6.0.0.59 unbekannt
Apple Software Update Apple Inc. 17.09.2012 2,38MB 2.1.3.127 unbekannt
ATI Catalyst Install Manager ATI Technologies, Inc. 24.08.2008 13,8MB 3.0.641.0 unbekannt
AVS Update Manager 1.0 Online Media Technologies Ltd. 29.09.2009 9,55MB unnötig
AVS Video Converter 6 Online Media Technologies Ltd. 29.09.2009 23,0MB unnötig
AVS4YOU Software Navigator 1.3 Online Media Technologies Ltd. 29.09.2009 8,84MB unnötig
Bonjour Apple Inc. 17.09.2012 0,92MB 3.0.0.10 unbekannt
CCleaner Piriform 20.12.2010 2,28MB 3.01 notwendig
CDBurnerXP CDBurnerXP 03.03.2011 16,6MB 4.3.8.2521 unnötig
Cisco AnyConnect VPN Client Cisco Systems, Inc. 15.09.2010 4,62MB 2.5.1025 notwendig
Cisco Systems VPN Client 5.0.07.0290 Cisco Systems, Inc. 27.07.2010 11,6MB 5.0.6 notwendig
CutePDF Writer 3.0 CutePDF.com 25.11.2012 0,31MB 3.0 unnötig
DivX-Setup DivX, LLC 06.03.2013 3,46MB 2.6.1.24 notwendig
Free Video Dub version 1.8.12.602 DVDVideoSoft Limited. 07.07.2011 3,63MB unbekannt
GameXN GO GameXN AS 22.04.2012 8,00MB unnötig
HandBrake 0.9.5 18.03.2011 18,1MB 0.9.5 unnötig
HDAUDIO SoftV92 Data Fax Modem with SmartCP 25.11.2007 1,02MB unbekannt
HijackThis 2.0.2 TrendMicro 30.09.2009 1,17MB 2.0.2 unnötig
HUAWEI DataCard Driver 4.20.12.00 Huawei technologies Co., Ltd. 05.03.2012 14,7MB 4.20.12.00 notwendig
Instant Mode InterVideo 24.08.2008 196,8MB 1.0.4 unbekannt
iTunes Apple Inc. 17.09.2012 179,5MB 10.7.0.21 notwendig
Java 7 Update 9 Oracle 30.08.2012 128,3MB 7.0.90 unbekannt
JavaFX 2.1.1 Oracle Corporation 16.07.2012 20,9MB 2.1.1 unbekannt
Malwarebytes Anti-Malware Version 1.70.0.1100 Malwarebytes Corporation 13.01.2013 11,5MB 1.70.0.1100 notwendig
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft Corporation 17.08.2009 37,0MB unbekannt
Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 15.08.2009 37,0MB unbekannt
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 17.09.2010 120,3MB 4.0.30319 unbekannt
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 17.09.2010 24,5MB 4.0.30319 unbekannt
Microsoft Security Essentials Microsoft Corporation 06.03.2013 17,2MB 4.2.223.1 notwendig
Microsoft Silverlight Microsoft Corporation 30.08.2012 20,4MB 4.1.10329.0 unbekannt
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 18.09.2009 1,74MB 3.1.0000 unbekannt
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 19.09.2009 0,25MB 8.0.50727.4053 unbekannt
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 03.04.2012 0,29MB 8.0.61001 unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 08.07.2011 2,06MB 9.0.21022 unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 03.04.2012 0,58MB 9.0.30729.6161 unbekannt
Microsoft Works Microsoft Corporation 09.12.2009 08.05.0822 unbekannt
Mobile Connection Manager Mobile Connection Manager 05.03.2012 37,4MB 8.7.6.756 notwendig
Mozilla Sunbird (0.9) Mozilla 16.01.2010 18,6MB 0.9 (de) notwendig
MSXML 4.0 SP2 (KB927978) Microsoft Corporation 25.11.2007 47,00KB 4.20.9841.0 unbekannt
MSXML 4.0 SP2 (KB936181) Microsoft Corporation 25.11.2007 1,28MB 4.20.9848.0 unbekannt
MSXML 4.0 SP2 (KB941833) Microsoft Corporation 23.01.2009 34,00KB 4.20.9849.0 unbekannt
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 23.01.2009 1,28MB 4.20.9870.0 unbekannt
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 24.11.2009 1,34MB 4.20.9876.0 unbekannt
MSXML 4.0 SP2 Parser and SDK Microsoft Corporation 24.02.2009 36,00KB 4.20.9818.0 unbekannt
OpenMG Limited Patch 4.7-07-15-19-01 24.08.2008 unbekannt
OpenMG Secure Module 4.7.00 Sony Corporation 24.08.2008 4 .7.00.12140 unbekannt
OpenOffice.org 3.1 OpenOffice.org 11.07.2009 352MB 3.1.9399 notwendig
Orbit Downloader Orbit Downloader: the ultra file & social media (YouTube etc..) download manager 02.02.2011 8,09MB unnötig
Paint.NET v3.36 dotPDN LLC 26.09.2010 3,97MB 3.36.0 notwendig
PC Inspector File Recovery 17.12.2012 11,8MB 4.0 notwendig
PDF24 Creator 5.3.0 PDF24.org 06.03.2013 42,5MB notwendig
PDFTK Builder 3.5.3 22.02.2012 3,47MB unnötig
QuickTime Apple Inc. 17.09.2012 73,3MB 7.72.80.56 notwendig
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista Realtek 25.11.2007 0,68MB 1.00.0000 notwendig
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 25.11.2007 14,2MB 6.0.1.5391 notwendig
RocketDock 1.3.5 Punk Software 19.09.2010 12,0MB notwendig
Roxio Easy Media Creator Home Roxio 24.08.2008 75,2MB 9.1.095 unbekannt
Senseless.TV Video Plugin 1.0 SenselessTV.com 20.11.2012 1,11MB 1.0 unnötig
Setting Utility Series Sony Corporation 26.11.2007 17,9MB 3.1.00.09240 unbekannt
Skype™ 5.9 Skype Technologies S.A. 02.06.2012 19,3MB 5.9.115 notwendig
SopCast 3.5.0 SopCast - Free P2P internet TV | live football, NBA, cricket 10.04.2012 9,08MB 3.5.0 notwendig
Synaptics Pointing Device Driver Synaptics 25.11.2007 12,9MB 9.1.13.0 unbekannt
TeamViewer 5 TeamViewer GmbH 20.11.2010 23,0MB 5.1.9385 notwendig
Total Video2Dvd 3.30 EffectMatrix, Inc. 08.07.2011 39,9MB unbekannt
TVUPlayer 2.5.2.2 TVU networks 01.03.2010 14,6MB 2.5.2.2 unnötig
VAIO Camera Capture Utility Sony Corporation 24.08.2008 9,61MB 2.7.03.09250 notwendig
VAIO Content Folder Setting Sony Corporation 24.08.2008 6,69MB 1.0.01.09270 notwendig
VAIO Content Metadata Intelligent Analyzing Manager Sony Corporation 24.08.2008 13,6MB 2.1.00.09284 notwendig
VAIO Content Metadata Manager Setting Sony Corporation 24.08.2008 2,85MB 2.1.00.09281 notwendig
VAIO Content Metadata XML Interface Library Sony Corporation 24.08.2008 1,54MB 2.1.00.09202 notwendig
VAIO Control Center Sony Corporation 26.11.2007 1,41MB 2.1.00.09190 notwendig
VAIO Data Restore Tool Sony Corporation 24.08.2008 6,50MB 1.0.03.10030 notwendig
VAIO DVD Menu Data Basic Sony Corporation 24.08.2008 543MB 1.0.00.08130 notwendig
VAIO Entertainment Platform Sony Corporation 24.08.2008 16,5MB 3.0.00.06280 notwendig
VAIO Event Service Sony Corporation 26.11.2007 5,75MB 3.3.00.11020 notwendig
VAIO Launcher Sony Corporation 24.08.2008 5,80MB 1.1.00.11210 notwendig
Vaio Marketing Tools Sony 24.08.2008 0,34MB notwendig
VAIO Media 6.0 Sony Corporation 24.08.2008 8,98MB 6.0.10 notwendig
VAIO Media AC3 Decoder 1.0 24.08.2008 0,79MB notwendig
VAIO Media Content Collection 6.0 Sony Corporation 24.08.2008 30,1MB notwendig
VAIO Media Integrated Server 6.1 Sony Corporation 24.08.2008 30,1MB notwendig
VAIO Media Redistribution 6.0 Sony Corporation 24.08.2008 37,5MB 6.0.10 notwendig
VAIO Media Registration Tool 6.0 Sony Corporation 24.08.2008 2,09MB 6.0.10 notwendig
VAIO Movie Story Sony Corporation 24.08.2008 48,6MB 1.1.00.10160 notwendig
VAIO Movie Story Template Data Sony Corporation 24.08.2008 401MB 1.1.00.09281 notwendig
VAIO MusicBox Sony Corporation 24.08.2008 11,2MB 1.1.01.09240 notwendig
VAIO MusicBox Sample Music Sony Corporation 24.08.2008 104,4MB 1.0.01.09210 notwendig
VAIO Original Function Setting Sony Corporation 24.08.2008 5,29MB 1.2.00.11100 notwendig
VAIO Power Management Sony Corporation 26.11.2007 12,4MB 2.3.01.10310 notwendig
VAIO Update 3 Sony Corporation 24.08.2008 3,60MB 3.0.02.05280 notwendig
VAIO Wallpaper Contents Sony Corporation 26.11.2007 119,8MB 1.0.00.09200 notwendig
Veetle TV 0.9.18 Veetle, Inc 28.01.2011 18,1MB 0.9.18 unnötig
VLC media player 0.9.8a VideoLAN Team 23.01.2009 76,0MB 0.9.8a notwendig
WIDCOMM Bluetooth Software 6.1.0.2200 Broadcom Corporation 25.11.2007 52,5MB 6.1.0.2200 notwendig
Winamp Nullsoft, Inc 29.01.2009 36,5MB 5.541 unnötig
Windows Installer Clean Up Microsoft Corporation 17.09.2010 0,30MB 3.00.00.0000 unbekannt
Windows Live Essentials Microsoft Corporation 09.07.2011 15.4.3538.0513 unbekannt
Windows Live OneCare safety scanner Microsoft Corporation 18.09.2010 unbekannt
Windows Live Sync Microsoft Corporation 18.09.2009 2,79MB 14.0.8089.726 unbekannt
Windows Media Player Firefox Plugin Microsoft Corp 13.03.2009 0,29MB 1.0.0.8 unbekannt
Windows-Treiberpaket - Sony Ericsson Mobile Communications (ggsemc) USB (02/22/2011 2.2.0.5) Sony Ericsson Mobile Communications 14.05.2012 1.399MB 02/22/2011 2.2.0.5 unnötig
WinDVD for VAIO InterVideo Inc. 24.08.2008 95,7MB 8.0-B8.411 unbekannt
WinRAR 4.20 (32-bit) win.rar GmbH 04.03.2013 5,00MB 4.20.0 unnötig
Wireless Switch Setting Utility Sony Corporation 24.08.2008 4,02MB 3.6.00.18210 unbekannt
Xilisoft Video Converter Ultimate 6 Xilisoft 08.07.2011 96,0MB 6.5.2.0125 unötig
Zattoo 3.3.4 Beta Zattoo Inc. 17.11.2009 18,4MB 3.3.4 Beta unnötig
µTorrent 30.12.2009 0,28MB 1.8.5 unnötig

markusg · 11.03.2013, 18:34

deinstaliere:
7-Zip
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden, instalieren.
adobe reader:
Adobe - Adobe Reader herunterladen - Alle Versionen
haken bei mcafee security scan raus nehmen
bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
Sicherheit (erweitert)
Erweiterte Sicherheit anhaken
und alle Dateien auswählen.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok

deinstaliere:
AVS: alle
CDBurnerXP
CutePDF
Free Video
GameXN
HandBrake
HijackThis
Java : beide
downloade Java jre:
Java-Downloads für alle Betriebssysteme
klicke:
Download der Java-Software für Windows Offline
laden, und instalieren
deinstaliere:
Microsoft Silverlight
Orbit
TeamViewer : nur bei Bedarf instalieren, außerdem ist deine version total veraltet, aktuell ist version 8
Total Video2Dvd
TVUPlayer
Veetle
VLC
VideoLAN - Official page for VLC media player, the Open Source video framework!
neueste instalieren

Deinstaliere:
Winamp
Windows Live : alle von dir nicht verwendeten.
Xilisoft
Zattoo
µTorrent

Öffne CCleaner, analysieren, starten, PC neustarten
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).