Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Fehlermeldung - Server ist ausgelastet

Fehlermeldung - Server ist ausgelastet


Log-Analyse und Auswertung: Fehlermeldung - Server ist ausgelastet

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Seite 1 von 3 1 23
Alt 05.07.2013, 12:35   #1
eckisingerka
 
Fehlermeldung - Server ist ausgelastet - Standard

Fehlermeldung - Server ist ausgelastet


Fehlermeldung: Server ist ausgelastet. Dieser Vorgang kann nicht ausgeführt werden, da...

Hallo Zusammen,
seit 2 Tagen versuche ich einen Trojaner aus meinem PC raus zubekommen. Ich habe die Vorschläge von diesem Forum gelesen und ausprobiert:
1. Malwarebytes Anti-Malware installiert - es wurden 20 infizierte Dateien gefunden und gelöscht.
Leider ist die Meldung nicht weg.
2. Danach habe ich Emisoft installiert - es wurden 2 infizierte Dateien gefunden und gelöscht
Leider hat das auch nicht geholfen.

Die Programme finden nichts aber die Meldung "Server ist ausgelastet" ist ganze Zeit da.

Was kann ich noch dagegen tun?
Ich wäre sehr dankbar für die Hilfe.

Gruß
Malwina

Alt 05.07.2013, 12:44   #2
markusg
/// Malware-holic
 
Fehlermeldung - Server ist ausgelastet - Standard

Fehlermeldung - Server ist ausgelastet


hi
poste mal alle Malwarebytes logs mit funden.
http://www.trojaner-board.de/125889-...en-posten.html
auch emsisoft funde.
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________
Alt 05.07.2013, 18:06   #3
eckisingerka
 
Fehlermeldung - Server ist ausgelastet - Standard

Fehlermeldung - Server ist ausgelastet


Hallo Markus,
ich kopiere zuerst das was ich gefunden habe:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2013.07.04.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
M*&S* :: *** [Administrator]

Schutz: Aktiviert

04.07.2013 09:59:45
mbam-log-2013-07-04 (09-59-45).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 412784
Laufzeit: 1 Stunde(n), 14 Minute(n), 3 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 15
HKCR\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\MyNewsBarLauncher.IE5BarLauncherBHO.1 (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\MyNewsBarLauncher.IE5BarLauncherBHO (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\MyNewsBarLauncher.IE5BarLauncher.1 (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\MyNewsBarLauncher.IE5BarLauncher (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 2
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Daten: StartSearchTB -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Daten: -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\M*&S*\AppData\Local\Temp\tdwmrvgrlj.pre (Trojan.Agent.ED) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\M*&S*\AppData\Local\Temp\yrjradhups.pre (Trojan.Agent.ED) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)


Von Emisoft kann ich leider nichts finden..
__________________
Alt 05.07.2013, 18:09   #4
markusg
/// Malware-holic
 
Fehlermeldung - Server ist ausgelastet - Standard

Fehlermeldung - Server ist ausgelastet


emsisoft öffnen und auf protokolle gehen da ists
oder c:\benutzer\name\eigene dokumente\antimalware\reports
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 05.07.2013, 18:25   #5
eckisingerka
 
Fehlermeldung - Server ist ausgelastet - Standard

Fehlermeldung - Server ist ausgelastet


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 05.07.2013 19:08:03 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\M*&S*\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,94 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 50,84% Memory free
7,87 Gb Paging File | 5,08 Gb Available in Paging File | 64,57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921,40 Gb Total Space | 771,21 Gb Free Space | 83,70% Space Free | Partition Type: NTFS
Drive E: | 28,71 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: MALWASTEFFEN | User Name: M*&S* | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Malwa&Steffen\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH)
PRC - C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe (Emsisoft GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\program files (x86)\avira\antivir desktop\ipmGui.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe (iMesh, Inc)
PRC - C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\ProgramData\DatacardService\DCSHelper.exe (Huawei Technologies Co., Ltd.)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
PRC - C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe ()
PRC - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Personalization Manager\VpmIfPav.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Users\Malwa&Steffen\AppData\Roaming\Mobile Partner\LiveUpdate.exe (Huawei Technologies Co., Ltd.)
PRC - C:\Users\Malwa&Steffen\AppData\Roaming\Mobile Partner\ouc.exe (Huawei Technologies Co., Ltd.)
PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe ()
MOD - C:\Program Files (x86)\Mobile Partner\LocaleMgrPlugin.dll ()
MOD - C:\Program Files (x86)\Mobile Partner\SMSPlugin.dll ()
MOD - C:\Program Files (x86)\Mobile Partner\NotifyServicePlugin.dll ()
MOD - C:\Program Files (x86)\Mobile Partner\ConfigFilePlugin.dll ()
MOD - C:\Program Files (x86)\Mobile Partner\DeviceMgrPlugin.dll ()
MOD - C:\Program Files (x86)\Mobile Partner\NetInfoPlugin.dll ()
MOD - C:\Program Files (x86)\Mobile Partner\DialUpPlugin.dll ()
MOD - C:\Program Files (x86)\Mobile Partner\DeviceMgrUIPlugin.dll ()
MOD - C:\Program Files (x86)\Mobile Partner\NDISAPI.dll ()
MOD - C:\Programme\Sony\VAIO Personalization Manager\sqlite3.dll ()
MOD - C:\Program Files (x86)\Mobile Partner\XCodec.dll ()
MOD - C:\Program Files (x86)\Mobile Partner\atcomm.dll ()
MOD - C:\Program Files (x86)\Mobile Partner\DetectDev.dll ()
MOD - C:\Program Files (x86)\Mobile Partner\FileManager.dll ()
MOD - C:\Program Files (x86)\Mobile Partner\DeviceOperate.dll ()
MOD - C:\Program Files (x86)\Mobile Partner\isaputrace.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (a2AntiMalware) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update\VUAgent.exe (Sony Corporation)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (HWDeviceService64.exe) -- C:\ProgramData\DatacardService\HWDeviceService64.exe ()
SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (SpfService) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (VSNService) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
SRV - (VcmINSMgr) -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (Roxio Upnp Server 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions)
SRV - (Roxio UPnP Renderer 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions)
SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (grmnusb) -- C:\Windows\SysNative\drivers\grmnusb.sys (GARMIN Corp.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ewusbmbb) -- C:\Windows\SysNative\drivers\ewusbwwan.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC)
DRV:64bit: - (risdsnpe) -- C:\Windows\SysNative\drivers\risdsne64.sys (REDC)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (hidkmdf) -- C:\Windows\SysNative\drivers\hidkmdf.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (NW1950) -- C:\Windows\SysNative\drivers\NW1950.sys ()
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\drivers\e1y62x64.sys (Intel Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited)
DRV - (cleanhlp) -- C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys (Emsisoft GmbH)
DRV - (A2DDA) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys (Emsisoft GmbH)
DRV - (a2util) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys (Emsisoft GmbH)
DRV - (a2acc) -- C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys (Emsisoft GmbH)
DRV - (a2injectiondriver) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys (Emsisoft GmbH)
DRV - (UnlockerDriver5) -- C:\Programme\Unlocker\UnlockerDriver5.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=1083&systemid=1&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {CCC26D69-B954-490F-B840-7B7DBD117EB8}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=1083&systemid=1&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{CCC26D69-B954-490F-B840-7B7DBD117EB8}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2129794164-2997759859-3767516312-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2129794164-2997759859-3767516312-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
IE - HKU\S-1-5-21-2129794164-2997759859-3767516312-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-2129794164-2997759859-3767516312-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 63 AE 31 0E C6 8C CB 01  [binary data]
IE - HKU\S-1-5-21-2129794164-2997759859-3767516312-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-2129794164-2997759859-3767516312-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SVED_en___DE408
IE - HKU\S-1-5-21-2129794164-2997759859-3767516312-1000\..\SearchScopes\{CCC26D69-B954-490F-B840-7B7DBD117EB8}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-2129794164-2997759859-3767516312-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2010.04.26 06:33:16 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2010.04.26 06:33:16 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: Suche
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Poczta o2 = C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdhkhehdcicfckijbllglgdkegdnhplm\1.0.21_0\
CHR - Extension: TV for Google Chrome\u2122 = C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe\2.1.1_0\
CHR - Extension: Yahoo Mail Widget = C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\opeeoaeaoifnbgnigifffgcmfcfimijl\1.8.5_0\
CHR - Extension: Instagram for Chrome = C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb\4.6.3_0\
CHR - Extension: LiveVDO plugin = C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp\1.3_0\
CHR - Extension: Google Mail = C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll (Google Inc.)
O2:64bit: - BHO: (DataMngr) - {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\BROWSE~1.DLL (iMesh, Inc)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (Wincore Mediabar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (DataMngr) - {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\BROWSE~1.DLL (iMesh, Inc)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Wincore Mediabar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-2129794164-2997759859-3767516312-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE (iMesh, Inc)
O4 - HKLM..\Run: [emsisoft anti-malware] c:\program files (x86)\emsisoft anti-malware\a2guard.exe (Emsisoft GmbH)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [SHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation)
O4 - HKLM..\Run: [UnlockerAssistant] "C:\Users\Malwa&Steffen\Desktop\Unlocker\UnlockerAssistant.exe" File not found
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2129794164-2997759859-3767516312-1000..\Run: [Elbserver] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe (Sony Corporation)
O4 - HKU\S-1-5-21-2129794164-2997759859-3767516312-1000..\Run: [HW_OPENEYE_OUC_Mobile Partner] C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)
O4 - HKU\S-1-5-21-2129794164-2997759859-3767516312-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-21-2129794164-2997759859-3767516312-1000..\Run: [videou] "C:\Users\Malwa&Steffen\AppData\Roaming\videou.exe" -autorun File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Malwa&Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B5C59715-7985-4002-8C6B-A191BC013D50}: NameServer = 193.189.244.225 193.189.244.206
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD08801C-53D0-471C-915E-6AE89532C96B}: NameServer = 193.189.244.206 193.189.244.225
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll) - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll (iMesh, Inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll) - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll (iMesh, Inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\datamngr.dll) - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\datamngr.dll (iMesh, Inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll) - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.11.17 07:37:37 | 000,142,336 | R--- | M] () - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008.06.04 20:35:30 | 000,000,047 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{04e24d1f-b222-11e2-bf93-54424914cecc}\Shell - "" = AutoRun
O33 - MountPoints2\{04e24d1f-b222-11e2-bf93-54424914cecc}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.11.17 07:37:37 | 000,142,336 | R--- | M] ()
O33 - MountPoints2\{04e24d2e-b222-11e2-bf93-54424914cecc}\Shell - "" = AutoRun
O33 - MountPoints2\{04e24d2e-b222-11e2-bf93-54424914cecc}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.11.17 07:37:37 | 000,142,336 | R--- | M] ()
O33 - MountPoints2\{30e0fc2f-b9a7-11e2-af49-54424914cecc}\Shell - "" = AutoRun
O33 - MountPoints2\{30e0fc2f-b9a7-11e2-af49-54424914cecc}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{a7346974-53fb-11e1-a772-f07bcbd0c6aa}\Shell - "" = AutoRun
O33 - MountPoints2\{a7346974-53fb-11e1-a772-f07bcbd0c6aa}\Shell\AutoRun\command - "" = E:\USBAutoRun.exe
O33 - MountPoints2\{bffa1a3d-b3cb-11e2-8000-001e101f2c0e}\Shell - "" = AutoRun
O33 - MountPoints2\{bffa1a3d-b3cb-11e2-8000-001e101f2c0e}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.11.17 07:37:37 | 000,142,336 | R--- | M] ()
O33 - MountPoints2\{c6083689-d26c-11e2-af4f-001e101f9843}\Shell - "" = AutoRun
O33 - MountPoints2\{c6083689-d26c-11e2-af4f-001e101f9843}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.11.17 07:37:37 | 000,142,336 | R--- | M] ()
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.11.17 07:37:37 | 000,142,336 | R--- | M] ()
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.07.05 11:48:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.07.05 11:48:16 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.07.05 11:48:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.07.04 22:14:17 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.07.04 20:41:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
[2013.07.04 20:40:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2013.07.04 16:39:34 | 000,000,000 | ---D | C] -- C:\Users\Malwa&Steffen\AppData\Roaming\DSite
[2013.07.04 09:57:52 | 000,000,000 | ---D | C] -- C:\Users\Malwa&Steffen\AppData\Roaming\Malwarebytes
[2013.07.04 09:57:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.07.03 19:48:10 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.07.03 19:48:10 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.07.03 19:48:10 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.07.03 19:48:10 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.07.03 19:48:10 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.07.03 19:48:10 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.07.03 19:48:10 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.07.03 19:48:10 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.07.03 19:48:10 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.07.03 19:48:09 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.07.03 19:48:08 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.07.03 19:48:08 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.07.03 19:48:08 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.07.03 19:47:17 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.07.03 19:47:16 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.07.03 12:15:15 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.07.03 12:15:15 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.07.03 12:15:15 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.07.03 12:15:15 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.07.03 12:15:15 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.07.03 12:15:15 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.07.03 12:15:15 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.07.03 12:15:15 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.07.03 12:15:15 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.07.03 12:15:15 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.07.03 12:15:15 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.07.03 12:15:15 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.07.03 12:15:15 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.07.03 12:15:15 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.07.03 12:15:15 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.07.03 12:15:15 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.07.03 12:15:15 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.07.03 12:15:15 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.07.03 12:15:15 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.07.03 12:15:15 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.07.03 12:15:15 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.07.03 12:15:15 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.07.03 12:15:15 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.07.03 12:15:15 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.07.03 12:15:15 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.07.03 12:15:14 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.07.03 12:15:14 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.07.03 12:15:14 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.07.03 12:15:14 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.07.03 12:15:14 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.07.03 12:15:14 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.07.03 12:15:14 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.07.03 12:15:14 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.07.03 12:15:14 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.07.03 12:15:14 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.07.03 12:15:14 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.07.03 12:15:14 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.07.03 12:15:14 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.07.03 12:15:14 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.07.03 12:15:14 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.07.03 12:15:14 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.07.03 12:15:14 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.07.03 12:15:14 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.07.03 12:15:14 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.07.03 12:15:14 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.07.03 12:15:14 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.07.03 12:15:14 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.07.03 12:15:14 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.07.03 12:15:14 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.07.03 12:15:14 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.07.03 12:15:14 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.07.03 12:15:14 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.07.03 12:15:14 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.07.03 12:06:14 | 000,000,000 | ---D | C] -- C:\Users\Malwa&Steffen\Desktop\ebay
[2013.06.17 11:12:57 | 000,000,000 | ---D | C] -- C:\Users\Malwa&Steffen\AppData\Local\Apps
[2013.06.13 09:15:14 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.06.13 09:15:13 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.06.13 09:15:12 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013.06.13 09:14:57 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2013.06.13 09:14:57 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2013.06.13 09:14:48 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013.06.13 09:14:47 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013.06.13 09:14:47 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013.06.13 09:14:47 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013.06.13 09:14:47 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2013.06.13 09:14:47 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2013.06.13 09:14:44 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.06.13 09:14:44 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.05.10 12:31:59 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Users\Malwa&Steffen\AppData\Roaming\mfc71.dll
[2013.05.10 12:31:59 | 001,047,552 | ---- | C] (Microsoft Corporation) -- C:\Users\Malwa&Steffen\AppData\Roaming\MFC71u.dll
[2013.05.10 12:31:59 | 000,927,504 | ---- | C] (Microsoft Corporation) -- C:\Users\Malwa&Steffen\AppData\Roaming\mfc40u.dll
[2013.05.10 12:31:59 | 000,901,120 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Users\Malwa&Steffen\AppData\Roaming\LiveUpdate.exe
[2013.05.10 12:31:59 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\Users\Malwa&Steffen\AppData\Roaming\msvcp71.dll
[2013.05.10 12:31:59 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Users\Malwa&Steffen\AppData\Roaming\msvcp60.dll
[2013.05.10 12:31:59 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Users\Malwa&Steffen\AppData\Roaming\msvcr71.dll
 
========== Files - Modified Within 30 Days ==========
 
[2013.07.05 19:07:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.05 18:30:02 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.05 18:29:37 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.05 18:29:37 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.05 18:21:57 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.05 18:21:37 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2013.07.05 18:21:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.05 18:21:16 | 3170,246,656 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.05 08:54:22 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.05 08:54:22 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.07.05 08:54:22 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.05 08:54:22 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.07.05 08:54:22 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.03 12:15:15 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.07.03 12:15:15 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.07.03 12:15:15 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.07.03 12:15:15 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.07.03 12:15:15 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.07.03 12:15:15 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.07.03 12:15:15 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.07.03 12:15:15 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.07.03 12:15:15 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.07.03 12:15:15 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.07.03 12:15:15 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.07.03 12:15:15 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.07.03 12:15:15 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.07.03 12:15:15 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.07.03 12:15:15 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.07.03 12:15:15 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.07.03 12:15:15 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.07.03 12:15:15 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.07.03 12:15:15 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.07.03 12:15:15 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.07.03 12:15:15 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.07.03 12:15:15 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.07.03 12:15:15 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.07.03 12:15:15 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.07.03 12:15:15 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.07.03 12:15:15 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.07.03 12:15:14 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.07.03 12:15:14 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.07.03 12:15:14 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.07.03 12:15:14 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.07.03 12:15:14 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.07.03 12:15:14 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.07.03 12:15:14 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.07.03 12:15:14 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.07.03 12:15:14 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.07.03 12:15:14 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.07.03 12:15:14 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.07.03 12:15:14 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.07.03 12:15:14 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.07.03 12:15:14 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.07.03 12:15:14 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.07.03 12:15:14 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.07.03 12:15:14 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.07.03 12:15:14 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.07.03 12:15:14 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.07.03 12:15:14 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.07.03 12:15:14 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.07.03 12:15:14 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.07.03 12:15:14 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.07.03 12:15:14 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.07.03 12:15:14 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.07.03 12:15:14 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.07.03 12:15:14 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013.07.03 12:15:14 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.07.03 12:15:14 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.06.26 11:38:28 | 000,083,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.06.24 17:28:37 | 000,000,000 | -H-- | M] () -- C:\ProgramData\PKP_DLev.DAT
[2013.06.24 17:28:37 | 000,000,000 | -H-- | M] () -- C:\ProgramData\PKP_DLet.DAT
[2013.06.24 17:28:37 | 000,000,000 | -H-- | M] () -- C:\ProgramData\PKP_DLes.DAT
[2013.06.24 17:28:37 | 000,000,000 | ---- | M] () -- C:\Users\Malwa&Steffen\AppData\Roaming\Organic
[2013.06.24 17:28:37 | 000,000,000 | ---- | M] () -- C:\ProgramData\MIDI Devices
[2013.06.14 10:07:36 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.06.14 10:07:36 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.06.11 15:11:30 | 000,002,432 | ---- | M] () -- C:\Users\Malwa&Steffen\AppData\Local\TemprX6524.html
[2013.06.11 15:11:30 | 000,002,089 | ---- | M] () -- C:\Users\Malwa&Steffen\AppData\Local\TempRU6524.html
[2013.06.08 16:06:58 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.06.08 13:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
 
========== Files Created - No Company Name ==========
 
[2013.07.03 12:15:15 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.07.03 12:15:14 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.06.24 17:28:37 | 000,000,000 | ---- | C] () -- C:\ProgramData\MIDI Devices
[2013.06.11 15:10:52 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TemprX6524.html
[2013.06.11 15:10:52 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempRU6524.html
[2013.05.10 12:31:59 | 000,000,641 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Roaming\LiveUpdate.ini
[2013.04.17 16:33:34 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempFT2932.html
[2013.04.17 16:33:34 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempaZ2932.html
[2013.04.07 17:25:21 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempfN4340.html
[2013.04.07 17:25:21 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempaf4340.html
[2013.04.04 18:12:27 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempog5916.html
[2013.04.04 18:12:27 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempWa5916.html
[2013.03.24 16:43:38 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempCj1524.html
[2013.03.24 16:43:38 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempVJ1524.html
[2013.03.14 11:37:04 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempGa4620.html
[2013.03.14 11:37:04 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempGb4620.html
[2013.02.22 13:32:18 | 000,003,584 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.02.17 18:41:43 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempbu5636.html
[2013.02.17 18:41:43 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempVQ5636.html
[2013.01.02 22:47:33 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TemppQ1196.html
[2013.01.02 22:47:33 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempGV1196.html
[2013.01.01 00:46:19 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempyj2528.html
[2013.01.01 00:46:19 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TemphG2528.html
[2012.12.31 22:41:54 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempTU2492.html
[2012.12.31 22:41:54 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempEM2492.html
[2012.12.29 20:32:41 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempjv3948.html
[2012.12.29 20:32:41 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Temprl3948.html
[2012.12.29 12:31:00 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempTVt728.html
[2012.12.29 12:31:00 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempxsY728.html
[2012.12.27 11:47:58 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempPL5148.html
[2012.12.27 11:47:58 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempMq5148.html
[2012.12.26 18:06:46 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempvO4436.html
[2012.12.26 18:06:46 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TemphK4436.html
[2012.12.16 01:25:40 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempIz5652.html
[2012.12.16 01:25:40 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempQl5652.html
[2012.12.15 17:32:51 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempfF4324.html
[2012.12.15 17:32:51 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempJy4324.html
[2012.11.15 21:56:17 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Temptf3544.html
[2012.11.15 21:56:17 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempjR3544.html
[2012.10.07 16:26:21 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Templf5504.html
[2012.10.07 16:26:21 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempsR5504.html
[2012.09.26 19:26:02 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempPN5320.html
[2012.09.26 19:26:02 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempfO5320.html
[2012.06.17 08:26:54 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TemptM4548.html
[2012.06.17 08:26:54 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempjs4548.html
[2012.06.03 09:03:12 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempnr2992.html
[2012.06.03 09:03:12 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempmS2992.html
[2012.05.25 23:26:12 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempZi2792.html
[2012.05.25 23:26:12 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempIQ2792.html
[2012.05.18 22:15:01 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempvF2964.html
[2012.05.18 22:15:01 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempGZ2964.html
[2012.05.17 08:55:56 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TemprG1404.html
[2012.05.17 08:55:56 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempYI1404.html
[2012.04.16 21:20:03 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempRG3784.html
[2012.04.16 21:20:03 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TemplC3784.html
[2012.04.15 19:51:40 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempBY1104.html
[2012.04.15 19:51:40 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempyw1104.html
[2012.04.07 19:58:26 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempFk2976.html
[2012.04.07 19:58:26 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempSJ2976.html
[2012.04.05 21:12:14 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempoD3972.html
[2012.04.05 21:12:14 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempCv3972.html
[2012.04.03 09:40:40 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempdw6132.html
[2012.04.03 09:40:40 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempyx6132.html
[2012.04.02 20:28:42 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempGK5944.html
[2012.04.02 20:28:42 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Templr5944.html
[2012.03.26 22:37:36 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempeA4644.html
[2012.03.26 22:37:36 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Temprw4644.html
[2012.03.22 19:53:12 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempNK4464.html
[2012.03.22 19:53:12 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempxe4464.html
[2012.03.22 11:21:12 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempsoT828.html
[2012.03.22 11:21:12 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempYSI828.html
[2012.03.21 20:24:50 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempkR3284.html
[2012.03.21 20:24:50 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TemphX3284.html
[2012.03.18 09:52:28 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempQT1580.html
[2012.03.18 09:52:28 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempCm1580.html
[2012.03.09 13:27:31 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempNUE760.html
[2012.03.09 13:27:31 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempPEy760.html
[2012.03.07 15:59:00 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempva4372.html
[2012.03.07 15:59:00 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempQK4372.html
[2012.03.02 21:16:25 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempFy1472.html
[2012.03.02 21:16:25 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempPn1472.html
[2012.02.28 19:31:31 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempoF3628.html
[2012.02.28 19:31:31 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempIi3628.html
[2012.02.25 09:33:25 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempuB5876.html
[2012.02.25 09:33:25 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempyE5876.html
[2012.02.24 14:09:01 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempac4476.html
[2012.02.24 14:09:01 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempxo4476.html
[2012.02.21 23:59:55 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempAX3336.html
[2012.02.21 23:59:55 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TemppF3336.html
[2012.02.17 22:38:04 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempGZ4760.html
[2012.02.17 22:38:04 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempqe4760.html
[2012.02.17 10:33:50 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempeA5744.html
[2012.02.17 10:33:50 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempuL5744.html
[2012.02.14 13:56:42 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempEN3692.html
[2012.02.14 13:56:42 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempEy3692.html
[2012.02.12 21:09:45 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempHK5988.html
[2012.02.12 21:09:45 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempbY5988.html
[2012.02.11 09:42:44 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempXV4092.html
[2012.02.11 09:42:44 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempZQ4092.html
[2012.02.10 21:59:54 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempgv5316.html
[2012.02.10 21:59:54 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempSj5316.html
[2012.02.10 14:17:47 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempJcd828.html
[2012.02.10 14:17:47 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempyks828.html
[2012.02.08 12:35:53 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempnPJ616.html
[2012.02.08 12:35:53 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Temptwu616.html
[2012.02.08 08:43:17 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempYg2076.html
[2012.02.08 08:43:17 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempDP2076.html
[2012.02.07 19:26:14 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempGFa996.html
[2012.02.07 19:26:14 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempdjX996.html
[2012.02.07 13:35:11 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempeC3388.html
[2012.02.07 13:35:11 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempUS3388.html
[2012.02.05 09:27:34 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TemppS4744.html
[2012.02.05 09:27:34 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempfq4744.html
[2012.02.04 21:39:06 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempIA4552.html
[2012.02.04 21:39:06 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Temppk4552.html
[2012.02.02 21:45:08 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempqW2564.html
[2012.02.02 21:45:08 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempXw2564.html
[2012.01.24 14:35:29 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempzw5928.html
[2012.01.24 14:35:29 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempxl5928.html
[2012.01.24 09:31:18 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempuc5576.html
[2012.01.24 09:31:18 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempVA5576.html
[2012.01.21 20:44:21 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempsJ5528.html
[2012.01.21 20:44:21 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempnq5528.html
[2012.01.20 21:11:52 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempaF4584.html
[2012.01.20 21:11:52 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempZP4584.html
[2012.01.19 21:42:32 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempbj4816.html
[2012.01.19 21:42:31 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempYI4816.html
[2012.01.07 20:58:13 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TemprU1060.html
[2012.01.07 20:58:13 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempJb1060.html
[2012.01.06 11:48:14 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempYr1920.html
[2012.01.06 11:48:14 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Temptt1920.html
[2012.01.04 10:23:26 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempTU5136.html
[2012.01.04 10:23:26 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempWo5136.html
[2012.01.01 10:32:17 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempqm2392.html
[2012.01.01 10:32:17 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempSE2392.html
[2011.12.26 18:59:04 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempab5648.html
[2011.12.26 18:59:04 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempIU5648.html
[2011.12.26 10:25:27 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempOQ4652.html
[2011.12.26 10:25:27 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempmI4652.html
[2011.12.17 13:21:45 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempCN5420.html
[2011.12.17 13:21:45 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempkx5420.html
[2011.12.15 22:04:22 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempME3832.html
[2011.12.15 22:04:22 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempsE3832.html
[2011.12.12 22:02:07 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempEi4960.html
[2011.12.12 22:02:07 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempgM4960.html
[2011.12.07 08:43:00 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempvU2888.html
[2011.12.07 08:43:00 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempzM2888.html
[2011.11.28 13:32:29 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempPz3424.html
[2011.11.28 13:32:29 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempNn3424.html
[2011.11.27 18:40:25 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempbu4320.html
[2011.11.27 18:40:25 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempRc4320.html
[2011.11.26 10:39:48 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Temprr6040.html
[2011.11.26 10:39:48 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TemplA6040.html
[2011.11.18 21:37:15 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Temprp4024.html
[2011.11.18 21:37:15 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempso4024.html
[2011.11.10 20:19:39 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempMF5296.html
[2011.11.10 20:19:39 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempgT5296.html
[2011.11.09 12:06:08 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempIj1764.html
[2011.11.09 12:06:08 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempWK1764.html
[2011.10.31 22:41:50 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempev1428.html
[2011.10.31 22:41:50 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempQj1428.html
[2011.10.29 08:29:19 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempXP5944.html
[2011.10.29 08:29:19 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempDg5944.html
[2011.10.28 21:43:42 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempxt6064.html
[2011.10.28 21:43:42 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempgw6064.html
[2011.10.24 20:33:52 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TemppG5720.html
[2011.10.24 20:33:52 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempjT5720.html
[2011.10.11 21:00:10 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Temphk3636.html
[2011.10.11 21:00:10 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempBi3636.html
[2011.10.07 12:53:49 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempkC3892.html
[2011.10.07 12:53:49 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempLC3892.html
[2011.10.07 08:12:40 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempfp1388.html
[2011.10.07 08:12:40 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempbe1388.html
[2011.09.23 23:29:02 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TemplT1680.html
[2011.09.23 23:29:02 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempgo1680.html
[2011.09.23 20:01:17 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempKz5848.html
[2011.09.23 20:01:17 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempfF5848.html
[2011.09.18 15:54:36 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempSh5224.html
[2011.09.18 15:54:36 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Templc5224.html
[2011.09.15 21:27:06 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempuk2192.html
[2011.09.15 21:27:06 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempBD2192.html
[2011.09.12 20:35:53 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempWp3716.html
[2011.09.12 20:35:53 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempgL3716.html
[2011.09.04 20:54:31 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempeV6028.html
[2011.09.04 20:54:31 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempca6028.html
[2011.08.19 18:52:36 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempxw5896.html
[2011.08.19 18:52:36 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempJP5896.html
[2011.08.18 21:45:39 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempsT1868.html
[2011.08.18 21:45:39 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempiI1868.html
[2011.08.18 13:23:09 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempsX4744.html
[2011.08.18 13:23:09 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempEM4744.html
[2011.08.16 15:12:03 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempYX3172.html
[2011.08.16 15:12:03 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempfU3172.html
[2011.08.02 18:58:14 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempsb6052.html
[2011.08.02 18:58:14 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TemphH6052.html
[2011.07.30 11:26:40 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempov4980.html
[2011.07.30 11:26:40 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempGS4980.html
[2011.07.29 12:40:46 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempGS5288.html
[2011.07.29 12:40:46 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempol5288.html
[2011.07.26 18:56:23 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempzs5904.html
[2011.07.26 18:56:23 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempaR5904.html
[2011.07.22 08:59:37 | 000,000,000 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\{3607FF7A-60D3-4670-BD32-CB173C8C268F}
[2011.07.18 14:48:21 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempGoN304.html
[2011.07.18 14:48:21 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempUdH304.html
[2011.07.18 11:46:05 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempFx6100.html
[2011.07.18 11:46:05 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempjA6100.html
[2011.07.17 20:47:11 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempsA5324.html
[2011.07.17 20:47:11 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Templj5324.html
[2011.07.14 22:13:17 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempHA4320.html
[2011.07.14 22:13:17 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempvq4320.html
[2011.07.08 10:16:20 | 000,000,000 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\{3CD0654E-13E3-45F3-A074-47C5708A1CF3}
[2011.07.07 17:17:32 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempbg3232.html
[2011.07.07 17:17:32 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempHI3232.html
[2011.07.07 15:41:41 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempei5720.html
[2011.07.07 15:41:41 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempaL5720.html
[2011.06.24 18:33:41 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempBZ5512.html
[2011.06.24 18:33:41 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempjj5512.html
[2011.06.16 14:03:18 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempyp2484.html
[2011.06.16 14:03:18 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempNw2484.html
[2011.06.09 18:10:02 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempch3024.html
[2011.06.09 18:10:02 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempIZ3024.html
[2011.06.06 20:52:23 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempVa4756.html
[2011.06.06 20:52:23 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempau4756.html
[2011.05.31 20:19:48 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempcF5680.html
[2011.05.31 20:19:48 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Temptg5680.html
[2011.05.27 21:18:22 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempcVh624.html
[2011.05.27 21:18:22 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempPGI624.html
[2011.05.26 22:57:10 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempkEN564.html
[2011.05.26 22:57:10 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempaGB564.html
[2011.05.20 11:02:02 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempqp2344.html
[2011.05.20 11:02:02 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TemprL2344.html
[2011.05.15 12:01:52 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempYJ5048.html
[2011.05.15 12:01:52 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempzP5048.html
[2011.05.13 12:25:45 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Temppf4508.html
[2011.05.13 12:25:45 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempPV4508.html
[2011.05.10 20:52:32 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Temptm4264.html
[2011.05.10 20:52:32 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempTk4264.html
[2011.05.07 11:45:27 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempoq2556.html
[2011.05.07 11:45:27 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempPl2556.html
[2011.04.21 18:34:46 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempTL6000.html
[2011.04.21 18:34:46 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempRE6000.html
[2011.04.19 13:07:47 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempZB1256.html
[2011.04.19 13:07:47 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempBy1256.html
[2011.04.15 07:48:47 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempMj1676.html
[2011.04.15 07:48:47 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempMo1676.html
[2011.04.14 13:52:41 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempgG2476.html
[2011.04.14 13:52:41 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempRy2476.html
[2011.04.13 11:52:01 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TemphS5660.html
[2011.04.13 11:52:01 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempcV5660.html
[2011.04.12 09:02:22 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TemptS1084.html
[2011.04.12 09:02:22 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempro1084.html
[2011.04.11 19:43:30 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempAX5776.html
[2011.04.11 19:43:30 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempCs5776.html
[2011.04.11 09:54:07 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempKy5188.html
[2011.04.11 09:54:07 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempry5188.html
[2011.04.08 14:14:57 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempxp2556.html
[2011.04.08 14:14:57 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempoT2556.html
[2011.04.07 18:08:42 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Temptl5912.html
[2011.04.07 18:08:42 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempME5912.html
[2011.04.04 10:01:29 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempIb5064.html
[2011.04.04 10:01:29 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempJY5064.html
[2011.04.01 19:11:46 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempxn1344.html
[2011.04.01 19:11:46 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempck1344.html
[2011.03.31 09:46:09 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempHXs644.html
[2011.03.31 09:46:09 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempqIt644.html
[2011.03.30 12:13:55 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempfE5332.html
[2011.03.30 12:13:55 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempke5332.html
[2011.03.28 11:10:44 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempyQ2348.html
[2011.03.28 11:10:44 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempem2348.html
[2011.03.24 10:59:22 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempwU4632.html
[2011.03.24 10:59:22 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Temppa4632.html
[2011.03.22 19:34:53 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempWt4276.html
[2011.03.22 19:34:53 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempWO4276.html
[2011.03.21 12:00:01 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TemplJQ720.html
[2011.03.21 12:00:01 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempEiu720.html
[2011.03.19 21:28:50 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempjf5972.html
[2011.03.19 21:28:50 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TemplP5972.html
[2011.03.14 15:57:54 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempYl4420.html
[2011.03.14 15:57:54 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempok4420.html
[2011.03.13 18:38:52 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempMv1268.html
[2011.03.13 18:38:52 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempXh1268.html
[2011.03.12 21:16:01 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempxD3860.html
[2011.03.12 21:16:01 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempto3860.html
[2011.03.09 19:45:51 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempRq4428.html
[2011.03.09 19:45:51 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempfS4428.html
[2011.03.09 12:00:43 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempwd5204.html
[2011.03.09 12:00:43 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempHk5204.html
[2011.03.07 13:00:44 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempxa4936.html
[2011.03.07 13:00:44 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempFG4936.html
[2011.03.03 19:28:52 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempAi5940.html
[2011.03.03 19:28:52 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempnZ5940.html
[2011.02.25 20:44:20 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempEd2272.html
[2011.02.25 20:44:20 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Templf2272.html
[2011.02.22 19:44:36 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempGA4924.html
[2011.02.22 19:44:36 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempYc4924.html
[2011.02.16 19:39:16 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempyJ5944.html
[2011.02.16 19:39:16 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempUB5944.html
[2011.02.12 16:59:29 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempFB5944.html
[2011.02.12 16:59:29 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempEr5944.html
[2011.02.12 01:21:30 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempYU1060.html
[2011.02.12 01:21:30 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempMy1060.html
[2011.02.11 00:38:23 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempFH5216.html
[2011.02.11 00:38:23 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempmJ5216.html
[2011.02.08 12:14:00 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempsr5248.html
[2011.02.08 12:14:00 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempEt5248.html
[2011.02.05 14:01:01 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2011.02.05 14:01:01 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2011.02.05 14:01:01 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2011.02.05 14:01:01 | 000,000,000 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Roaming\Organic
[2011.02.05 13:57:36 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempYl5516.html
[2011.02.05 13:57:36 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempXX5516.html
[2011.01.30 13:49:01 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempnlJ152.html
[2011.01.30 13:49:01 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempuVu152.html
[2011.01.28 21:19:04 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempWnZ292.html
[2011.01.28 21:19:04 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempiRT292.html
[2011.01.28 19:19:54 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempPsr944.html
[2011.01.28 19:19:54 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempAPE944.html
[2011.01.25 19:44:32 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempWG4696.html
[2011.01.25 19:44:32 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempBU4696.html
[2011.01.08 13:22:57 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempdJ1156.html
[2011.01.08 13:22:57 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempPp1156.html
[2011.01.05 21:17:52 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempwAw364.html
[2011.01.05 21:17:52 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempaAm364.html
[2010.12.23 20:33:04 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempZF4028.html
[2010.12.23 20:33:04 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempJj4028.html
[2010.12.20 20:13:04 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempxL5692.html
[2010.12.20 20:13:04 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempRd5692.html
[2010.12.17 19:22:18 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempXA1876.html
[2010.12.17 19:22:18 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempGC1876.html
[2010.12.03 19:21:08 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempsc2164.html
[2010.12.03 19:21:08 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TemphY2164.html
[2010.12.02 21:34:06 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempim3256.html
[2010.12.02 21:34:06 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempGE3256.html
[2010.11.28 21:36:50 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempdo3016.html
[2010.11.28 21:36:50 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempWA3016.html
[2010.11.26 21:52:56 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Temppq1352.html
[2010.11.26 21:52:56 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TemphA1352.html
[2010.11.26 08:54:15 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\Tempby2772.html
[2010.11.26 08:54:15 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempTg2772.html
[2010.11.25 20:47:03 | 000,002,432 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempDlE876.html
[2010.11.25 20:47:03 | 000,002,089 | ---- | C] () -- C:\Users\Malwa&Steffen\AppData\Local\TempUmR876.html
[2010.11.25 14:57:41 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.04.26 06:40:23 | 000,000,221 | ---- | C] () -- C:\ProgramData\MusicStation.xml
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.02.03 00:14:19 | 000,000,000 | ---D | M] -- C:\Users\Malwa&Steffen\AppData\Roaming\1&1 Mail & Media GmbH
[2010.12.28 17:13:03 | 000,000,000 | ---D | M] -- C:\Users\Malwa&Steffen\AppData\Roaming\Auslogics
[2011.06.07 21:51:53 | 000,000,000 | ---D | M] -- C:\Users\Malwa&Steffen\AppData\Roaming\Babylon
[2013.01.13 09:51:23 | 000,000,000 | ---D | M] -- C:\Users\Malwa&Steffen\AppData\Roaming\DAEMON Tools Lite
[2011.05.20 12:29:01 | 000,000,000 | ---D | M] -- C:\Users\Malwa&Steffen\AppData\Roaming\Dropbox
[2013.07.04 16:39:34 | 000,000,000 | ---D | M] -- C:\Users\Malwa&Steffen\AppData\Roaming\DSite
[2010.11.25 20:54:34 | 000,000,000 | ---D | M] -- C:\Users\Malwa&Steffen\AppData\Roaming\Gadu-Gadu 10
[2013.03.07 18:13:55 | 000,000,000 | ---D | M] -- C:\Users\Malwa&Steffen\AppData\Roaming\Garmin
[2011.08.04 08:45:04 | 000,000,000 | ---D | M] -- C:\Users\Malwa&Steffen\AppData\Roaming\go
[2012.02.10 21:37:50 | 000,000,000 | ---D | M] -- C:\Users\Malwa&Steffen\AppData\Roaming\LG Electronics
[2013.05.10 11:44:27 | 000,000,000 | ---D | M] -- C:\Users\Malwa&Steffen\AppData\Roaming\log
[2013.05.10 12:18:22 | 000,000,000 | ---D | M] -- C:\Users\Malwa&Steffen\AppData\Roaming\Mobile Partner
[2011.08.05 11:51:02 | 000,000,000 | ---D | M] -- C:\Users\Malwa&Steffen\AppData\Roaming\newfolder3
[2011.02.05 14:12:14 | 000,000,000 | ---D | M] -- C:\Users\Malwa&Steffen\AppData\Roaming\Nikon
[2013.01.13 09:51:22 | 000,000,000 | ---D | M] -- C:\Users\Malwa&Steffen\AppData\Roaming\OpenCandy
[2011.08.18 13:24:12 | 000,000,000 | ---D | M] -- C:\Users\Malwa&Steffen\AppData\Roaming\OpenFM
[2011.06.09 18:23:34 | 000,000,000 | ---D | M] -- C:\Users\Malwa&Steffen\AppData\Roaming\OpenOffice.org
[2012.12.02 14:43:58 | 000,000,000 | ---D | M] -- C:\Users\Malwa&Steffen\AppData\Roaming\PhotoScape
[2011.06.09 12:18:03 | 000,000,000 | ---D | M] -- C:\Users\Malwa&Steffen\AppData\Roaming\TP
[2013.01.13 09:54:16 | 000,000,000 | ---D | M] -- C:\Users\Malwa&Steffen\AppData\Roaming\TuneUp Software
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---
Alt 05.07.2013, 18:28   #6
markusg
/// Malware-holic
 
Fehlermeldung - Server ist ausgelastet - Standard

Fehlermeldung - Server ist ausgelastet


Hi,
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
--> Fehlermeldung - Server ist ausgelastet

Alt 05.07.2013, 18:32   #7
eckisingerka
 
Fehlermeldung - Server ist ausgelastet - Standard

Fehlermeldung - Server ist ausgelastet


Emsisoft Anti-Malware - Version 8.0
Letztes Update: 04.07.2013 20:46:10
Benutzerkonto: ***\M*&S*

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\

Riskware-Erkennung: Aus
Archiv Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus

Scan Beginn: 04.07.2013 20:47:14
Key: HKEY_USERS\S-1-5-21-2129794164-2997759859-3767516312-1000\SOFTWARE\IMESH gefunden: Trace.Registry.IMesh (A)
Value: HKEY_USERS\S-1-5-21-2129794164-2997759859-3767516312-1000\SOFTWARE\IMESH -> LASTOPENFILEDIR gefunden: Trace.Registry.iMesh (A)

Gescannt 527629
Gefunden 2

Scan Ende: 04.07.2013 21:55:33
Scan Zeit: 1:08:19

Key: HKEY_USERS\S-1-5-21-2129794164-2997759859-3767516312-1000\SOFTWARE\IMESH Quarantäne Trace.Registry.IMesh (A)

Quarantäne 1

Alt 05.07.2013, 18:34   #8
markusg
/// Malware-holic
 
Fehlermeldung - Server ist ausgelastet - Standard

Fehlermeldung - Server ist ausgelastet


ok dann mal weiter mit tdss killer
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 05.07.2013, 19:16   #9
eckisingerka
 
Fehlermeldung - Server ist ausgelastet - Standard

Fehlermeldung - Server ist ausgelastet


19:33:52.0054 5472 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:33:52.0990 5472 ============================================================
19:33:52.0990 5472 Current date / time: 2013/07/05 19:33:52.0990
19:33:52.0990 5472 SystemInfo:
19:33:52.0990 5472
19:33:52.0990 5472 OS Version: 6.1.7601 ServicePack: 1.0
19:33:52.0990 5472 Product type: Workstation
19:33:52.0990 5472 ComputerName: ***
19:33:52.0990 5472 UserName: M*&S*
19:33:52.0990 5472 Windows directory: C:\Windows
19:33:52.0990 5472 System windows directory: C:\Windows
19:33:52.0990 5472 Running under WOW64
19:33:52.0990 5472 Processor architecture: Intel x64
19:33:52.0991 5472 Number of processors: 2
19:33:52.0991 5472 Page size: 0x1000
19:33:52.0991 5472 Boot type: Normal boot
19:33:52.0991 5472 ============================================================
19:33:54.0435 5472 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:33:54.0453 5472 ============================================================
19:33:54.0453 5472 \Device\Harddisk0\DR0:
19:33:54.0545 5472 MBR partitions:
19:33:54.0545 5472 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1409800, BlocksNum 0x32000
19:33:54.0545 5472 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x143B800, BlocksNum 0x732CADB0
19:33:54.0545 5472 ============================================================
19:33:54.0666 5472 C: <-> \Device\Harddisk0\DR0\Partition2
19:33:54.0668 5472 ============================================================
19:33:54.0668 5472 Initialize success
19:33:54.0668 5472 ============================================================
19:34:40.0818 1808 ============================================================
19:34:40.0818 1808 Scan started
19:34:40.0818 1808 Mode: Manual; SigCheck; TDLFS;
19:34:40.0818 1808 ============================================================
19:34:41.0752 1808 ================ Scan system memory ========================
19:34:41.0752 1808 System memory - ok
19:34:41.0752 1808 ================ Scan services =============================
19:34:41.0868 1808 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:34:42.0107 1808 1394ohci - ok
19:34:42.0190 1808 [ 2D6434E957F7CFA0035C20890F77BBC6 ] a2acc C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
19:34:42.0302 1808 a2acc - ok
19:34:42.0430 1808 [ 4B9C5EEBEE862574CF794582104F0C91 ] a2AntiMalware C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
19:34:42.0494 1808 a2AntiMalware - ok
19:34:42.0508 1808 [ D27A8B7BB0E15DFBFC6B4E774EE17AD9 ] A2DDA C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
19:34:42.0533 1808 A2DDA - ok
19:34:42.0569 1808 [ 3D55CE53128C81E06CD6B024C3B9FAC3 ] a2injectiondriver C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys
19:34:42.0595 1808 a2injectiondriver - ok
19:34:42.0676 1808 [ 0932B29AA1B9372FFE6D3AF8BA2ABA3A ] a2util C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys
19:34:42.0732 1808 a2util - ok
19:34:42.0907 1808 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
19:34:42.0935 1808 ACDaemon - ok
19:34:42.0960 1808 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:34:42.0991 1808 ACPI - ok
19:34:43.0030 1808 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:34:43.0099 1808 AcpiPmi - ok
19:34:43.0195 1808 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:34:43.0220 1808 AdobeARMservice - ok
19:34:43.0283 1808 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:34:43.0312 1808 AdobeFlashPlayerUpdateSvc - ok
19:34:43.0345 1808 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:34:43.0378 1808 adp94xx - ok
19:34:43.0425 1808 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:34:43.0466 1808 adpahci - ok
19:34:43.0473 1808 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:34:43.0501 1808 adpu320 - ok
19:34:43.0512 1808 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:34:43.0620 1808 AeLookupSvc - ok
19:34:43.0671 1808 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:34:43.0719 1808 AFD - ok
19:34:43.0738 1808 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:34:43.0763 1808 agp440 - ok
19:34:43.0775 1808 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:34:43.0864 1808 ALG - ok
19:34:43.0882 1808 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:34:43.0906 1808 aliide - ok
19:34:43.0930 1808 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:34:43.0955 1808 amdide - ok
19:34:43.0978 1808 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:34:44.0042 1808 AmdK8 - ok
19:34:44.0058 1808 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:34:44.0100 1808 AmdPPM - ok
19:34:44.0120 1808 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:34:44.0145 1808 amdsata - ok
19:34:44.0167 1808 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:34:44.0194 1808 amdsbs - ok
19:34:44.0203 1808 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:34:44.0230 1808 amdxata - ok
19:34:44.0297 1808 [ FE9932692FC61C2203EC9884D414F700 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:34:44.0330 1808 AntiVirSchedulerService - ok
19:34:44.0367 1808 [ B1F8B58F27971B7E316DD316687886EC ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:34:44.0389 1808 AntiVirService - ok
19:34:44.0441 1808 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:34:44.0589 1808 AppID - ok
19:34:44.0618 1808 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:34:44.0683 1808 AppIDSvc - ok
19:34:44.0737 1808 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
19:34:44.0779 1808 Appinfo - ok
19:34:44.0791 1808 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
19:34:44.0816 1808 arc - ok
19:34:44.0829 1808 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:34:44.0855 1808 arcsas - ok
19:34:44.0875 1808 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
19:34:44.0898 1808 ArcSoftKsUFilter - ok
19:34:44.0911 1808 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:34:44.0972 1808 AsyncMac - ok
19:34:44.0986 1808 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:34:45.0014 1808 atapi - ok
19:34:45.0078 1808 [ CCA705CDF038D5BC243203CE4416B345 ] athr C:\Windows\system32\DRIVERS\athrx.sys
19:34:45.0161 1808 athr - ok
19:34:45.0213 1808 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:34:45.0294 1808 AudioEndpointBuilder - ok
19:34:45.0304 1808 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:34:45.0352 1808 AudioSrv - ok
19:34:45.0452 1808 [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
19:34:45.0477 1808 avgntflt - ok
19:34:45.0492 1808 [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
19:34:45.0519 1808 avipbb - ok
19:34:45.0560 1808 [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
19:34:45.0585 1808 avkmgr - ok
19:34:45.0627 1808 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:34:45.0721 1808 AxInstSV - ok
19:34:45.0748 1808 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:34:45.0805 1808 b06bdrv - ok
19:34:45.0820 1808 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:34:45.0867 1808 b57nd60a - ok
19:34:45.0929 1808 [ 825F81A6F7DD073509DB101F0BA6DC59 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
19:34:45.0959 1808 BBSvc - ok
19:34:45.0988 1808 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:34:46.0042 1808 BDESVC - ok
19:34:46.0056 1808 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:34:46.0124 1808 Beep - ok
19:34:46.0211 1808 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:34:46.0287 1808 BFE - ok
19:34:46.0317 1808 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:34:46.0388 1808 BITS - ok
19:34:46.0419 1808 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
19:34:46.0466 1808 blbdrive - ok
19:34:46.0506 1808 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:34:46.0560 1808 bowser - ok
19:34:46.0589 1808 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:34:46.0670 1808 BrFiltLo - ok
19:34:46.0679 1808 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:34:46.0711 1808 BrFiltUp - ok
19:34:46.0769 1808 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:34:46.0810 1808 Browser - ok
19:34:46.0829 1808 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:34:46.0908 1808 Brserid - ok
19:34:46.0922 1808 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:34:46.0970 1808 BrSerWdm - ok
19:34:47.0000 1808 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:34:47.0049 1808 BrUsbMdm - ok
19:34:47.0069 1808 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:34:47.0096 1808 BrUsbSer - ok
19:34:47.0169 1808 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
19:34:47.0238 1808 BthEnum - ok
19:34:47.0263 1808 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:34:47.0304 1808 BTHMODEM - ok
19:34:47.0326 1808 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:34:47.0374 1808 BthPan - ok
19:34:47.0423 1808 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
19:34:47.0463 1808 BTHPORT - ok
19:34:47.0501 1808 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:34:47.0563 1808 bthserv - ok
19:34:47.0586 1808 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
19:34:47.0637 1808 BTHUSB - ok
19:34:47.0691 1808 [ 71A07B6FC98030935E60EDBFFE9E9C85 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
19:34:47.0719 1808 btwampfl - ok
19:34:47.0738 1808 [ BA5622F5544C6C445DFF1A05ACC8B19D ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
19:34:47.0763 1808 btwaudio - ok
19:34:47.0791 1808 [ A11905D0F4BD34771F195217B6AA5AE0 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
19:34:47.0815 1808 btwavdt - ok
19:34:47.0881 1808 [ 1AF4ADB12E5EC25041166DA38C3B42C9 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
19:34:47.0917 1808 btwdins - ok
19:34:47.0935 1808 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
19:34:47.0958 1808 btwl2cap - ok
19:34:47.0965 1808 [ BD776F32D64EC615BE4563DC2747224E ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
19:34:47.0988 1808 btwrchid - ok
19:34:47.0997 1808 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:34:48.0060 1808 cdfs - ok
19:34:48.0109 1808 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:34:48.0152 1808 cdrom - ok
19:34:48.0191 1808 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:34:48.0259 1808 CertPropSvc - ok
19:34:48.0283 1808 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
19:34:48.0312 1808 circlass - ok
19:34:48.0353 1808 [ 3C6A8D415FF38AFEB03A6206213D9D96 ] cleanhlp C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys
19:34:48.0378 1808 cleanhlp - ok
19:34:48.0430 1808 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:34:48.0472 1808 CLFS - ok
19:34:48.0523 1808 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:34:48.0559 1808 clr_optimization_v2.0.50727_32 - ok
19:34:48.0596 1808 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:34:48.0621 1808 clr_optimization_v2.0.50727_64 - ok
19:34:48.0677 1808 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:34:48.0702 1808 clr_optimization_v4.0.30319_32 - ok
19:34:48.0721 1808 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:34:48.0746 1808 clr_optimization_v4.0.30319_64 - ok
19:34:48.0765 1808 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:34:48.0800 1808 CmBatt - ok
19:34:48.0814 1808 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:34:48.0839 1808 cmdide - ok
19:34:48.0877 1808 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:34:48.0915 1808 CNG - ok
19:34:48.0929 1808 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:34:48.0954 1808 Compbatt - ok
19:34:48.0992 1808 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:34:49.0042 1808 CompositeBus - ok
19:34:49.0047 1808 COMSysApp - ok
19:34:49.0082 1808 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:34:49.0106 1808 crcdisk - ok
19:34:49.0143 1808 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:34:49.0212 1808 CryptSvc - ok
19:34:49.0269 1808 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:34:49.0336 1808 DcomLaunch - ok
19:34:49.0380 1808 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:34:49.0430 1808 defragsvc - ok
19:34:49.0475 1808 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:34:49.0543 1808 DfsC - ok
19:34:49.0615 1808 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:34:49.0669 1808 Dhcp - ok
19:34:49.0682 1808 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:34:49.0727 1808 discache - ok
19:34:49.0748 1808 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
19:34:49.0773 1808 Disk - ok
19:34:49.0807 1808 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:34:49.0871 1808 Dnscache - ok
19:34:49.0913 1808 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:34:49.0959 1808 dot3svc - ok
19:34:50.0013 1808 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:34:50.0071 1808 DPS - ok
19:34:50.0099 1808 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:34:50.0151 1808 drmkaud - ok
19:34:50.0210 1808 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:34:50.0258 1808 DXGKrnl - ok
19:34:50.0281 1808 [ 761B9EDD97A021AA1922501B7A056635 ] e1yexpress C:\Windows\system32\DRIVERS\e1y62x64.sys
19:34:50.0309 1808 e1yexpress - ok
19:34:50.0321 1808 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:34:50.0367 1808 EapHost - ok
19:34:50.0480 1808 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:34:50.0620 1808 ebdrv - ok
19:34:50.0654 1808 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:34:50.0707 1808 EFS - ok
19:34:50.0782 1808 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:34:50.0873 1808 ehRecvr - ok
19:34:50.0902 1808 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:34:50.0988 1808 ehSched - ok
19:34:51.0020 1808 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:34:51.0054 1808 elxstor - ok
19:34:51.0090 1808 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:34:51.0137 1808 ErrDev - ok
19:34:51.0179 1808 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:34:51.0238 1808 EventSystem - ok
19:34:51.0295 1808 [ 334C907536E815E56CD13108A6D5FB9D ] ewusbmbb C:\Windows\system32\DRIVERS\ewusbwwan.sys
19:34:51.0364 1808 ewusbmbb - ok
19:34:51.0408 1808 [ 86F7951BBCEE4A86E79A97306BD14318 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
19:34:51.0472 1808 ew_hwusbdev - ok
19:34:51.0501 1808 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:34:51.0547 1808 exfat - ok
19:34:51.0580 1808 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:34:51.0653 1808 fastfat - ok
19:34:51.0691 1808 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:34:51.0773 1808 Fax - ok
19:34:51.0785 1808 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
19:34:51.0823 1808 fdc - ok
19:34:51.0858 1808 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:34:51.0938 1808 fdPHost - ok
19:34:51.0953 1808 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:34:52.0008 1808 FDResPub - ok
19:34:52.0026 1808 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:34:52.0052 1808 FileInfo - ok
19:34:52.0067 1808 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:34:52.0136 1808 Filetrace - ok
19:34:52.0153 1808 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:34:52.0196 1808 flpydisk - ok
19:34:52.0239 1808 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:34:52.0269 1808 FltMgr - ok
19:34:52.0323 1808 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
19:34:52.0384 1808 FontCache - ok
19:34:52.0441 1808 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:34:52.0468 1808 FontCache3.0.0.0 - ok
19:34:52.0486 1808 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:34:52.0511 1808 FsDepends - ok
19:34:52.0544 1808 [ 53DAB1791917A72738539AD25C4EED7F ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
19:34:52.0567 1808 fssfltr - ok
19:34:52.0616 1808 [ 206AD9A89BF05DFA1621F1FC7B82592D ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
19:34:52.0652 1808 fsssvc - ok
19:34:52.0694 1808 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:34:52.0719 1808 Fs_Rec - ok
19:34:52.0763 1808 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:34:52.0794 1808 fvevol - ok
19:34:52.0813 1808 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:34:52.0840 1808 gagp30kx - ok
19:34:52.0892 1808 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:34:52.0969 1808 gpsvc - ok
19:34:53.0015 1808 [ B9893A68032A6D9ADDB5B98287C630F7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
19:34:53.0037 1808 grmnusb - ok
19:34:53.0098 1808 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:34:53.0120 1808 gupdate - ok
19:34:53.0140 1808 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:34:53.0163 1808 gupdatem - ok
19:34:53.0204 1808 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:34:53.0229 1808 gusvc - ok
19:34:53.0245 1808 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:34:53.0282 1808 hcw85cir - ok
19:34:53.0359 1808 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:34:53.0401 1808 HdAudAddService - ok
19:34:53.0439 1808 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:34:53.0485 1808 HDAudBus - ok
19:34:53.0528 1808 [ E91AFF2610114CCAEBB90D4D991BB6B2 ] HECIx64 C:\Windows\system32\drivers\HECIx64.sys
19:34:53.0553 1808 HECIx64 - ok
19:34:53.0570 1808 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:34:53.0614 1808 HidBatt - ok
19:34:53.0647 1808 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:34:53.0681 1808 HidBth - ok
19:34:53.0699 1808 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:34:53.0728 1808 HidIr - ok
19:34:53.0743 1808 [ 05E2BD6F8DE6501A9988C620B642C889 ] hidkmdf C:\Windows\system32\drivers\hidkmdf.sys
19:34:53.0766 1808 hidkmdf - ok
19:34:53.0787 1808 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:34:53.0846 1808 hidserv - ok
19:34:53.0890 1808 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
19:34:53.0916 1808 HidUsb - ok
19:34:53.0957 1808 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:34:54.0037 1808 hkmsvc - ok
19:34:54.0077 1808 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:34:54.0124 1808 HomeGroupListener - ok
19:34:54.0142 1808 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:34:54.0187 1808 HomeGroupProvider - ok
19:34:54.0218 1808 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:34:54.0244 1808 HpSAMD - ok
19:34:54.0303 1808 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:34:54.0370 1808 HTTP - ok
19:34:54.0442 1808 [ 1642C62F1FD5E1FF44608283994A7BB8 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
19:34:54.0479 1808 huawei_enumerator - ok
19:34:54.0502 1808 [ 04D1DE1E8ACE40CA396502C90524E945 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
19:34:54.0557 1808 hwdatacard - ok
19:34:54.0620 1808 HWDeviceService64.exe - ok
19:34:54.0648 1808 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:34:54.0677 1808 hwpolicy - ok
19:34:54.0713 1808 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:34:54.0741 1808 i8042prt - ok
19:34:54.0760 1808 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:34:54.0791 1808 iaStorV - ok
19:34:54.0859 1808 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:34:54.0869 1808 IDriverT ( UnsignedFile.Multi.Generic ) - warning
19:34:54.0869 1808 IDriverT - detected UnsignedFile.Multi.Generic (1)
19:34:54.0942 1808 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:34:54.0980 1808 idsvc - ok
19:34:54.0996 1808 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:34:55.0022 1808 iirsp - ok
19:34:55.0052 1808 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:34:55.0105 1808 IKEEXT - ok
19:34:55.0175 1808 [ A4BAF427952099D5874BAC8783890DF8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:34:55.0250 1808 IntcAzAudAddService - ok
19:34:55.0264 1808 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:34:55.0288 1808 intelide - ok
19:34:55.0316 1808 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
19:34:55.0353 1808 intelppm - ok
19:34:55.0384 1808 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:34:55.0430 1808 IPBusEnum - ok
19:34:55.0437 1808 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:34:55.0495 1808 IpFilterDriver - ok
19:34:55.0537 1808 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:34:55.0609 1808 iphlpsvc - ok
19:34:55.0628 1808 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:34:55.0676 1808 IPMIDRV - ok
19:34:55.0692 1808 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:34:55.0752 1808 IPNAT - ok
19:34:55.0772 1808 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:34:55.0851 1808 IRENUM - ok
19:34:55.0868 1808 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:34:55.0892 1808 isapnp - ok
19:34:55.0911 1808 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:34:55.0940 1808 iScsiPrt - ok
19:34:55.0963 1808 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
19:34:55.0988 1808 kbdclass - ok
19:34:56.0018 1808 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:34:56.0044 1808 kbdhid - ok
19:34:56.0056 1808 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:34:56.0082 1808 KeyIso - ok
19:34:56.0120 1808 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:34:56.0147 1808 KSecDD - ok
19:34:56.0197 1808 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:34:56.0225 1808 KSecPkg - ok
19:34:56.0235 1808 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:34:56.0279 1808 ksthunk - ok
19:34:56.0316 1808 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:34:56.0379 1808 KtmRm - ok
19:34:56.0442 1808 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:34:56.0521 1808 LanmanServer - ok
19:34:56.0549 1808 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:34:56.0620 1808 LanmanWorkstation - ok
19:34:56.0660 1808 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:34:56.0719 1808 lltdio - ok
19:34:56.0760 1808 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:34:56.0825 1808 lltdsvc - ok
19:34:56.0850 1808 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:34:56.0897 1808 lmhosts - ok
19:34:56.0930 1808 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:34:56.0956 1808 LSI_FC - ok
19:34:56.0973 1808 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:34:57.0000 1808 LSI_SAS - ok
19:34:57.0027 1808 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:34:57.0054 1808 LSI_SAS2 - ok
19:34:57.0088 1808 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:34:57.0115 1808 LSI_SCSI - ok
19:34:57.0128 1808 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:34:57.0185 1808 luafv - ok
19:34:57.0246 1808 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:34:57.0271 1808 MBAMProtector - ok
19:34:57.0375 1808 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:34:57.0417 1808 MBAMScheduler - ok
19:34:57.0460 1808 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:34:57.0494 1808 MBAMService - ok
19:34:57.0529 1808 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:34:57.0582 1808 Mcx2Svc - ok
19:34:57.0610 1808 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
19:34:57.0635 1808 megasas - ok
19:34:57.0655 1808 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:34:57.0689 1808 MegaSR - ok
19:34:57.0725 1808 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:34:57.0780 1808 MMCSS - ok
19:34:57.0800 1808 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:34:57.0865 1808 Modem - ok
19:34:57.0896 1808 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:34:57.0933 1808 monitor - ok
19:34:57.0970 1808 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
19:34:57.0998 1808 mouclass - ok
19:34:58.0009 1808 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
19:34:58.0035 1808 mouhid - ok
19:34:58.0084 1808 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:34:58.0110 1808 mountmgr - ok
19:34:58.0154 1808 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:34:58.0182 1808 mpio - ok
19:34:58.0203 1808 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:34:58.0248 1808 mpsdrv - ok
19:34:58.0302 1808 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:34:58.0378 1808 MpsSvc - ok
19:34:58.0426 1808 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:34:58.0469 1808 MRxDAV - ok
19:34:58.0514 1808 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:34:58.0555 1808 mrxsmb - ok
19:34:58.0610 1808 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:34:58.0668 1808 mrxsmb10 - ok
19:34:58.0690 1808 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:34:58.0717 1808 mrxsmb20 - ok
19:34:58.0749 1808 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:34:58.0773 1808 msahci - ok
19:34:58.0820 1808 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:34:58.0855 1808 msdsm - ok
19:34:58.0869 1808 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:34:58.0907 1808 MSDTC - ok
19:34:58.0944 1808 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:34:59.0000 1808 Msfs - ok
19:34:59.0023 1808 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:34:59.0083 1808 mshidkmdf - ok
19:34:59.0107 1808 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:34:59.0132 1808 msisadrv - ok
19:34:59.0169 1808 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:34:59.0228 1808 MSiSCSI - ok
19:34:59.0235 1808 msiserver - ok
19:34:59.0274 1808 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:34:59.0318 1808 MSKSSRV - ok
19:34:59.0343 1808 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:34:59.0399 1808 MSPCLOCK - ok
19:34:59.0423 1808 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:34:59.0481 1808 MSPQM - ok
19:34:59.0515 1808 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:34:59.0545 1808 MsRPC - ok
19:34:59.0569 1808 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:34:59.0595 1808 mssmbios - ok
19:34:59.0615 1808 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:34:59.0677 1808 MSTEE - ok
19:34:59.0710 1808 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:34:59.0736 1808 MTConfig - ok
19:34:59.0766 1808 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:34:59.0793 1808 Mup - ok
19:34:59.0836 1808 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:34:59.0887 1808 napagent - ok
19:34:59.0915 1808 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:34:59.0972 1808 NativeWifiP - ok
19:35:00.0022 1808 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:35:00.0070 1808 NDIS - ok
19:35:00.0085 1808 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:35:00.0129 1808 NdisCap - ok
19:35:00.0152 1808 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:35:00.0197 1808 NdisTapi - ok
19:35:00.0254 1808 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:35:00.0309 1808 Ndisuio - ok
19:35:00.0345 1808 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:35:00.0404 1808 NdisWan - ok
19:35:00.0463 1808 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:35:00.0538 1808 NDProxy - ok
19:35:00.0556 1808 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:35:00.0622 1808 NetBIOS - ok
19:35:00.0676 1808 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:35:00.0753 1808 NetBT - ok
19:35:00.0784 1808 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:35:00.0809 1808 Netlogon - ok
19:35:00.0841 1808 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:35:00.0900 1808 Netman - ok
19:35:00.0914 1808 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:35:00.0966 1808 netprofm - ok
19:35:00.0998 1808 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:35:01.0065 1808 NetTcpPortSharing - ok
19:35:01.0094 1808 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:35:01.0119 1808 nfrd960 - ok
19:35:01.0164 1808 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:35:01.0207 1808 NlaSvc - ok
19:35:01.0238 1808 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:35:01.0283 1808 Npfs - ok
19:35:01.0297 1808 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:35:01.0366 1808 nsi - ok
19:35:01.0383 1808 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:35:01.0490 1808 nsiproxy - ok
19:35:01.0550 1808 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:35:01.0613 1808 Ntfs - ok
19:35:01.0623 1808 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:35:01.0688 1808 Null - ok
19:35:01.0877 1808 [ AC507E153B5CEE43B862A08FCF5B3936 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:35:02.0131 1808 nvlddmkm - ok
19:35:02.0149 1808 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:35:02.0178 1808 nvraid - ok
19:35:02.0211 1808 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:35:02.0245 1808 nvstor - ok
19:35:02.0291 1808 [ E36BB965EA8446AFD8B9EAB71C30AAAB ] nvsvc C:\Windows\system32\nvvsvc.exe
19:35:02.0320 1808 nvsvc - ok
19:35:02.0330 1808 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:35:02.0355 1808 nv_agp - ok
19:35:02.0372 1808 [ F5A2B1ECBFF97D9DF1779D0D448CC9E7 ] NW1950 C:\Windows\system32\drivers\NW1950.sys
19:35:02.0395 1808 NW1950 - ok
19:35:02.0416 1808 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:35:02.0448 1808 ohci1394 - ok
19:35:02.0473 1808 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:35:02.0538 1808 p2pimsvc - ok
19:35:02.0558 1808 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:35:02.0589 1808 p2psvc - ok
19:35:02.0608 1808 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
19:35:02.0636 1808 Parport - ok
19:35:02.0694 1808 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:35:02.0719 1808 partmgr - ok
19:35:02.0739 1808 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:35:02.0784 1808 PcaSvc - ok
19:35:02.0810 1808 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:35:02.0838 1808 pci - ok
19:35:02.0850 1808 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:35:02.0875 1808 pciide - ok
19:35:02.0898 1808 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:35:02.0926 1808 pcmcia - ok
19:35:02.0948 1808 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:35:02.0973 1808 pcw - ok
19:35:02.0993 1808 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:35:03.0059 1808 PEAUTH - ok
19:35:03.0121 1808 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:35:03.0171 1808 PerfHost - ok
19:35:03.0245 1808 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:35:03.0332 1808 pla - ok
19:35:03.0387 1808 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:35:03.0468 1808 PlugPlay - ok
19:35:03.0544 1808 [ 627FA58ADC043704F9D14CA44340956F ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
19:35:03.0593 1808 PMBDeviceInfoProvider - ok
19:35:03.0623 1808 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:35:03.0664 1808 PNRPAutoReg - ok
19:35:03.0698 1808 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:35:03.0726 1808 PNRPsvc - ok
19:35:03.0744 1808 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:35:03.0809 1808 PolicyAgent - ok
19:35:03.0850 1808 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:35:03.0908 1808 Power - ok
19:35:03.0956 1808 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:35:04.0000 1808 PptpMiniport - ok
19:35:04.0033 1808 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
19:35:04.0069 1808 Processor - ok
19:35:04.0128 1808 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:35:04.0185 1808 ProfSvc - ok
19:35:04.0197 1808 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:35:04.0223 1808 ProtectedStorage - ok
19:35:04.0256 1808 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:35:04.0314 1808 Psched - ok
19:35:04.0359 1808 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
19:35:04.0397 1808 PxHlpa64 - ok
19:35:04.0459 1808 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:35:04.0523 1808 ql2300 - ok
19:35:04.0556 1808 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:35:04.0583 1808 ql40xx - ok
19:35:04.0608 1808 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:35:04.0655 1808 QWAVE - ok
19:35:04.0675 1808 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:35:04.0719 1808 QWAVEdrv - ok
19:35:04.0817 1808 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
19:35:04.0853 1808 RapiMgr - ok
19:35:04.0869 1808 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:35:04.0931 1808 RasAcd - ok
19:35:04.0962 1808 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:35:05.0009 1808 RasAgileVpn - ok
19:35:05.0035 1808 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:35:05.0100 1808 RasAuto - ok
19:35:05.0131 1808 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:35:05.0189 1808 Rasl2tp - ok
19:35:05.0229 1808 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:35:05.0289 1808 RasMan - ok
19:35:05.0305 1808 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:35:05.0351 1808 RasPppoe - ok
19:35:05.0380 1808 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:35:05.0447 1808 RasSstp - ok
19:35:05.0485 1808 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:35:05.0555 1808 rdbss - ok
19:35:05.0583 1808 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
19:35:05.0611 1808 rdpbus - ok
19:35:05.0621 1808 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:35:05.0679 1808 RDPCDD - ok
19:35:05.0718 1808 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:35:05.0781 1808 RDPENCDD - ok
19:35:05.0798 1808 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:35:05.0841 1808 RDPREFMP - ok
19:35:05.0873 1808 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:35:05.0934 1808 RDPWD - ok
19:35:05.0955 1808 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:35:05.0983 1808 rdyboost - ok
19:35:06.0008 1808 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:35:06.0053 1808 RemoteAccess - ok
19:35:06.0073 1808 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:35:06.0136 1808 RemoteRegistry - ok
19:35:06.0178 1808 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:35:06.0222 1808 RFCOMM - ok
19:35:06.0253 1808 [ 6DED176A14770339F1415CFDBCC9E07F ] rimspci C:\Windows\system32\drivers\rimssne64.sys
19:35:06.0279 1808 rimspci - ok
19:35:06.0316 1808 [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
19:35:06.0372 1808 RimUsb - ok
19:35:06.0397 1808 [ DDF5F666C2A5B3729E8BEA01FB999CC0 ] risdsnpe C:\Windows\system32\drivers\risdsne64.sys
19:35:06.0475 1808 risdsnpe - ok
19:35:06.0509 1808 [ BA6CE930E1453677F7565AE45181AD76 ] Roxio UPnP Renderer 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
19:35:06.0543 1808 Roxio UPnP Renderer 10 - ok
19:35:06.0569 1808 [ 3A3D707A35EA30A6CF88B9E555E3D815 ] Roxio Upnp Server 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
19:35:06.0598 1808 Roxio Upnp Server 10 - ok
19:35:06.0628 1808 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:35:06.0675 1808 RpcEptMapper - ok
19:35:06.0707 1808 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:35:06.0767 1808 RpcLocator - ok
19:35:06.0817 1808 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:35:06.0866 1808 RpcSs - ok
19:35:06.0894 1808 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:35:06.0942 1808 rspndr - ok
19:35:06.0954 1808 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:35:06.0990 1808 SamSs - ok
19:35:07.0037 1808 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:35:07.0063 1808 sbp2port - ok
19:35:07.0081 1808 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:35:07.0148 1808 SCardSvr - ok
19:35:07.0184 1808 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:35:07.0249 1808 scfilter - ok
19:35:07.0288 1808 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:35:07.0354 1808 Schedule - ok
19:35:07.0397 1808 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:35:07.0441 1808 SCPolicySvc - ok
19:35:07.0494 1808 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
19:35:07.0524 1808 sdbus - ok
19:35:07.0569 1808 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:35:07.0637 1808 SDRSVC - ok
19:35:07.0734 1808 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
19:35:07.0764 1808 SeaPort - ok
19:35:07.0783 1808 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:35:07.0829 1808 secdrv - ok
19:35:07.0877 1808 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:35:07.0953 1808 seclogon - ok
19:35:07.0983 1808 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:35:08.0039 1808 SENS - ok
19:35:08.0067 1808 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:35:08.0102 1808 SensrSvc - ok
19:35:08.0121 1808 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
19:35:08.0159 1808 Serenum - ok
19:35:08.0196 1808 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
19:35:08.0247 1808 Serial - ok
19:35:08.0266 1808 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:35:08.0293 1808 sermouse - ok
19:35:08.0379 1808 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:35:08.0445 1808 SessionEnv - ok
19:35:08.0477 1808 [ 286D3889E6AB5589646FF8A63CB928AE ] SFEP C:\Windows\system32\drivers\SFEP.sys
19:35:08.0545 1808 SFEP - ok
19:35:08.0565 1808 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:35:08.0610 1808 sffdisk - ok
19:35:08.0631 1808 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:35:08.0660 1808 sffp_mmc - ok
19:35:08.0680 1808 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:35:08.0717 1808 sffp_sd - ok
19:35:08.0742 1808 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:35:08.0780 1808 sfloppy - ok
19:35:08.0819 1808 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:35:08.0868 1808 SharedAccess - ok
19:35:08.0920 1808 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:35:08.0981 1808 ShellHWDetection - ok
19:35:09.0000 1808 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:35:09.0027 1808 SiSRaid2 - ok
19:35:09.0046 1808 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:35:09.0072 1808 SiSRaid4 - ok
19:35:09.0149 1808 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:35:09.0175 1808 SkypeUpdate - ok
19:35:09.0201 1808 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:35:09.0258 1808 Smb - ok
19:35:09.0321 1808 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:35:09.0369 1808 SNMPTRAP - ok
19:35:09.0515 1808 [ C3E69DB0A4E59564230E053232F39AC7 ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
19:35:09.0555 1808 SOHCImp - ok
19:35:09.0624 1808 [ 65CC4779A29C3E82B987BD4961790DFF ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
19:35:09.0654 1808 SOHDms - ok
19:35:09.0692 1808 [ F47D75CEE1844EEF4A9EA6EE768828FB ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
19:35:09.0714 1808 SOHDs - ok
19:35:09.0765 1808 [ B8047E776E50FC2384801083A77900E0 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
19:35:09.0796 1808 SpfService - ok
19:35:09.0815 1808 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:35:09.0840 1808 spldr - ok
19:35:09.0899 1808 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:35:09.0982 1808 Spooler - ok
19:35:10.0074 1808 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:35:10.0225 1808 sppsvc - ok
19:35:10.0251 1808 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:35:10.0314 1808 sppuinotify - ok
19:35:10.0370 1808 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:35:10.0488 1808 srv - ok
19:35:10.0539 1808 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:35:10.0587 1808 srv2 - ok
19:35:10.0617 1808 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:35:10.0660 1808 srvnet - ok
19:35:10.0691 1808 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:35:10.0748 1808 SSDPSRV - ok
19:35:10.0772 1808 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:35:10.0818 1808 SstpSvc - ok
19:35:10.0850 1808 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:35:10.0875 1808 stexstor - ok
19:35:10.0940 1808 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:35:10.0985 1808 stisvc - ok
19:35:11.0021 1808 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:35:11.0046 1808 swenum - ok
19:35:11.0070 1808 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:35:11.0141 1808 swprv - ok
19:35:11.0214 1808 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:35:11.0296 1808 SysMain - ok
19:35:11.0330 1808 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:35:11.0363 1808 TabletInputService - ok
19:35:11.0384 1808 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:35:11.0449 1808 TapiSrv - ok
19:35:11.0483 1808 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:35:11.0540 1808 TBS - ok
19:35:11.0597 1808 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:35:11.0663 1808 Tcpip - ok
19:35:11.0713 1808 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:35:11.0758 1808 TCPIP6 - ok
19:35:11.0807 1808 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:35:11.0869 1808 tcpipreg - ok
19:35:11.0916 1808 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:35:11.0973 1808 TDPIPE - ok
19:35:12.0021 1808 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:35:12.0047 1808 TDTCP - ok
19:35:12.0088 1808 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:35:12.0133 1808 tdx - ok
19:35:12.0150 1808 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:35:12.0175 1808 TermDD - ok
19:35:12.0229 1808 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:35:12.0300 1808 TermService - ok
19:35:12.0324 1808 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:35:12.0356 1808 Themes - ok
19:35:12.0394 1808 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:35:12.0441 1808 THREADORDER - ok
19:35:12.0471 1808 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:35:12.0528 1808 TrkWks - ok
19:35:12.0575 1808 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:35:12.0639 1808 TrustedInstaller - ok
19:35:12.0690 1808 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:35:12.0733 1808 tssecsrv - ok
19:35:12.0801 1808 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:35:12.0861 1808 TsUsbFlt - ok
19:35:12.0917 1808 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:35:12.0978 1808 tunnel - ok
19:35:13.0005 1808 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:35:13.0031 1808 uagp35 - ok
19:35:13.0081 1808 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
19:35:13.0105 1808 uCamMonitor - ok
19:35:13.0158 1808 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:35:13.0211 1808 udfs - ok
19:35:13.0247 1808 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:35:13.0276 1808 UI0Detect - ok
19:35:13.0293 1808 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:35:13.0319 1808 uliagpkx - ok
19:35:13.0353 1808 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:35:13.0392 1808 umbus - ok
19:35:13.0430 1808 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
19:35:13.0461 1808 UmPass - ok
19:35:13.0518 1808 [ 9DC07E73A4ABB9ACF692113B36A5009F ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
19:35:13.0543 1808 UnlockerDriver5 - ok
19:35:13.0581 1808 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:35:13.0633 1808 upnphost - ok
19:35:13.0652 1808 usbbus - ok
19:35:13.0673 1808 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:35:13.0731 1808 usbccgp - ok
19:35:13.0797 1808 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:35:13.0846 1808 usbcir - ok
19:35:13.0857 1808 UsbDiag - ok
19:35:13.0877 1808 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:35:13.0937 1808 usbehci - ok
19:35:13.0967 1808 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:35:14.0010 1808 usbhub - ok
19:35:14.0021 1808 USBModem - ok
19:35:14.0046 1808 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:35:14.0086 1808 usbohci - ok
19:35:14.0122 1808 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:35:14.0166 1808 usbprint - ok
19:35:14.0202 1808 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:35:14.0230 1808 usbscan - ok
19:35:14.0277 1808 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:35:14.0324 1808 USBSTOR - ok
19:35:14.0356 1808 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:35:14.0399 1808 usbuhci - ok
19:35:14.0431 1808 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
19:35:14.0473 1808 usbvideo - ok
19:35:14.0502 1808 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:35:14.0548 1808 UxSms - ok
19:35:14.0591 1808 [ 8E68E4AA2D7ABBF7C9159D9D2A38AE0F ] VAIO Entertainment TV Device Arbitration Service C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
19:35:14.0617 1808 VAIO Entertainment TV Device Arbitration Service - ok
19:35:14.0676 1808 [ 218F78B39832A2A0761CE2422828A57C ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
19:35:14.0702 1808 VAIO Event Service - ok
19:35:14.0757 1808 [ 1CF1A4DD7A58C966C9014B83C7229CF3 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
19:35:14.0787 1808 VAIO Power Management - ok
19:35:14.0812 1808 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:35:14.0837 1808 VaultSvc - ok
19:35:14.0879 1808 [ 6888526AEB8DDABDE6F778FD40FC0693 ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
19:35:14.0924 1808 VCFw - ok
19:35:14.0963 1808 [ 10E212BFB7EAB152A64C1AAEC2F7F4E0 ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
19:35:14.0993 1808 VcmIAlzMgr - ok
19:35:15.0032 1808 [ 7A88CFD3FE99F2C9B95A6E2A08B96E14 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
19:35:15.0059 1808 VcmINSMgr - ok
19:35:15.0080 1808 [ 8EFAACCC7BFA1E9031EFDFB01A1B0D69 ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
19:35:15.0104 1808 VcmXmlIfHelper - ok
19:35:15.0125 1808 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:35:15.0150 1808 vdrvroot - ok
19:35:15.0205 1808 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:35:15.0275 1808 vds - ok
19:35:15.0316 1808 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:35:15.0345 1808 vga - ok
19:35:15.0365 1808 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:35:15.0418 1808 VgaSave - ok
19:35:15.0455 1808 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:35:15.0484 1808 vhdmp - ok
19:35:15.0501 1808 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:35:15.0526 1808 viaide - ok
19:35:15.0547 1808 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:35:15.0572 1808 volmgr - ok
19:35:15.0630 1808 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:35:15.0662 1808 volmgrx - ok
19:35:15.0682 1808 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:35:15.0710 1808 volsnap - ok
19:35:15.0746 1808 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:35:15.0772 1808 vsmraid - ok
19:35:15.0818 1808 [ 047F22BDFDAE6DF6F1E47E747A1237A2 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
19:35:15.0853 1808 VSNService ( UnsignedFile.Multi.Generic ) - warning
19:35:15.0853 1808 VSNService - detected UnsignedFile.Multi.Generic (1)
19:35:15.0922 1808 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:35:16.0011 1808 VSS - ok
19:35:16.0118 1808 [ D2D646D4D686C6996BA1FF96E11BE570 ] VUAgent C:\Program Files\Sony\VAIO Update\VUAgent.exe
19:35:16.0169 1808 VUAgent - ok
19:35:16.0200 1808 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:35:16.0228 1808 vwifibus - ok
19:35:16.0243 1808 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:35:16.0272 1808 vwififlt - ok
19:35:16.0305 1808 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:35:16.0355 1808 W32Time - ok
19:35:16.0398 1808 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:35:16.0449 1808 WacomPen - ok
19:35:16.0482 1808 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:35:16.0544 1808 WANARP - ok
19:35:16.0555 1808 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:35:16.0598 1808 Wanarpv6 - ok
19:35:16.0650 1808 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:35:16.0718 1808 wbengine - ok
19:35:16.0739 1808 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:35:16.0773 1808 WbioSrvc - ok
19:35:16.0857 1808 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
19:35:16.0887 1808 WcesComm - ok
19:35:16.0929 1808 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:35:16.0974 1808 wcncsvc - ok
19:35:17.0001 1808 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:35:17.0038 1808 WcsPlugInService - ok
19:35:17.0057 1808 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
19:35:17.0082 1808 Wd - ok
19:35:17.0133 1808 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:35:17.0171 1808 Wdf01000 - ok
19:35:17.0193 1808 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:35:17.0297 1808 WdiServiceHost - ok
19:35:17.0308 1808 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:35:17.0340 1808 WdiSystemHost - ok
19:35:17.0389 1808 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:35:17.0441 1808 WebClient - ok
19:35:17.0476 1808 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:35:17.0543 1808 Wecsvc - ok
19:35:17.0583 1808 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:35:17.0640 1808 wercplsupport - ok
19:35:17.0679 1808 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:35:17.0740 1808 WerSvc - ok
19:35:17.0772 1808 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:35:17.0816 1808 WfpLwf - ok
19:35:17.0838 1808 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:35:17.0864 1808 WIMMount - ok
19:35:17.0883 1808 WinDefend - ok
19:35:17.0912 1808 WinHttpAutoProxySvc - ok
19:35:17.0959 1808 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:35:18.0007 1808 Winmgmt - ok
19:35:18.0073 1808 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:35:18.0173 1808 WinRM - ok
19:35:18.0265 1808 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:35:18.0315 1808 WinUsb - ok
19:35:18.0368 1808 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:35:18.0412 1808 Wlansvc - ok
19:35:18.0505 1808 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:35:18.0600 1808 wlidsvc - ok
19:35:18.0625 1808 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:35:18.0653 1808 WmiAcpi - ok
19:35:18.0683 1808 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:35:18.0729 1808 wmiApSrv - ok
19:35:18.0756 1808 WMPNetworkSvc - ok
19:35:18.0774 1808 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:35:18.0809 1808 WPCSvc - ok
19:35:18.0862 1808 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:35:18.0923 1808 WPDBusEnum - ok
19:35:18.0956 1808 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:35:19.0000 1808 ws2ifsl - ok
19:35:19.0020 1808 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:35:19.0069 1808 wscsvc - ok
19:35:19.0081 1808 WSearch - ok
19:35:19.0164 1808 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:35:19.0238 1808 wuauserv - ok
19:35:19.0281 1808 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:35:19.0314 1808 WudfPf - ok
19:35:19.0332 1808 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:35:19.0374 1808 WUDFRd - ok
19:35:19.0412 1808 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:35:19.0457 1808 wudfsvc - ok
19:35:19.0497 1808 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
19:35:19.0552 1808 WwanSvc - ok
19:35:19.0630 1808 ================ Scan global ===============================
19:35:19.0655 1808 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:35:19.0704 1808 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:35:19.0712 1808 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:35:19.0734 1808 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:35:19.0751 1808 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:35:19.0755 1808 [Global] - ok
19:35:19.0755 1808 ================ Scan MBR ==================================
19:35:19.0764 1808 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:35:20.0016 1808 \Device\Harddisk0\DR0 - ok
19:35:20.0017 1808 ================ Scan VBR ==================================
19:35:20.0020 1808 [ C8FDD66F89886ECE837822209B01B577 ] \Device\Harddisk0\DR0\Partition1
19:35:20.0022 1808 \Device\Harddisk0\DR0\Partition1 - ok
19:35:20.0056 1808 [ C9EFC5C1FA65AB43E9C4EC7D15512650 ] \Device\Harddisk0\DR0\Partition2
19:35:20.0058 1808 \Device\Harddisk0\DR0\Partition2 - ok
19:35:20.0059 1808 ============================================================
19:35:20.0059 1808 Scan finished
19:35:20.0059 1808 ============================================================
19:35:20.0076 6692 Detected object count: 2
19:35:20.0076 6692 Actual detected object count: 2
20:14:29.0399 6692 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
20:14:29.0399 6692 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:14:29.0400 6692 VSNService ( UnsignedFile.Multi.Generic ) - skipped by user
20:14:29.0400 6692 VSNService ( UnsignedFile.Multi.Generic ) - User select action: Skip

Alt 05.07.2013, 19:23   #10
markusg
/// Malware-holic
 
Fehlermeldung - Server ist ausgelastet - Standard

Fehlermeldung - Server ist ausgelastet


Hi,
HitmanPro - Download - Filepony
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 05.07.2013, 19:48   #11
eckisingerka
 
Fehlermeldung - Server ist ausgelastet - Standard

Fehlermeldung - Server ist ausgelastet


Code:
ATTFilter
HitmanPro 3.7.6.201
www.hitmanpro.com

   Computer name . . . . : ***
   Windows . . . . . . . : 6.1.1.7601.X64/2
   User name . . . . . . : ***\M*&S*
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2013-07-05 20:38:27
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 5m 38s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 1951

   Objects scanned . . . : 1.669.811
   Files scanned . . . . : 62.830
   Remnants scanned  . . : 529.816 files / 1.077.165 keys

Potential Unwanted Programs _________________________________________________

   C:\ProgramData\Babylon\ (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\ (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\ (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\bab025.cbid20.dat (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\bab027.Ttype010611_def.dat (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\bab031.alrts.dat (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\bab065.engset.dat (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\bab094.band.dat (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\Babylon.dat (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\HtmlScreens\ (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\HtmlScreens\cmbx.png (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\HtmlScreens\eula.html (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\HtmlScreens\lngs.png (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\HtmlScreens\page1.css (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\HtmlScreens\page1.html (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\HtmlScreens\page1.js (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\HtmlScreens\page1Lrg.css (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\HtmlScreens\page2.css (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\HtmlScreens\page2.html (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\HtmlScreens\page2.js (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\HtmlScreens\page2Lrg.css (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\HtmlScreens\title1.png (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\HtmlScreens\title2.png (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\HtmlScreens\toolBar.jpg (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\HtmlScreens\vIcn.png (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\Setup-client-x-9.0.3.3.zpb (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\Setup-tbmntr-9.0.3.3.zpb (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\Setup-tc-9.0.3.3.zpb (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\Setup-w64-9.0.3.3.zpb (Babylon)
   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\Setup.exe (Babylon)
      Size . . . . . . . : 1.688.688 bytes
      Age  . . . . . . . : 758.9 days (2011-06-07 21:51:53)
      Entropy  . . . . . : 5.8
      SHA-256  . . . . . : BAA3F817D9EB26B11EE190AA13B4AE50278D0C74065E1E9C72E61BE1F86E4ABE
      Product  . . . . . : Setup Module
      Publisher  . . . . : Babylon Ltd.
      Description  . . . : Setup Application
      Version  . . . . . : 9.0.3.3
      Copyright  . . . . : Copyright © Babylon Ltd. 1997-2011
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -7.0

   C:\Users\Malwa&Steffen\AppData\Local\Babylon\Setup\SetupStrings.dat (Babylon)
   C:\Users\Malwa&Steffen\AppData\Roaming\Babylon\ (Babylon)
   C:\Users\Malwa&Steffen\AppData\Roaming\Babylon\log_file.txt (Babylon)
   HKLM\SOFTWARE\Classes\AddInExpress.OutlookSecurityManager\ (Babylon)
   HKLM\SOFTWARE\Classes\AppID\BrowserConnection.DLL\ (SearchQU)
   HKLM\SOFTWARE\Classes\AppID\DnsBHO.DLL\ (SearchQU)
   HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}\ (SearchQU)
   HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}\ (SearchQU)
   HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1\ (SearchQU)
   HKLM\SOFTWARE\Classes\BrowserConnection.Loader\ (SearchQU)
   HKLM\SOFTWARE\Classes\DnsBHO.BHO.1\ (SearchQU)
   HKLM\SOFTWARE\Classes\DnsBHO.BHO\ (SearchQU)
   HKLM\SOFTWARE\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}\ (Babylon)
   HKLM\SOFTWARE\Classes\TypeLib\{92E5039E-FF1E-4AFB-8F24-87592D20C383}\ (Babylon)
   HKLM\SOFTWARE\Classes\Wow6432Node\AppID\BrowserConnection.DLL\ (SearchQU)
   HKLM\SOFTWARE\Classes\Wow6432Node\AppID\DnsBHO.DLL\ (SearchQU)
   HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}\ (SearchQU)
   HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}\ (SearchQU)
   HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{20E1481B-E285-4ABC-ADC7-AE24842B81CD}\ (Babylon)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}\ (Babylon)
   HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{92E5039E-FF1E-4AFB-8F24-87592D20C383}\ (Babylon)
   HKLM\SOFTWARE\DataMngr\ (SearchQU)
   HKLM\SOFTWARE\Wow6432Node\DataMngr\ (SearchQU)
   HKU\S-1-5-21-2129794164-2997759859-3767516312-1000\Software\DataMngr\ (SearchQU)
   HKU\S-1-5-21-2129794164-2997759859-3767516312-1000\Software\DataMngr_Toolbar\ (SearchQU)
   HKU\S-1-5-21-2129794164-2997759859-3767516312-1000\Software\Softonic\ (Softonic)

Cookies _____________________________________________________________________

   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:2o7.net
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.12mnkys.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.ad-srv.net
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.adc-serv.net
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.adnet.de
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.adocean.pl
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.adview.pl
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.dyntracker.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.dyntracker.de
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.movad.net
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.soft365.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.zanox.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.businessclick.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.crakmedia.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.creative-serving.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.escinteractive.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.immobilienscout24.de
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.o2.pl
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.p161.net
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.trafficjunky.net
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.traveladshop.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.travelaudience.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.us.e-planning.net
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserver.createoceans.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserver.ip-phone-forum.de
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserver.kauperts.de
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:adviva.net
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:apmebf.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:autoscout24.112.2o7.net
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:bub.bid.invitemedia.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:c.atdmt.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:c1.atdmt.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:comvelgmbh.112.2o7.net
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:de.sitestat.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:eas.apm.emediate.eu
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:eas4.emediate.eu
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:engine.phn.doublepimp.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ergo.112.2o7.net
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:gmeurope.112.2o7.net
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:h.atdmt.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:hotlog.ru
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ikea.122.2o7.net
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:in.getclicky.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:invitemedia.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:microsoftinternetexplorer.112.2o7.net
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:msnportal.112.2o7.net
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:opodo.122.2o7.net
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:overture.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:pool-eu-ie.creative-serving.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:questionmarket.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:rewetouristik.112.2o7.net
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:sexymamy.pl
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:specificclick.net
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:stat.dealtime.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:statse.webtrendslive.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:stepstone.112.2o7.net
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.adform.net
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.effiliation.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.webtrekk.net
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:tradedoubler.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:view.atdmt.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:weborama.fr
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:weboramapublishertrackinguk2.solution.weborama.fr
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ww251.smartadserver.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.etracker.de
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.youporn.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:xiti.com
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:yadro.ru
   C:\Users\Malwa&Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies:youporn.com
   C:\Users\Malwa&Steffen\AppData\Roaming\Microsoft\Windows\Cookies\H90B12IG.txt
   C:\Users\Malwa&Steffen\AppData\Roaming\Microsoft\Windows\Cookies\QCFK7RS5.txt

Alt 05.07.2013, 19:50   #12
markusg
/// Malware-holic
 
Fehlermeldung - Server ist ausgelastet - Standard

Fehlermeldung - Server ist ausgelastet


ok dann lösch mal alle hitmanpro funde, neustarten
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 05.07.2013, 19:53   #13
eckisingerka
 
Fehlermeldung - Server ist ausgelastet - Standard

Fehlermeldung - Server ist ausgelastet


Hallo Markus, ich habe versucht aber bei vielen kommt eine Meldung "löschen fehlgeschlagen".

Alt 05.07.2013, 20:04   #14
markusg
/// Malware-holic
 
Fehlermeldung - Server ist ausgelastet - Standard

Fehlermeldung - Server ist ausgelastet


ok versuchen wir später noch mal, erst mal combofixb
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 05.07.2013, 20:54   #15
eckisingerka
 
Fehlermeldung - Server ist ausgelastet - Standard

Fehlermeldung - Server ist ausgelastet


Ich habe 3 Mal versucht, leider kommt ganze Zeit eine Meldung raus: Syntexfehler.

Antwort
Seite 1 von 3 1 23

Themen zu Fehlermeldung - Server ist ausgelastet
2 infizierte dateien, anti-malware, ausgeführt, ausgelastet, ausprobiert, dankbar, dateien, fehlermeldung, fehlermeldung - server ist ausgelastet, infizierte dateien, malwarebytes anti-malware, pup.vshareredir, server, trace.registry.imesh, trojan.agent.ed, trojaner, vorschläge


« BKA Trojaner | CIBS Pol Bundesamt für Polizei Trojaner »


Ähnliche Themen: Fehlermeldung - Server ist ausgelastet


  1. Fehlermeldung beim Start: Server ist ausgelastet / WINDOWS 7 64 bit
    Plagegeister aller Art und deren Bekämpfung - 07.05.2015 (23)
  2. Server ist ausgelastet
    Log-Analyse und Auswertung - 11.06.2014 (19)
  3. hatte eine Fehlermeldung bei start server ist ausgelastet...
    Alles rund um Windows - 10.02.2014 (1)
  4. Fehlermeldung: Server ist ausgelastet
    Plagegeister aller Art und deren Bekämpfung - 22.01.2014 (15)
  5. Win 7, Fehlermeldung:"Server ausgelastet" & plötzlich sehr langsam - Virus?
    Log-Analyse und Auswertung - 07.12.2013 (27)
  6. Server ist ausgelastet?
    Plagegeister aller Art und deren Bekämpfung - 12.11.2013 (13)
  7. Server ist ausgelastet - Wechseln zu
    Log-Analyse und Auswertung - 10.11.2013 (15)
  8. Fehlermeldung "Server ist ausgelastet" und anderes
    Log-Analyse und Auswertung - 02.11.2013 (1)
  9. Fehlermeldung nach Start: Der Server ist ausgelastet!
    Plagegeister aller Art und deren Bekämpfung - 27.09.2013 (19)
  10. Erhalte die Fehlermeldung beim Start: Server ist ausgelastet
    Plagegeister aller Art und deren Bekämpfung - 27.09.2013 (11)
  11. Fehlermeldung "Server ist ausgelastet"
    Log-Analyse und Auswertung - 29.07.2013 (23)
  12. Fehlermeldung "Server ist ausgelastet" erscheint gleich nach dem Start
    Plagegeister aller Art und deren Bekämpfung - 24.07.2013 (21)
  13. server ist ausgelastet. virus?
    Plagegeister aller Art und deren Bekämpfung - 07.07.2013 (16)
  14. No Ip Meldung Server ist ausgelastet
    Überwachung, Datenschutz und Spam - 23.05.2013 (3)
  15. Server ist ausgelastet
    Plagegeister aller Art und deren Bekämpfung - 09.04.2013 (70)
  16. Fehlermeldung beim Start: Server ist ausgelastet
    Plagegeister aller Art und deren Bekämpfung - 23.02.2013 (32)
  17. Ebenfalls: Fehlermeldung beim Start: Server ist ausgelastet / WIN7
    Plagegeister aller Art und deren Bekämpfung - 02.12.2012 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Fehlermeldung - Server ist ausgelastet - Fehlermeldung: Server ist ausgelastet. Dieser Vorgang kann nicht ausgeführt werden, da... Hallo Zusammen, seit 2 Tagen versuche ich einen Trojaner aus meinem PC raus zubekommen. Ich habe die Vorschläge von - Fehlermeldung - Server ist ausgelastet...
Archiv
Du betrachtest: Fehlermeldung - Server ist ausgelastet auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131