| |
| |||||||
Log-Analyse und Auswertung: Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-ScanWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
04.10.2015, 09:58
| #1 |
 |  Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan Hallo, ich habe auf meinem Rechner den Eset scan laufen lassen mit dem Ergebnis von 17 infizierten Dateien. Wollte euch das posten. Davor wollte ich aber noch alle Log files erstellen um euch alle notwendigen Infos direkt zukommen lassen zu können. Bei letzten Schritt (GMER Scan) hat sich der PC jedoch dann aufgehangen :-( . Hatte den Scan übrigens als Administrator gestartet. Ich hab ihn dann kalt runtergefahren (Power-Knopf gedrückt gehalten). Beim Neustart "Windows normal starten" sehe ich jetzt nur noch die Taskleiste, der Rest des Desktops ist komplett schwarz. Die Log-files hatte ich auf dem Desktop liegen, kann Sie jetzt aber nicht mehr sehen. Auch nach Klick auf den Start-Button zeigt sich kein Menü o.ä.. Könnt ihr mir helfen mit den 17 infizierten Dateien und dem neuen Problem (schwarzer Desktop)? Danke.  |
|
04.10.2015, 10:33
| #2 |
| /// the machine /// TB-Ausbilder    | Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
04.10.2015, 19:28
| #3 |
| | Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan Hi schrauber,
__________________Hatte FRST.exe (liegt aufm Desktop) schon ausgeführt bevor ich GMER gestartet habe. Die FRST.txt liegt also aufm Desktop, den ich aber leider nicht mehr sehe (bis auf die Taskleiste ist alles schwarz). Kann jetzt auch nur die Programme öfnen, die in der Taskleiste sind (z.B. Chrome oder IE). Start-Button funktioniert auch nicht. Was noch funktioniert ist STRG+ALT+Entf (wenn das weiterhilft?!). Oder soll ich mich mal als Admin. anmelden? Bin aktuell als Standardnutzer eingeloggt, nicht als Administrator. Wenn ich mich als Administrator anmelde scheint alles "normal". Desktop ist sichtbar, Start-Button klappt auch. Bis zu dem Zeitpunkt als ich GMER Scan im Standard Benutzerkonto habe laufen lassen, war auch alles "normal", wenn man von den angesprochenen 17 infizierten Dateien absieht, von denen ich ja bis Dato auch gar nichts gewusst habe. Danke. Habe den PC jetzt auch mal im abgesicherten Modus gestartet. Hier jedoch dasselbe Phänomen. Schwarzer Desktop und ebenfalls ist nur die Taskleiste sichtbar. Start-Button klappt auch nicht. Bin jetzt wieder raus aus dem abgesicherten Modus. Habe Windows normal gestartet. Der Browser (Chrome) kann ich öffnen und Seiten aufrufen. Das noch als Ergänzung. Danke. |
|
05.10.2015, 18:30
| #4 |
| /// the machine /// TB-Ausbilder | Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan Mach die FRST Scans dann bitte im Admin-Account.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.10.2015, 19:04
| #5 |
| | Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-ScanCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:04-10-2015
durchgeführt von Tobias_2 (Administrator) auf TOBI-PC (05-10-2015 19:55:03)
Gestartet von C:\Users\Tobias_2\Desktop
Geladene Profile: Tobias_2 (Verfügbare Profile: Tobias & Tobias_2 & Maike & Gast)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
(Sony Corporation) C:\Program Files\sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files\sony\VAIO Update 5\VAIOUpdt.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4317184 2007-02-06] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [118784 2007-01-12] (Alps Electric Co., Ltd.)
HKLM\...\Run: [FreePDF Assistant] => C:\Program Files\FreePDF_XP\fpassist.exe [312320 2007-06-26] (shbox.de)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll [2007-02-13] (Sony Corporation)
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-02-08] (Google Inc.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\System32\vaiomov.scr [53248 2004-12-27] (Sony Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [ffeOverlayIconNeg] -> {0B8B6796-B56B-45D4-A016-09846E00FEA1} => C:\Program Files\apsec\fideAS file enterprise\Private Edtion\ffeOverlay.dll [2008-11-26] (Applied Security GmbH)
ShellIconOverlayIdentifiers: [ffeOverlayIconPos] -> {0B8B6796-B56B-45D4-A016-09846E00FEA0} => C:\Program Files\apsec\fideAS file enterprise\Private Edtion\ffeOverlay.dll [2008-11-26] (Applied Security GmbH)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{75150A78-C350-47D0-A029-3EEC5D8DD586}: [DhcpNameServer] 192.168.192.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://partnerpage.google.com/eu.sony.com/de
hxxp://www.club-vaio.com/vbc
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://partnerpage.google.com/eu.sony.com/de
hxxp://www.club-vaio.com/vbc
SearchScopes: HKLM -> {47A69BFA-63EF-41C2-B09F-7F84F19B5FDF} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3051598103-94963199-2244021974-1005 -> {47A69BFA-63EF-41C2-B09F-7F84F19B5FDF} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22] (Adobe Systems Incorporated)
BHO: Ghostery Plugin -> {6BF739DD-3323-4C6A-975B-C7E00A50B154} -> C:\Program Files\Ghostery\bin\ghostery.dll [2015-01-23] (Ghostery, Inc.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
BHO: CBrowserHelperObject Object -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> C:\Program Files\Google BAE\BAE.dll [2006-06-23] (Your Company Name)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-15] (Sun Microsystems, Inc.)
Toolbar: HKLM - IE Toolbar - {65B41DCE-101B-4A4A-A53F-374ABB560841} - C:\Program Files\Ecocho Toolbar\ecocho-asia.dll Keine Datei
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-3051598103-94963199-2244021974-1005 -> IE Toolbar - {65B41DCE-101B-4A4A-A53F-374ABB560841} - C:\Program Files\Ecocho Toolbar\ecocho-asia.dll Keine Datei
Toolbar: HKU\S-1-5-21-3051598103-94963199-2244021974-1005 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} hxxp://static.ak.studivz.net/photouploader/ImageUploader4.cab?nocache=20071219-1
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} hxxp://static.ak.studivz.net/photouploader/ImageUploader5.cab?nocache=20080115-1
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2006-06-23] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default
FF DefaultSearchUrl: hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-21] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [Keine Datei]
FF Plugin: @divx.com/DivX Content Upload Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Content Uploader\npUpload.dll [Keine Datei]
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll [Keine Datei]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files\Picasa2\npPicasa2.dll [2008-08-21] (Google, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Picasa2\npPicasa3.dll [2010-06-03] (Google, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-11-15] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-18] (Google)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-11-15] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2007-09-06] (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2011-04-14] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012-06-20] (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\searchplugins\google-images.xml [2014-11-08]
FF SearchPlugin: C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\searchplugins\google-maps.xml [2014-11-08]
FF Extension: Cliqz Beta - C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\Extensions\cliqz@cliqz.com [2014-08-17]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2009-11-09]
FF HKLM\...\Firefox\Extensions: [{3112ca9c-de6d-4884-a869-9855de68056c}] - C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
FF Extension: Google Toolbar for Firefox - C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010-02-16]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-01-30]
FF HKU\S-1-5-21-3051598103-94963199-2244021974-1005\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\extensions\cliqz@cliqz.com
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-03-08]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S3 AllShare; C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [6638080 2010-07-16] () [Datei ist nicht signiert]
S2 gupdate1ca4b172e6509a8; C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-03] (Google Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation) [Datei ist nicht signiert]
R2 MSSQL$VAIO_VEDB; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [28933976 2007-02-05] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2007-02-05] (Microsoft Corporation)
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe [57344 2006-12-14] () [Datei ist nicht signiert]
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [652800 2010-01-26] (Nokia) [Datei ist nicht signiert]
S3 SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe [112184 2007-01-24] (Sony Corporation)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation) [Datei ist nicht signiert]
S3 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe [75320 2007-01-24] (Sony Corporation)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2007-01-10] (Sony Corporation) [Datei ist nicht signiert]
R2 VAIO Event Service; C:\Program Files\sony\VAIO Event Service\VESMgr.exe [182392 2007-02-13] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe [2523136 2007-01-16] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-IntegratedServer-HTTP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-01-08] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-01-16] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-Mobile-Gateway; C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe [491520 2007-01-08] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-UCLS-AppServer; C:\Program Files\sony\VAIO Media Integrated Server\UCLS.exe [745472 2007-01-10] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-UCLS-HTTP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-01-08] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-UCLS-UPnP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-01-16] (Sony Corporation) [Datei ist nicht signiert]
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [274432 2006-11-28] (Sony Corporation) [Datei ist nicht signiert]
S3 VUAgent; C:\Program Files\sony\VAIO Update 5\VUAgent.exe [722288 2010-04-09] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [172032 2006-11-28] (Sony Corporation) [Datei ist nicht signiert]
R2 VzFw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [135168 2006-11-28] (Sony Corporation) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
S2 CLTNetCnService; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [45696 2008-01-19] (Microsoft Corporation)
R2 apsecf3; C:\Program Files\apsec\fideAS file enterprise\Private Edtion\vt\apsecf3.sys [77184 2008-12-12] (apsec) [Datei ist nicht signiert]
S3 eapihdrv; C:\Users\Tobias_2\AppData\Local\Temp\ehdrv.sys [135760 2015-10-03] (ESET)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25824 2010-05-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [812544 2007-04-23] (Texas Instruments)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-05 19:55 - 2015-10-05 19:57 - 00020682 _____ C:\Users\Tobias_2\Desktop\FRST.txt
2015-10-05 19:52 - 2015-10-05 19:52 - 01697792 _____ (Farbar) C:\Users\Tobias_2\Desktop\FRST.exe
2015-10-04 14:44 - 2015-10-04 14:44 - 00001963 _____ C:\Users\Tobias_2\Desktop\Google Chrome.lnk
2015-10-04 10:16 - 2015-10-04 10:17 - 00039027 _____ C:\Users\Tobias\Desktop\Addition.txt
2015-10-04 10:13 - 2015-10-05 19:55 - 00000000 ____D C:\FRST
2015-10-04 10:13 - 2015-10-04 10:17 - 00048222 _____ C:\Users\Tobias\Desktop\FRST.txt
2015-10-04 10:05 - 2015-10-04 10:06 - 00000478 _____ C:\Users\Tobias\Desktop\defogger_disable.log
2015-10-04 10:05 - 2015-10-04 10:05 - 00000000 _____ C:\Users\Tobias_2\defogger_reenable
2015-10-04 09:55 - 2015-10-04 09:55 - 00380416 _____ C:\Users\Tobias\Desktop\Gmer-19357.exe
2015-10-04 09:53 - 2015-10-04 09:54 - 01697280 _____ (Farbar) C:\Users\Tobias\Desktop\FRST.exe
2015-10-04 09:52 - 2015-10-04 09:52 - 00050477 _____ C:\Users\Tobias\Desktop\Defogger.exe
2015-10-03 19:16 - 2015-10-03 19:16 - 00000000 ____D C:\Program Files\ESET
2015-10-03 19:15 - 2015-10-03 19:15 - 02870984 _____ (ESET) C:\Users\Tobias\Downloads\esetsmartinstaller_deu (1).exe
2015-10-03 18:20 - 2015-10-03 18:21 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-03 18:19 - 2015-10-03 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-10-03 18:19 - 2015-10-03 18:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-03 18:19 - 2015-10-03 18:19 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware
2015-10-03 18:19 - 2015-06-18 08:41 - 00094936 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-03 18:19 - 2015-06-18 08:41 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-03 18:19 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-10-03 18:16 - 2015-10-03 18:17 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Tobias\Downloads\mbam-setup-2.1.8.1057.exe
2015-10-03 14:53 - 2015-01-29 03:35 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-10-03 14:52 - 2015-08-13 16:15 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-10-03 14:52 - 2015-08-13 16:15 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-10-03 14:51 - 2015-01-29 03:35 - 00975360 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-10-03 14:50 - 2015-07-21 22:55 - 01206192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-03 14:50 - 2015-07-21 18:07 - 03605440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-10-03 14:50 - 2015-07-21 18:07 - 03553216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-03 14:50 - 2015-07-21 18:07 - 00140224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2015-10-03 14:50 - 2015-07-21 18:07 - 00056256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-10-03 14:50 - 2015-07-21 18:03 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2015-10-03 14:50 - 2015-07-21 18:03 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-03 14:50 - 2015-07-21 18:03 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-10-03 14:49 - 2015-07-03 18:04 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-10-03 14:48 - 2015-09-02 23:26 - 01402368 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-10-03 14:48 - 2015-09-02 23:26 - 01253376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-10-03 14:46 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-10-03 14:46 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-10-03 14:46 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-10-03 14:45 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-10-03 14:44 - 2015-07-31 21:27 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-03 14:43 - 2014-06-16 00:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-10-03 14:43 - 2014-06-13 20:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-10-03 14:43 - 2014-06-13 20:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-10-03 14:42 - 2015-06-17 18:50 - 02264576 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-10-03 14:42 - 2015-06-17 17:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-10-03 14:42 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-10-03 14:42 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-10-03 14:42 - 2014-06-02 12:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-10-03 14:42 - 2014-06-02 10:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-10-03 14:41 - 2014-10-10 03:01 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-10-03 14:41 - 2014-10-10 03:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-03 14:41 - 2014-10-10 01:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-03 14:40 - 2014-12-19 02:25 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-10-03 14:39 - 2015-06-12 18:01 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-10-03 14:38 - 2015-04-24 17:54 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-10-03 14:37 - 2015-07-10 21:37 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-10-03 14:27 - 2015-03-05 04:32 - 00244152 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-10-03 14:27 - 2015-03-05 04:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-10-03 14:26 - 2014-10-24 03:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-10-03 14:25 - 2015-07-11 17:56 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-03 14:23 - 2014-11-26 04:05 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-10-03 14:22 - 2015-07-18 18:03 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-10-03 14:22 - 2015-01-09 02:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-03 14:21 - 2015-01-21 04:02 - 00807936 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-10-03 14:21 - 2014-08-12 04:25 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-10-03 14:19 - 2015-07-10 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-10-03 14:18 - 2015-09-02 23:26 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-10-03 14:18 - 2015-09-02 21:55 - 02067456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-10-03 14:18 - 2015-09-02 21:54 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-10-03 14:15 - 2015-08-05 17:59 - 00602112 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-10-03 14:14 - 2014-12-06 05:14 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-10-03 14:14 - 2014-12-06 05:14 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-10-03 14:14 - 2014-12-06 05:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-10-03 14:14 - 2014-10-03 03:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-10-03 14:14 - 2014-10-03 03:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-10-03 14:14 - 2014-10-03 03:17 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-10-03 14:14 - 2014-10-03 03:17 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-10-03 14:13 - 2014-08-27 02:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-10-03 14:12 - 2015-05-31 10:11 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-10-03 13:51 - 2015-07-31 23:46 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-10-03 13:51 - 2015-07-31 23:46 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-10-03 13:51 - 2015-07-31 23:46 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-10-03 13:51 - 2015-07-31 23:46 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-10-03 13:51 - 2015-07-31 22:41 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-10-03 13:51 - 2015-07-31 22:40 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-10-03 13:51 - 2015-07-31 22:35 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-10-03 13:51 - 2015-07-31 22:33 - 01072640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-10-03 13:51 - 2015-07-31 22:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-10-03 13:51 - 2015-04-11 01:22 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-10-03 13:49 - 2015-06-27 18:03 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-03 13:49 - 2015-06-27 18:02 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-03 13:49 - 2015-06-27 18:02 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-03 13:49 - 2015-06-27 18:01 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-10-03 13:49 - 2015-06-27 16:21 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-03 13:49 - 2015-06-27 16:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-03 13:49 - 2015-06-12 15:13 - 00440768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-03 13:49 - 2015-05-09 01:08 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-03 13:49 - 2015-04-30 18:03 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-03 13:49 - 2015-01-09 02:17 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-03 13:49 - 2014-10-10 03:00 - 01259008 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-03 13:49 - 2014-09-05 01:27 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2015-10-03 13:48 - 2015-07-01 17:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-10-03 13:48 - 2014-12-08 03:59 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-10-03 13:47 - 2015-07-09 16:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-10-03 13:47 - 2015-07-09 16:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-10-03 13:47 - 2015-05-05 00:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-10-03 13:46 - 2015-05-05 00:51 - 10628608 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-10-03 13:46 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-10-03 13:46 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-10-03 13:46 - 2015-05-04 23:21 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-10-03 13:45 - 2014-12-06 05:14 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-10-03 13:44 - 2014-06-06 10:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-10-03 13:43 - 2014-05-30 08:53 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-10-03 13:42 - 2014-06-14 02:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-10-03 13:42 - 2014-06-14 02:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-10-03 13:42 - 2014-04-26 18:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-10-03 13:42 - 2014-04-05 04:42 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-10-03 13:39 - 2015-08-17 19:12 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-03 13:38 - 2015-08-17 19:18 - 01814016 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-03 13:38 - 2015-08-17 19:17 - 12388352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-03 13:38 - 2015-08-17 19:14 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-03 13:38 - 2015-08-17 19:13 - 09751040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-03 13:38 - 2015-08-17 19:12 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-03 13:38 - 2015-08-17 19:11 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-03 13:38 - 2015-08-17 19:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-03 13:38 - 2015-08-17 19:10 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-10-03 13:38 - 2015-08-17 19:10 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-10-03 13:38 - 2015-08-17 19:09 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-23 20:07 - 2015-09-23 20:08 - 00010495 _____ C:\Users\Tobias\Downloads\Tobias_elster_23.09.2015_20.03.pfx
2015-09-20 22:58 - 2015-09-20 23:09 - 00000000 ____D C:\Users\Tobias\Downloads\Anna luth
2015-09-14 21:04 - 2015-09-14 21:04 - 00347816 _____ (Microsoft Corporation) C:\Users\Tobias\Downloads\MicrosoftFixit.wu.Run.exe
2015-09-13 12:57 - 2015-09-13 12:58 - 00852704 _____ C:\Users\Tobias\Downloads\SecurityCheck.exe
2015-09-13 10:55 - 2015-09-13 10:56 - 02870984 _____ (ESET) C:\Users\Tobias\Downloads\esetsmartinstaller_deu.exe
2015-09-07 20:48 - 2015-09-07 20:49 - 02190336 _____ (Farbar) C:\Users\Tobias\Downloads\FRST64 (1).exe
2015-09-06 16:25 - 2015-09-06 16:25 - 00000000 ____D C:\Users\Tobias_2\AppData\Local\elfopatch
2015-09-06 16:20 - 2015-09-06 16:21 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-06 16:18 - 2015-09-06 16:18 - 00000000 ____D C:\Users\Tobias\AppData\Local\elfopatch
2015-09-06 00:53 - 2015-09-06 00:54 - 15836530 _____ C:\Users\Tobias\Downloads\YouPorn - FakeAgentUK Petite girl big tits great fuck job done.3gp
2015-09-06 00:34 - 2015-09-06 00:39 - 49677025 _____ C:\Users\Tobias\Downloads\YouPorn - Shy Love.3gp
2015-09-06 00:14 - 2015-09-06 00:19 - 33806108 _____ C:\Users\Tobias\Downloads\YouPorn - Leopard Blond Fuck Playvision.3gp
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-05 19:52 - 2009-10-12 10:51 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-05 19:52 - 2009-10-12 10:51 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-05 19:46 - 2007-10-26 18:45 - 01973641 _____ C:\Windows\WindowsUpdate.log
2015-10-05 19:41 - 2013-06-30 17:10 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-05 19:41 - 2012-03-29 18:50 - 00001142 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003UA.job
2015-10-05 19:41 - 2012-03-29 18:50 - 00001120 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003Core.job
2015-10-05 19:41 - 2011-08-12 18:16 - 00001052 _____ C:\Windows\Tasks\Google Software Updater.job
2015-10-05 19:41 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-05 19:41 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-05 11:43 - 2014-03-25 17:55 - 00000433 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-10-05 11:42 - 2011-01-02 13:22 - 00000000 ____D C:\Windows\system32\logishrd
2015-10-05 11:42 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-05 11:40 - 2008-04-18 15:22 - 00000012 _____ C:\Windows\bthservsdp.dat
2015-10-05 11:40 - 2006-11-02 15:01 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-05 11:37 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2015-10-05 11:23 - 2006-11-02 12:33 - 01624692 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-04 20:22 - 2015-07-26 16:16 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Spotify
2015-10-04 19:53 - 2007-02-26 18:30 - 01072242 _____ C:\Windows\PFRO.log
2015-10-04 14:44 - 2009-11-09 17:21 - 00000000 ____D C:\Users\Tobias_2\AppData\Local\Google
2015-10-04 10:05 - 2009-11-09 17:21 - 00000000 ____D C:\Users\Tobias_2
2015-10-03 15:51 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2015-10-03 15:46 - 2007-02-26 18:10 - 00000000 ____D C:\Program Files\Microsoft.NET
2015-10-03 15:33 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2015-10-03 15:15 - 2006-11-02 14:47 - 00385216 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-03 15:09 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2015-10-03 15:09 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2015-10-03 14:12 - 2014-04-03 21:49 - 00000000 ____D C:\Windows\system32\MRT
2015-10-03 11:33 - 2014-02-06 19:23 - 00000000 ____D C:\Users\Tobias\Desktop\Bilder Tisch Verkaufsliste
2015-10-03 11:21 - 2014-12-15 10:09 - 00000000 ____D C:\Users\Tobias\Desktop\Faulhaber
2015-10-03 11:19 - 2015-04-25 14:33 - 00000000 ____D C:\Users\Tobias\AppData\Local\CrashDumps
2015-10-03 08:43 - 2011-11-03 16:13 - 00000000 ____D C:\Users\Tobias\AppData\Local\.elfohilfe
2015-09-27 09:05 - 2015-02-08 20:45 - 00000000 ____D C:\Users\Tobias\Desktop\Tor Browser
2015-09-21 21:04 - 2013-03-23 12:15 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-09-21 21:04 - 2011-10-16 02:25 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-09-21 20:34 - 2006-11-02 14:52 - 00149663 _____ C:\Windows\setupact.log
2015-09-12 18:21 - 2007-10-26 18:12 - 00000000 ____D C:\Users\Tobias\AppData\Local\Google
2015-09-06 20:49 - 2008-03-30 13:12 - 00000000 ____D C:\Users\Tobias\Documents\Steuerfälle
2015-09-06 19:52 - 2008-03-04 18:56 - 00000000 ____D C:\FreePDF
2015-09-06 16:26 - 2011-04-29 23:10 - 00000000 ____D C:\Program Files\ElsterFormular 2010
2015-09-06 16:26 - 2009-04-24 09:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2008-07-15 18:52 - 2008-07-15 18:52 - 0000032 _____ () C:\ProgramData\ezsid.dat
Einige Dateien in TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Maike\AppData\Local\Temp\AskSLib.dll
C:\Users\Maike\AppData\Local\Temp\avgnt.exe
C:\Users\Maike\AppData\Local\Temp\install_reader10_de_gtbp_chrd_aih[1].exe
C:\Users\Tobias\AppData\Local\Temp\02B673~1.exe
C:\Users\Tobias\AppData\Local\Temp\6ACC2D~1.exe
C:\Users\Tobias\AppData\Local\Temp\AskSLib.dll
C:\Users\Tobias\AppData\Local\Temp\avgnt.exe
C:\Users\Tobias\AppData\Local\Temp\DivXInstaller.exe
C:\Users\Tobias\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpdpyzoa.dll
C:\Users\Tobias\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Tobias\AppData\Local\Temp\FlashPlayerUpdate01.exe
C:\Users\Tobias\AppData\Local\Temp\FlashPlayerUpdate02.exe
C:\Users\Tobias\AppData\Local\Temp\FlashPlayerUpdate03.exe
C:\Users\Tobias\AppData\Local\Temp\FlashPlayerUpdate04.exe
C:\Users\Tobias\AppData\Local\Temp\FlashPlayerUpdate05.exe
C:\Users\Tobias\AppData\Local\Temp\FlashPlayerUpdate06.exe
C:\Users\Tobias\AppData\Local\Temp\FP_PL_PFS_INSTALLER-1.exe
C:\Users\Tobias\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\Tobias\AppData\Local\Temp\gtalkwmp1.dll
C:\Users\Tobias\AppData\Local\Temp\i4jdel0.exe
C:\Users\Tobias\AppData\Local\Temp\lvid_lvid.exe
C:\Users\Tobias\AppData\Local\Temp\Nokia_PC_Suite_rel_7_0_9_2_ger.exe
C:\Users\Tobias\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Tobias\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Tobias\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Tobias\AppData\Local\Temp\{92452699-A6A9-45FE-A181-BF1217B3C13B}-GoogleToolbarInstaller_updater_signed.exe
C:\Users\Tobias_2\AppData\Local\Temp\AskSLib.dll
C:\Users\Tobias_2\AppData\Local\Temp\avgnt.exe
C:\Users\Tobias_2\AppData\Local\Temp\psapi.dll
C:\Users\Tobias_2\AppData\Local\Temp\Quarantine.exe
C:\Users\Tobias_2\AppData\Local\Temp\sqlite3.dll
C:\Users\Tobias_2\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Tobias_2\AppData\Local\Temp\System.Data.SQLite97575.dll
C:\Users\Tobias_2\AppData\Local\Temp\unwise.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-05 19:48
==================== Ende vom FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:04-10-2015
durchgeführt von Tobias_2 (2015-10-05 19:58:15)
Gestartet von C:\Users\Tobias_2\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2007-10-26 16:45:09)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3051598103-94963199-2244021974-500 - Administrator - Disabled)
Gast (S-1-5-21-3051598103-94963199-2244021974-501 - Limited - Enabled) => C:\Users\Gast
Maike (S-1-5-21-3051598103-94963199-2244021974-1006 - Limited - Enabled) => C:\Users\Maike
Tobias (S-1-5-21-3051598103-94963199-2244021974-1003 - Limited - Enabled) => C:\Users\Tobias
Tobias_2 (S-1-5-21-3051598103-94963199-2244021974-1005 - Administrator - Enabled) => C:\Users\Tobias_2
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 4.57 (HKLM\...\7-Zip) (Version: - )
AAVUpdateManager (HKLM\...\{0D410F4D-9009-43F8-9DF1-BDADCE7FC43F}) (Version: 3.00.0000 - Akademische Arbeitsgemeinschaft)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Reader 9.4.4 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A94000000001}) (Version: 9.4.4 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - )
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Browser Address Error Redirector (HKLM\...\{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version: - )
CameraHelperMsi (Version: 13.00.1774.0 - Logitech) Hidden
Canon MP Navigator EX 3.0 (HKLM\...\MP Navigator EX 3.0) (Version: - )
Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version: - )
Click to DVD 2.0.05 Menu Data (HKLM\...\{9E407618-D9CD-4F39-9490-9ED45294073D}) (Version: 2.0.05 - Sony Corporation)
Click to DVD 2.6.00 (HKLM\...\{E809063C-51A3-4269-8984-D1EB742F2151}) (Version: 2.6.00 - Sony Corporation)
Cliqz (HKLM\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.0.1 - Cliqz.com)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Designer 2.0 (HKLM\...\Designer 2.0_is1) (Version: 7.7.4 - fotobuch.de AG)
DivX-Setup (HKLM\...\DivX Setup.divx.com) (Version: 1.0.2.23 - DivX, Inc. )
ElsterFormular (HKLM\...\ElsterFormular 11.2.0.4074) (Version: 11.2.0.4074 - Landesfinanzdirektion Thüringen)
ElsterFormular 2008/2009 (HKLM\...\{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}) (Version: 10.0.0.0 - Steuerverwaltung des Bundes und der Länder)
ElsterFormular-Upgrade (HKLM\...\ElsterFormular für Privatanwender 12.2.0.6412p) (Version: 16.2.17437 - Landesfinanzdirektion Thüringen)
erLT (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
fideAS® file enterprise private edition (HKLM\...\{9D02EA09-A131-49A3-8D51-8E02D04F9847}) (Version: - )
FreePDF XP (Remove only) (HKLM\...\FreePDF_XP) (Version: - )
Ghostery (HKLM\...\Ghostery) (Version: - Ghostery Inc)
Google Chrome (HKLM\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Firefox (HKLM\...\{2CCBABCB-6427-4A55-B091-49864623C43F}) (Version: 7.1.20110512 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
GPL Ghostscript 8.60 (HKLM\...\GPL Ghostscript 8.60) (Version: - )
GPL Ghostscript Fonts (HKLM\...\GPL Ghostscript Fonts) (Version: - )
HDAUDIO SoftV92 Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200) (Version: - )
ICQ7.2 (HKLM\...\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}) (Version: 7.2 - ICQ)
iTunes (HKLM\...\{86D04316-F49A-4AF2-B3F1-A1E943886CE7}) (Version: 11.3.1.2 - Apple Inc.)
Java(TM) 6 Update 29 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216029FF}) (Version: 6.0.290 - Oracle)
Java(TM) SE Runtime Environment 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160000}) (Version: 1.6.0.0 - Sun Microsystems, Inc.)
LAN-Express AS IEEE 802.11 Wireless LAN (HKLM\...\{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}) (Version: 7.1.0.116 - LAN-Express)
Logitech Vid HD (HKLM\...\Logitech Vid) (Version: 7.2 (7240) - Logitech Inc..)
Logitech Webcam Software (HKLM\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{547DCEC7-DD2A-47E9-82C7-5CF1EAB526DA}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{2DFB5485-A3EF-4298-9280-4AF80C9F4BE9}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Works (HKLM\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 de) (HKLM\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.1.1 (x86 de) (HKLM\...\Mozilla Thunderbird 24.1.1 (x86 de)) (Version: 24.1.1 - Mozilla)
Mp3tag v2.59a (HKLM\...\Mp3tag) (Version: v2.59a - Florian Heidenreich)
MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Napster 5 Beta (HKLM\...\com.Rhapsody.Napster5) (Version: 1.0.61 - Rhapsody International Inc)
Napster 5 Beta (Version: 1.0.61 - Rhapsody International Inc) Hidden
Nokia Connectivity Cable Driver (HKLM\...\{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}) (Version: 7.1.27.0 - Nokia)
Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 6.86.9.0 - Nokia)
Nokia PC Suite (Version: 6.86.9.0 - Nokia) Hidden
Nokia Software Updater (HKLM\...\{D043E0F8-5EFA-4102-A863-08F39D9DF2F4}) (Version: 02.04.005.41445 - Nokia Corporation)
OpenMG Limited Patch 4.7-07-13-24-01 (HKLM\...\OpenMG HotFix4.7-07-13-22-01) (Version: - )
OpenMG Secure Module 4.7.00 (HKLM\...\InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}) (Version: 4.7.00.12140 - Sony Corporation)
OpenMG Secure Module 4.7.00 (Version: 4.7.00.12140 - Sony Corporation) Hidden
PC Connectivity Solution (HKLM\...\{7397EDED-F38A-4654-B669-BF61065803D0}) (Version: 10.6.2.0 - Nokia)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.313.0 - Tracker Software Products Ltd)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.6 - Google, Inc.)
Pixum Fotobuch (HKLM\...\Pixum Fotobuch) (Version: - )
PokerStars.net (HKLM\...\PokerStars.net) (Version: - PokerStars.net)
PS3 Media Server (HKLM\...\PS3 Media Server) (Version: 1.81.0 - PS3 Media Server)
QuickTime (HKLM\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5350 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
Roxio Easy Media Creator Home (HKLM\...\{B7FB0C86-41A4-4402-9A33-912C462042A0}) (Version: 9.0.178 - Roxio)
SAMSUNG PC Share Manager (HKLM\...\InstallShield_{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}) (Version: 4.0 - SAMSUNG)
SAMSUNG PC Share Manager (Version: 4.0 - SAMSUNG) Hidden
Setting Utility Series (HKLM\...\{59452470-A902-477F-9338-9B88101681BD}) (Version: 2.1.00.13300 - Sony Corporation)
Skype™ 6.9 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.9.106 - Skype Technologies S.A.)
SonicStage 4.3 (HKLM\...\{A0EB195B-5876-48E6-879D-33D4B2102610}) (Version: 4.3 - Sony Corporation)
Sony Utilities DLL (HKLM\...\{EF3D45BB-2260-4008-88EA-492E7744A9DF}) (Version: 7.1.00.13300 - Sony Corporation)
Sony Video Shared Library (HKLM\...\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}) (Version: 3.1.03 - Sony Corporation)
Steuersparer 2014 (HKLM\...\{485DBEA2-58E9-4136-9E6C-6C3022B02349}) (Version: 21.00.8480 - Buhl Data Service GmbH)
TeamViewer 5 (HKLM\...\TeamViewer 5) (Version: 5.1.13999 - TeamViewer GmbH)
The GodFather (HKLM\...\The GodFather) (Version: - )
TOL 7.0.27.6 Components (HKLM\...\{82BB647B-C09E-423D-8395-BFFBA0B8644B}) (Version: 7.0.27.6 - Auralog)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.2047.00 - Microsoft Corporation)
VAIO Aqua Breeze Wallpaper (HKLM\...\{97BCD719-6ECB-458F-97D6-F38D2E07375E}) (Version: 1.0.11.13240 - Sony Corporation)
VAIO Content Importer VAIO Content Exporter (Version: 1.3.00.13300 - Sony Corporation) Hidden
VAIO Content Importer / VAIO Content Exporter (HKLM\...\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}) (Version: 1.3.00.13300 - Sony Corporation)
VAIO Control Center (HKLM\...\{FC37C108-821D-4EDE-8F40-D5B497586805}) (Version: 2.0.00.11060 - Sony Corporation)
VAIO Cozy Orange Wallpaper (HKLM\...\{2A2FF7F5-6F0E-4A5D-A881-39365E718BD6}) (Version: 1.0.11.13240 - Sony Corporation)
VAIO Data Restore Tool (HKLM\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.0.01.02070 - Sony Corporation)
VAIO Entertainment Platform (HKLM\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 2.0.02.13290 - Sony Corporation)
VAIO Event Service (HKLM\...\{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}) (Version: 3.1.00.14130 - Sony Corporation)
VAIO Hardware Diagnostics (HKLM\...\{A947C2B3-7445-42C4-9063-EE704CACCB22}) (Version: - )
VAIO Media (Version: 6.0.10 - Sony Corporation) Hidden
VAIO Media 6.0 (HKLM\...\{560F6B2E-F0DF-44E5-8190-A4A161F0E205}) (Version: 6.0.10 - Sony Corporation)
VAIO Media AC3 Decoder 1.0 (HKLM\...\{2063C2E8-3812-4BBD-9998-6610F80C1DD4}) (Version: - )
VAIO Media Content Collection 6.0 (HKLM\...\{500162A0-4DD5-460A-BAFD-895AAE48C532}) (Version: - Sony Corporation)
VAIO Media Integrated Server 6.0 (HKLM\...\{785EB1D4-ECEC-4195-99B4-73C47E187721}) (Version: - Sony Corporation)
VAIO Media Redistribution 6.0 (HKLM\...\{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}) (Version: 6.0.10 - Sony Corporation)
VAIO Media Registration Tool (Version: 6.0.10 - Sony Corporation) Hidden
VAIO Media Registration Tool 6.0 (HKLM\...\{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}) (Version: 6.0.10 - Sony Corporation)
VAIO Original Screen Saver (HKLM\...\{1BEF9285-5530-426B-A5F1-5836B95C7EB1}) (Version: - )
VAIO Photo 2007 (HKLM\...\{5E343EF6-D27C-4CFC-9FAE-9AAFB541BCEE}) (Version: 1.0.01.01250 - Sony Corporation)
VAIO Power Management (HKLM\...\{9E319E96-ED8E-4B01-9775-C521A1869A25}) (Version: 2.1.00.14090 - Sony Corporation)
VAIO Tender Green Wallpaper (HKLM\...\{934A3213-1CB6-4264-84A2-EE080C017BCA}) (Version: 1.0.11.10180 - Sony Corporation)
VAIO Update (HKLM\...\{5BEE8F1F-BD32-4553-8107-500439E43BD7}) (Version: 5.1.1.04090 - Sony Corporation)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0 - DivX, Inc) Hidden
VisiPics V1.31 (HKLM\...\VisiPics_is1) (Version: - Ozone)
VLC media player 0.9.8a (HKLM\...\VLC media player) (Version: 0.9.8a - VideoLAN Team)
Winamp (HKLM\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3051598103-94963199-2244021974-1005\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows-Treiberpaket - Nokia Modem (03/05/2008 3.7) (HKLM\...\CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A) (Version: 03/05/2008 3.7 - Nokia)
Windows-Treiberpaket - Nokia Modem (03/13/2008 6.86.0.1) (HKLM\...\E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D) (Version: 03/13/2008 6.86.0.1 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinDVD for VAIO (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B6.113 - InterVideo Inc.)
WinDVD for VAIO (Version: 8.0-B6.113 - InterVideo Inc.) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3051598103-94963199-2244021974-1005_Classes\CLSID\{7644204c-5eb0-4e21-b225-fc6c1fca74f7}\localserver32 -> C:\Program Files\Nokia\Nokia PC Suite 6\MultimediaPlayer.exe (Nokia)
CustomCLSID: HKU\S-1-5-21-3051598103-94963199-2244021974-1005_Classes\CLSID\{FBE88A10-FF53-11E0-AB2A-AE904824019B}\InprocServer32 -> C:\Users\Tobias_2\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAI~1.DLL => Keine Datei
==================== Wiederherstellungspunkte =========================
20-09-2015 20:50:03 Geplanter Prüfpunkt
21-09-2015 20:48:14 Windows Update
25-09-2015 18:32:36 Geplanter Prüfpunkt
03-10-2015 11:43:18 Windows Update
03-10-2015 13:44:59 Windows Update
03-10-2015 15:42:55 Windows Update
04-10-2015 12:13:08 Geplanter Prüfpunkt
05-10-2015 10:00:53 Windows Update
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {03292A64-7B17-437B-9DA2-D3E930906277} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-03] (Google Inc.)
Task: {04B8B746-6BF7-47EA-99D0-7730BCE7F577} - System32\Tasks\LaunchMCV => MyClubVaio.vbs
Task: {0B5E040C-AD07-4054-8009-55FD6A6AAB7E} - System32\Tasks\MCVRegistrationReminder3 => reminder.exe
Task: {0E88563E-6870-46CC-85C5-28B2E654BE19} - System32\Tasks\SONY\WSSU\WSSU => C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
Task: {0F614CB5-37C8-4B6F-80B6-ABC59FA334AB} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09] (Sun Microsystems, Inc.)
Task: {1E0CF3DC-DF39-437B-8205-25DCC08EADFC} - System32\Tasks\MCVRegistrationReminder2 => reminder.exe
Task: {2209DF9F-5640-4DEB-84C3-3436BC3034CB} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003UA => C:\Users\Tobias\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {2BFBEBC7-9615-4E55-B21E-5C30EAE3A84C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003Core => C:\Users\Tobias\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {3FABAD80-64FB-4D44-A4B7-6D6A8EEF1F25} - System32\Tasks\MCVRegistrationReminder4 => reminder.exe
Task: {4358621B-9F5F-4ACD-A7BC-31CAD8B59FD2} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21] (Adobe Systems Incorporated)
Task: {4790FDBD-6127-4D9B-89AC-71F68627654D} - System32\Tasks\MCVSurveyReminder1 => reminder.exe
Task: {56B9293A-1863-4DDD-83CA-28AC0A33836D} - System32\Tasks\MCVSurveyReminder2 => reminder.exe
Task: {62B77C40-E498-4DC1-9254-5B51BE706ECB} - System32\Tasks\MCVSurveyReminder3 => reminder.exe
Task: {6AA69C80-8E22-4030-90B1-3955E6D3EEA4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-21] (Adobe Systems Incorporated)
Task: {7751B2CE-0C18-4074-96ED-62A6FF85FF5F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9362BE8A-1751-4D85-A816-C3F0C1DFB5E6} - System32\Tasks\{5CD16FC8-E171-4B05-BB45-1B854FD80A0E} => pcalua.exe -a C:\ProgramData\Sony\MyClubVAIO\MyClubVAIO.exe -d C:\ProgramData\Sony\MyClubVAIO
Task: {9A27AE43-7CC4-40F4-9500-12DF824E11E8} - System32\Tasks\MCVRegistrationReminder1 => reminder.exe
Task: {AE312CF0-704E-4EF9-A1F9-BFAAE6181039} - System32\Tasks\{49422247-D8A0-4B6E-8E37-82554BEFE11E} => pcalua.exe -a C:\Users\Tobias\setup-Reisen-tuerkriviera.exe -d C:\Users\Tobias
Task: {AECAC0BB-56ED-42A9-A828-4FF6F51307D4} - System32\Tasks\SONY\VAIO Update\VAIO Update 5 => C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe [2010-04-09] (Sony Corporation)
Task: {B2071D54-F7E8-4E5D-ADCB-061257AB6345} - System32\Tasks\SONY\VAIO Update\Launch Application => C:\Program Files\Sony\VAIO Update 5\ShellExeProxy.exe [2010-04-09] (Sony Corporation)
Task: {B7A2ACFD-BA6A-4102-A268-B20318834D79} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-03] (Google Inc.)
Task: {C14DD04F-1A66-48E6-A975-7522B5C4CA43} - System32\Tasks\MCVSurveyReminder4 => reminder.exe
Task: {CB78B3AD-2040-4A0E-8C42-518D858E778A} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-19] (Microsoft Corporation)
Task: {D80E2DFA-FB3A-4170-B7AA-727A4CFA4D14} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-22] (Google)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003Core.job => C:\Users\Tobias\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003UA.job => C:\Users\Tobias\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2008-03-04 18:53 - 2005-01-06 19:33 - 00116224 _____ () C:\Windows\System32\redmonnt.dll
2008-10-24 15:35 - 2008-10-24 15:35 - 00128296 _____ () C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2007-02-26 18:01 - 2007-02-13 16:19 - 00010752 _____ () C:\Program Files\Sony\VAIO Event Service\VESBasePS.dll
2007-02-26 18:01 - 2007-02-13 16:19 - 00009728 _____ () C:\Program Files\Sony\VAIO Event Service\VESMgrSubPS.dll
2009-11-11 21:01 - 2009-04-11 08:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll
2007-02-26 21:02 - 2007-01-24 11:04 - 00061440 _____ () C:\Windows\system32\igfxTMM.dll
2007-02-26 21:02 - 2007-01-24 11:02 - 00077824 _____ () C:\Windows\system32\hccutils.DLL
2007-02-26 21:02 - 2007-01-24 11:02 - 00077824 _____ () C:\Windows\System32\hccutils.DLL
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
DNS Servers: 192.168.192.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [{28CFDEA3-1FFE-445E-BD6B-A4637549DBF5}] => (Allow) C:\Program Files\Google\Google Talk\googletalk.exe
FirewallRules: [{B853D6C8-BE18-4F9F-BA31-E6B14A1C8375}] => (Allow) C:\Program Files\Google\Google Talk\googletalk.exe
FirewallRules: [{1A1CD5E7-2AC5-404F-8A09-8FB4D708E942}] => (Allow) C:\Program Files\sony\VAIO Media 6.0\Vc.exe
FirewallRules: [{0EDBBDDF-09F8-4990-96F5-458203C2CF9B}] => (Allow) C:\Program Files\sony\VAIO Media 6.0\Vc.exe
FirewallRules: [TCP Query User{2481657B-1641-4E6C-A363-5423EE417079}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [UDP Query User{55C341FC-8AC2-4B7E-B136-D3D0E6ED184E}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [TCP Query User{6B5686E8-CB7A-4058-8BB6-B06F0A96A270}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{8D9186EB-1153-4738-85F7-A0D1B3D88093}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{D9961355-22D1-495C-B015-48F80A6E1FAA}F:\medias42\jre\bin\javaw.exe] => (Allow) F:\medias42\jre\bin\javaw.exe
FirewallRules: [UDP Query User{9306F6B8-408E-4501-9715-6C0C4A46B0E2}F:\medias42\jre\bin\javaw.exe] => (Allow) F:\medias42\jre\bin\javaw.exe
FirewallRules: [TCP Query User{1E3B55D9-83D2-4EF5-8928-7B319DEC8449}H:\filme und musik normen\spiele\soldat\soldat\soldat.exe] => (Block) H:\filme und musik normen\spiele\soldat\soldat\soldat.exe
FirewallRules: [UDP Query User{A05C71EC-5117-4B68-A649-E1976551D6D2}H:\filme und musik normen\spiele\soldat\soldat\soldat.exe] => (Block) H:\filme und musik normen\spiele\soldat\soldat\soldat.exe
FirewallRules: [{93C19A66-0B4F-4500-8F22-4BF65D3BA3D2}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{AD5316F2-BCE8-4EAF-9AE9-795EF71C8D15}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [UDP Query User{64B3005A-B06D-42BE-9D61-B63EF593CF77}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [TCP Query User{7A3D3597-79EE-4E7C-86EC-D2C472DDBCAB}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [UDP Query User{067C67C2-4FF9-430C-9D87-BB6844606E77}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [{944DA102-993D-4305-88F0-E17C7BD1EF21}] => (Allow) C:\Windows\Temp\KD_installer.exe
FirewallRules: [{72E8284F-400C-4DAD-A540-0045A3509488}] => (Allow) C:\Windows\Temp\KD_installer.exe
FirewallRules: [TCP Query User{FA429FA2-8476-4AED-831F-82B7396E4462}C:\program files\icq6.5\icq.exe] => (Allow) C:\program files\icq6.5\icq.exe
FirewallRules: [UDP Query User{594768EA-2059-41A3-9118-B9C468D1B751}C:\program files\icq6.5\icq.exe] => (Allow) C:\program files\icq6.5\icq.exe
FirewallRules: [TCP Query User{5D950F6A-0BAB-4DB8-935F-CBDE976BCCAC}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe] => (Allow) C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [UDP Query User{3A9F5922-2D10-45AD-ACFF-FB700F4DFB17}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe] => (Allow) C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [TCP Query User{C8108D91-91C2-4E2F-942E-7B29D4667048}C:\program files\nokia\nokia software updater\nsu_ui_client.exe] => (Allow) C:\program files\nokia\nokia software updater\nsu_ui_client.exe
FirewallRules: [UDP Query User{88A4A4B2-1C61-4141-8DE4-BEB6CF68FE26}C:\program files\nokia\nokia software updater\nsu_ui_client.exe] => (Allow) C:\program files\nokia\nokia software updater\nsu_ui_client.exe
FirewallRules: [TCP Query User{E522214B-C37A-4DE1-BDE3-72794AA78FE8}C:\program files\nokia\nokia software updater\nsu_ui_client.exe] => (Allow) C:\program files\nokia\nokia software updater\nsu_ui_client.exe
FirewallRules: [UDP Query User{2F0305A5-97DF-4A65-BFD7-AB57A24F0C0C}C:\program files\nokia\nokia software updater\nsu_ui_client.exe] => (Allow) C:\program files\nokia\nokia software updater\nsu_ui_client.exe
FirewallRules: [TCP Query User{99F8A7D3-7E51-4A2D-A672-A1CB9335A821}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe] => (Allow) C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [UDP Query User{41DCE95C-86F8-476E-84A3-E56B1FDD0283}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe] => (Allow) C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [{EA68F7EC-2EE8-4A2E-8800-A2D75AFB86E5}] => (Allow) C:\Program Files\TeamViewer\Version5\TeamViewer.exe
FirewallRules: [{2ABAE764-8746-4C1A-BF23-1E3D0D78D172}] => (Allow) C:\Program Files\TeamViewer\Version5\TeamViewer.exe
FirewallRules: [TCP Query User{7AAF1241-C0AF-4C7D-8E9F-53E259B60A2A}C:\program files\google\google earth\client\googleearth.exe] => (Block) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{3F1F2C39-0675-4BC9-AEA9-DB34BA799DF8}C:\program files\google\google earth\client\googleearth.exe] => (Block) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [{1AA33B8E-5CC2-4A18-961C-16E6647E38D3}] => (Allow) C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{2B6F0BC7-8F2E-41E6-A31A-938A748AC480}] => (Allow) C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{0AA0629C-83BE-436A-896F-D164B52938B3}] => (Allow) C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{0BC252E2-5A17-4E07-8DA6-2B55CE22B84F}] => (Allow) C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{B674EE12-A64D-46D5-B5C5-43CBA55BA932}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{9F77F05A-21D3-4DE1-A3E1-79D39191C15D}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{4ADFAAB8-6F72-42F1-B0FE-9F50B299F963}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{F4FFDFE3-41C8-4640-BFE3-44C15784CB8D}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{7E69422E-A34A-4BE6-825F-3B182B0744B5}] => (Allow) C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
FirewallRules: [{9E4E39E6-E721-4433-8144-B9DA09366166}] => (Allow) C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
FirewallRules: [{C903A740-D1DA-4512-814B-E734F7EB5664}] => (Allow) C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe
FirewallRules: [{03CB3D3D-FD62-4813-A92B-1E22866EC922}] => (Allow) C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe
FirewallRules: [{6D770C92-8066-464F-9EA9-E23633C2C834}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe
FirewallRules: [{997DDA14-3ACE-4601-9E76-C977ED47E7EC}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe
FirewallRules: [{0A536BE2-9B8B-45B4-B064-691B3AF3D32E}] => (Allow) C:\Users\Tobias\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{09BC94BA-3A7C-44C2-B9E5-41C53AFB5917}] => (Allow) C:\Users\Tobias\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{02C154E6-9507-42A0-B539-BD9DDCDD7C68}] => (Allow) C:\Program Files\TeamViewer\Version5\TeamViewer.exe
FirewallRules: [{C6FA9CB9-A187-4569-8B98-D06B92C4DD75}] => (Allow) C:\Program Files\TeamViewer\Version5\TeamViewer.exe
FirewallRules: [{A83763DD-9B9B-4ABE-A734-3EABCB4DEC66}] => (Allow) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
FirewallRules: [{313C0051-51C5-4A31-B14E-35A0EC404B0F}] => (Allow) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
FirewallRules: [{AE3D2A82-EF1A-4177-8AB9-130E30509122}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{64AEE323-F9A2-4C6F-A44D-76CB4DB639D0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{31F31923-621F-4331-8F19-12DD86BD58DD}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe
FirewallRules: [UDP Query User{35B4ABDB-BD77-405D-B3FE-5B59CF18C0FD}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe
FirewallRules: [TCP Query User{17C64AD6-E2F8-488E-9B0F-459BC3A19388}C:\program files\winamp\winamp.exe] => (Block) C:\program files\winamp\winamp.exe
FirewallRules: [UDP Query User{777E9E31-7F55-445C-9ABB-641DF8685D31}C:\program files\winamp\winamp.exe] => (Block) C:\program files\winamp\winamp.exe
FirewallRules: [TCP Query User{2C843C09-6FDD-40EF-BE30-3E57BC37A234}C:\program files\java\jre6\bin\javaw.exe] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{E2BE1DDD-D5B2-418C-A623-EB2A7742AEC3}C:\program files\java\jre6\bin\javaw.exe] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{FEB4580A-36CA-4578-9E7C-1E79D7CE7F30}C:\users\gast\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gast\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{35E4F129-FC20-4D7D-9C77-CE0B1EDE6FEB}C:\users\gast\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gast\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{9A673BBC-A7B6-4192-8183-D705150C0C84}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{923894EE-0F16-4343-82E0-F3D0082A1FB6}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{6C06EB5A-861B-469B-A132-CAA7DA24AE55}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{3E862549-9089-4CB8-B75B-1648B7E5986E}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{68168967-06E5-462E-8D18-57B124DC6AA9}] => (Allow) LPort=80
FirewallRules: [{56BA1E51-2A5E-4EFA-B160-4552B941741C}] => (Allow) LPort=80
FirewallRules: [{82951208-6457-4AF9-82B8-BD534CD1CF46}] => (Allow) LPort=80
FirewallRules: [{5597D2B1-B28D-4508-A17B-748A6F5C9C4B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5DEAC93A-CBED-41A3-B1FA-7BFED7E30443}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{789A0F53-28A5-4728-B5AB-2E62A2AEA6EC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{0DA9DD76-ADA6-4040-94B3-EADDEFF9E2D6}C:\users\tobias\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tobias\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5778E77C-9FDE-4220-8F6A-7361D7EBD168}C:\users\tobias\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tobias\appdata\roaming\spotify\spotify.exe
FirewallRules: [{85DF8EB2-15F9-4EF5-B460-3A90DC1486C6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\fotobuch.de AG\Designer 2.0\Designer.exe] => Designer.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/05/2015 11:46:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15600
Error: (10/05/2015 11:46:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15600
Error: (10/05/2015 11:46:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/05/2015 11:40:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 49036559
Error: (10/05/2015 11:40:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 49036559
Error: (10/05/2015 11:40:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/05/2015 11:40:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 49020959
Error: (10/05/2015 11:40:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 49020959
Error: (10/05/2015 11:40:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/05/2015 11:39:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 49005359
Systemfehler:
=============
Error: (10/05/2015 07:46:03 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner Fehler ist im Speicher-Manager aufgetreten.
Error: (10/05/2015 07:41:13 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner Fehler ist im Speicher-Manager aufgetreten.
Error: (10/05/2015 11:43:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (10/05/2015 11:43:41 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (10/05/2015 10:01:24 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
Error: (10/04/2015 08:16:57 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner Fehler ist im Speicher-Manager aufgetreten.
Error: (10/04/2015 08:16:56 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner Fehler ist im Speicher-Manager aufgetreten.
Error: (10/04/2015 08:16:23 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {0228576F-6E6C-4E1A-B175-0E46A316AFE2}
Error: (10/04/2015 08:14:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (10/04/2015 08:14:33 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
CodeIntegrity:
===================================
Date: 2015-10-05 19:57:49.353
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-05 19:57:48.987
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-05 19:57:48.599
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-05 19:57:48.201
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-05 19:57:47.512
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-05 19:57:47.150
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-05 19:57:46.715
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-05 19:57:46.314
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-05 19:56:46.882
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-05 19:56:46.482
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz
Prozentuale Nutzung des RAM: 88%
Installierter physikalischer RAM: 1013.45 MB
Verfügbarer physikalischer RAM: 118.99 MB
Summe virtueller Speicher: 2293.21 MB
Verfügbarer virtueller Speicher: 1195.21 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:83.85 GB) (Free:0.91 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 93.2 GB) (Disk ID: 0A508B38)
Partition 1: (Not Active) - (Size=9.3 GB) - (Type=27)
Partition 2: (Active) - (Size=83.8 GB) - (Type=07 NTFS)
==================== Ende vom Addition.txt ============================
|
|
06.10.2015, 17:07
| #6 |
| /// the machine /// TB-Ausbilder | Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ --> Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan |
|
06.10.2015, 20:56
| #7 |
| | Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-ScanCode:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.10.06.04
rootkit: v2015.10.06.01
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Tobias_2 :: TOBI-PC [administrator]
06.10.2015 19:07:02
mbar-log-2015-10-06 (19-07-02).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 481229
Time elapsed: 1 hour(s), 29 minute(s), 25 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 21:36:19.0382 0x0354 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
21:36:28.0009 0x0354 ============================================================
21:36:28.0009 0x0354 Current date / time: 2015/10/06 21:36:28.0009
21:36:28.0009 0x0354 SystemInfo:
21:36:28.0009 0x0354
21:36:28.0009 0x0354 OS Version: 6.0.6002 ServicePack: 2.0
21:36:28.0009 0x0354 Product type: Workstation
21:36:28.0009 0x0354 ComputerName: TOBI-PC
21:36:28.0009 0x0354 UserName: Tobias_2
21:36:28.0009 0x0354 Windows directory: C:\Windows
21:36:28.0009 0x0354 System windows directory: C:\Windows
21:36:28.0009 0x0354 Processor architecture: Intel x86
21:36:28.0009 0x0354 Number of processors: 2
21:36:28.0009 0x0354 Page size: 0x1000
21:36:28.0009 0x0354 Boot type: Normal boot
21:36:28.0009 0x0354 ============================================================
21:36:30.0926 0x0354 KLMD registered as C:\Windows\system32\drivers\10070269.sys
21:36:31.0207 0x0354 System UUID: {7ED84DCB-C024-F772-B4FD-776C42758474}
21:36:31.0909 0x0354 Drive \Device\Harddisk0\DR0 - Size: 0x174A446000 ( 93.16 Gb ), SectorSize: 0x200, Cylinders: 0x2F81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:36:32.0033 0x0354 ============================================================
21:36:32.0033 0x0354 \Device\Harddisk0\DR0:
21:36:32.0033 0x0354 MBR partitions:
21:36:32.0033 0x0354 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x12A0800, BlocksNum 0xA7B1000
21:36:32.0033 0x0354 ============================================================
21:36:32.0252 0x0354 C: <-> \Device\Harddisk0\DR0\Partition1
21:36:32.0455 0x0354 ============================================================
21:36:32.0455 0x0354 Initialize success
21:36:32.0455 0x0354 ============================================================
21:38:09.0081 0x17fc ============================================================
21:38:09.0081 0x17fc Scan started
21:38:09.0081 0x17fc Mode: Manual; SigCheck; TDLFS;
21:38:09.0081 0x17fc ============================================================
21:38:09.0081 0x17fc KSN ping started
21:38:10.0314 0x17fc KSN ping finished: true
21:38:11.0094 0x17fc ================ Scan system memory ========================
21:38:11.0094 0x17fc System memory - ok
21:38:11.0094 0x17fc ================ Scan services =============================
21:38:11.0281 0x17fc [ 585E64BB6DFBC0A2F1F0B554DED012DF, D1AB49DA951583E8E8154D977A47F4D20911BD4F77A0D5AD1293570426F3F6FA ] 61883 C:\Windows\system32\DRIVERS\61883.sys
21:38:11.0764 0x17fc 61883 - ok
21:38:11.0920 0x17fc [ 7EEB488346FBFA3731276C3EE8A8FD9E, 97D2E49C2E615E38E8176F1C1551BF452CC6A00787FF90845EFF27A4E6E20B1F ] AAV UpdateService C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
21:38:11.0936 0x17fc AAV UpdateService - ok
21:38:11.0983 0x17fc [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI C:\Windows\system32\drivers\acpi.sys
21:38:12.0014 0x17fc ACPI - ok
21:38:12.0139 0x17fc [ C6D147C12C424373B016C0AB0A6C61EB, 043D44F3C942CFC3558E782938C26849BF648A58A7AA62C4A526E37DE4136C27 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:38:12.0170 0x17fc AdobeFlashPlayerUpdateSvc - ok
21:38:12.0217 0x17fc [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:38:12.0264 0x17fc adp94xx - ok
21:38:12.0326 0x17fc [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:38:12.0342 0x17fc adpahci - ok
21:38:12.0373 0x17fc [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
21:38:12.0388 0x17fc adpu160m - ok
21:38:12.0404 0x17fc [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:38:12.0435 0x17fc adpu320 - ok
21:38:12.0466 0x17fc [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:38:12.0607 0x17fc AeLookupSvc - ok
21:38:12.0669 0x17fc [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD C:\Windows\system32\drivers\afd.sys
21:38:12.0763 0x17fc AFD - ok
21:38:12.0841 0x17fc [ EF23439CDD587F64C2C1B8825CEAD7D8, 762665CFC202B3E16CA2338887896FDF996331A363DC709F1EC088BF927133A3 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:38:12.0856 0x17fc agp440 - ok
21:38:12.0888 0x17fc [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
21:38:12.0903 0x17fc aic78xx - ok
21:38:12.0950 0x17fc [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG C:\Windows\System32\alg.exe
21:38:13.0012 0x17fc ALG - ok
21:38:13.0044 0x17fc [ 90395B64600EBB4552E26E178C94B2E4, 73095893964DC7915983B58A567184FC51949C99341E7E0D04D70CC4C4F95E37 ] aliide C:\Windows\system32\drivers\aliide.sys
21:38:13.0059 0x17fc aliide - ok
21:38:13.0636 0x17fc [ AAA1F9D4CF4C976C21BCA8AFA2BAE6A4, E8625FC2676A5E1C70E2F8AF40A4B1FF908748401B9B169285E2A7277B6E123E ] AllShare C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
21:38:14.0432 0x17fc AllShare - detected UnsignedFile.Multi.Generic ( 1 )
21:38:15.0602 0x17fc Detect skipped due to KSN trusted
21:38:15.0602 0x17fc AllShare - ok
21:38:15.0649 0x17fc [ 2B13E304C9DFDFA5EB582F6A149FA2C7, 196CCE13E0376526B79D9C43D4071990576C4DD210A48E9E922B438AA11C95E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
21:38:15.0664 0x17fc amdagp - ok
21:38:15.0696 0x17fc [ 0577DF1D323FE75A739C787893D300EA, 079EF3CA18FB847DB7E62929071BFF007FAF390E1DBF4C59F28DAAC6B9C2DE51 ] amdide C:\Windows\system32\drivers\amdide.sys
21:38:15.0711 0x17fc amdide - ok
21:38:15.0742 0x17fc [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
21:38:15.0976 0x17fc AmdK7 - ok
21:38:16.0023 0x17fc [ 0CA0071DA4315B00FC1328CA86B425DA, 4F816FA2197166A83A266084F9D5ED68876D0521D378F90F1314DD53C6FB8814 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:38:16.0132 0x17fc AmdK8 - ok
21:38:16.0195 0x17fc [ 7C2F57BCE81FA74933F0E1C84A97C9DB, FC84A1B09379B74CEA8AFED4F1AF5F8609DE46AB89B42E4EE70D286FB256F4D7 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
21:38:16.0226 0x17fc ApfiltrService - ok
21:38:16.0288 0x17fc [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo C:\Windows\System32\appinfo.dll
21:38:16.0351 0x17fc Appinfo - ok
21:38:16.0444 0x17fc [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:38:16.0460 0x17fc Apple Mobile Device - ok
21:38:16.0507 0x17fc [ D979AFA397FD14AA3B9ACACD40005BCC, CD18EAC814A0670D5E64C53BA823F91F36E67CC855D5C26525ED04EC76A92BA2 ] apsecf3 C:\Program Files\apsec\fideAS file enterprise\Private Edtion\vt\apsecf3.sys
21:38:16.0569 0x17fc apsecf3 - detected UnsignedFile.Multi.Generic ( 1 )
21:38:17.0739 0x17fc Detect skipped due to KSN trusted
21:38:17.0739 0x17fc apsecf3 - ok
21:38:17.0755 0x17fc [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc C:\Windows\system32\drivers\arc.sys
21:38:17.0770 0x17fc arc - ok
21:38:17.0848 0x17fc [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:38:17.0864 0x17fc arcsas - ok
21:38:17.0911 0x17fc [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:38:17.0973 0x17fc AsyncMac - ok
21:38:18.0020 0x17fc [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi C:\Windows\system32\drivers\atapi.sys
21:38:18.0036 0x17fc atapi - ok
21:38:18.0129 0x17fc [ 7FA516FC81DD5931F389B56279A27A3E, 8129AF036E37D532CCF0AEFB4319B0D9A27B4F636206E963B1E922E710751334 ] athr C:\Windows\system32\DRIVERS\athr.sys
21:38:18.0285 0x17fc athr - ok
21:38:18.0363 0x17fc [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:38:18.0441 0x17fc AudioEndpointBuilder - ok
21:38:18.0457 0x17fc [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:38:18.0488 0x17fc Audiosrv - ok
21:38:18.0535 0x17fc [ F4B56425A00BEB32F5FA6603FF7B0EA2, E91E401053AC9363DE4675879D01B4E0D4054B7AEBBFEE656861170820F53278 ] Avc C:\Windows\system32\DRIVERS\avc.sys
21:38:18.0582 0x17fc Avc - ok
21:38:18.0644 0x17fc [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep C:\Windows\system32\drivers\Beep.sys
21:38:18.0706 0x17fc Beep - ok
21:38:18.0800 0x17fc [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE C:\Windows\System32\bfe.dll
21:38:18.0925 0x17fc BFE - ok
21:38:19.0018 0x17fc [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS C:\Windows\System32\qmgr.dll
21:38:19.0128 0x17fc BITS - ok
21:38:19.0128 0x17fc blbdrive - ok
21:38:19.0237 0x17fc [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:38:19.0268 0x17fc Bonjour Service - ok
21:38:19.0346 0x17fc [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:38:19.0408 0x17fc bowser - ok
21:38:19.0455 0x17fc [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
21:38:19.0502 0x17fc BrFiltLo - ok
21:38:19.0518 0x17fc [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
21:38:19.0580 0x17fc BrFiltUp - ok
21:38:19.0642 0x17fc [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser C:\Windows\System32\browser.dll
21:38:19.0720 0x17fc Browser - ok
21:38:19.0752 0x17fc [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid C:\Windows\system32\drivers\brserid.sys
21:38:19.0845 0x17fc Brserid - ok
21:38:19.0876 0x17fc [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
21:38:19.0954 0x17fc BrSerWdm - ok
21:38:19.0986 0x17fc [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
21:38:20.0048 0x17fc BrUsbMdm - ok
21:38:20.0064 0x17fc [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
21:38:20.0142 0x17fc BrUsbSer - ok
21:38:20.0188 0x17fc [ 6D39C954799B63BA866910234CF7D726, 1D807C3410C01C76E5810D626F23C1CCED3C9C5A65F39267B770C494C8D64114 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
21:38:20.0220 0x17fc BthEnum - ok
21:38:20.0266 0x17fc [ 9A966A8E86D1771911AE34A20D11BFF3, FBD5F621A47A3530B325816E71F0C4BCE5CCE731C57DEBD42ACFC8BCAA258656 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:38:20.0313 0x17fc BTHMODEM - ok
21:38:20.0344 0x17fc [ 5904EFA25F829BF84EA6FB045134A1D8, 66E4160CC404744576BA6E9DD606B533F42B3D4A3E2FDD457DAA016CC72A81CC ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
21:38:20.0391 0x17fc BthPan - ok
21:38:20.0469 0x17fc [ 611FF3F2F095C8D4A6D4CFD9DCC09793, 2F27A1287ABCDB9C316EB720D1855100666240959CF969D5B2679C9ABCBD6050 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
21:38:20.0563 0x17fc BTHPORT - ok
21:38:20.0610 0x17fc [ A4C8377FA4A994E07075107DBE2E3DCE, C3CDAA7B83D130100044341C23897CC6C257FA075A8D08B8551F4A28AE8CE6C4 ] BthServ C:\Windows\System32\bthserv.dll
21:38:20.0688 0x17fc BthServ - ok
21:38:20.0688 0x17fc [ D330803EAB2A15CAEC7F011F1D4CB30E, 240FFF317C90AD8966DA9666F2748F98CEC3CB99C486F399D1C68FE0E393EE68 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
21:38:20.0734 0x17fc BTHUSB - ok
21:38:20.0797 0x17fc [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:38:20.0875 0x17fc cdfs - ok
21:38:20.0937 0x17fc [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:38:21.0015 0x17fc cdrom - ok
21:38:21.0078 0x17fc [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc C:\Windows\System32\certprop.dll
21:38:21.0140 0x17fc CertPropSvc - ok
21:38:21.0187 0x17fc [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass C:\Windows\system32\drivers\circlass.sys
21:38:21.0265 0x17fc circlass - ok
21:38:21.0327 0x17fc [ 5D9311526801643000D7032A83B18B12, C5A98868A41446617B3A27C6C4AAFA4E7C093E253E8C1DD5DBFE6FAE21991209 ] CLFS C:\Windows\system32\CLFS.sys
21:38:21.0343 0x17fc CLFS - ok
21:38:21.0436 0x17fc [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:38:21.0452 0x17fc clr_optimization_v2.0.50727_32 - ok
21:38:21.0577 0x17fc [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:38:21.0592 0x17fc clr_optimization_v4.0.30319_32 - ok
21:38:21.0624 0x17fc CLTNetCnService - ok
21:38:21.0670 0x17fc [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:38:21.0733 0x17fc CmBatt - ok
21:38:21.0764 0x17fc [ 45201046C776FFDAF3FC8A0029C581C8, 68A68CF2B76598BC8610EB5B2D3FD5BDC9D51CFC6F51FB7A0B0C92A2BE910FC6 ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:38:21.0780 0x17fc cmdide - ok
21:38:21.0811 0x17fc [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:38:21.0826 0x17fc Compbatt - ok
21:38:21.0842 0x17fc COMSysApp - ok
21:38:21.0842 0x17fc [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:38:21.0858 0x17fc crcdisk - ok
21:38:21.0873 0x17fc [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe C:\Windows\system32\drivers\crusoe.sys
21:38:21.0951 0x17fc Crusoe - ok
21:38:22.0014 0x17fc [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:38:22.0060 0x17fc CryptSvc - ok
21:38:22.0138 0x17fc [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:38:22.0216 0x17fc DcomLaunch - ok
21:38:22.0279 0x17fc [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:38:22.0310 0x17fc DfsC - ok
21:38:22.0497 0x17fc [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR C:\Windows\system32\DFSR.exe
21:38:22.0716 0x17fc DFSR - ok
21:38:22.0778 0x17fc [ 54D0B8343CE8C22412A5F29D32EFD211, D78BF09680FF19523C84E862593B45637D91A079C79CAB63A13726E7ACA8ABBF ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
21:38:22.0934 0x17fc dg_ssudbus - ok
21:38:23.0012 0x17fc [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
21:38:23.0059 0x17fc Dhcp - ok
21:38:23.0137 0x17fc [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk C:\Windows\system32\drivers\disk.sys
21:38:23.0152 0x17fc disk - ok
21:38:23.0199 0x17fc [ F206E28ED74C491FD5D7C0A1119CE37F, DB6AA9C9278F5F62717504F3B21BC2250EC5EB324EBEEAF01D42268D5657B83D ] DMICall C:\Windows\system32\DRIVERS\DMICall.sys
21:38:23.0215 0x17fc DMICall - ok
21:38:23.0277 0x17fc [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:38:23.0324 0x17fc Dnscache - ok
21:38:23.0402 0x17fc [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc C:\Windows\System32\dot3svc.dll
21:38:23.0449 0x17fc dot3svc - ok
21:38:23.0511 0x17fc [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS C:\Windows\system32\dps.dll
21:38:23.0542 0x17fc DPS - ok
21:38:23.0589 0x17fc [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:38:23.0636 0x17fc drmkaud - ok
21:38:23.0714 0x17fc [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:38:23.0761 0x17fc DXGKrnl - ok
21:38:23.0823 0x17fc [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
21:38:23.0901 0x17fc E1G60 - ok
21:38:23.0964 0x17fc [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost C:\Windows\System32\eapsvc.dll
21:38:24.0010 0x17fc EapHost - ok
21:38:24.0213 0x17fc [ 560EDC0912BDB68290930E2542823A24, CB9578A19F717FBD388F2BE8179CF2D4755DF11AD246E13AF1D43E25CA026386 ] eapihdrv C:\Users\Tobias_2\AppData\Local\Temp\ehdrv.sys
21:38:24.0229 0x17fc eapihdrv - ok
21:38:24.0276 0x17fc [ 9BAB89DBB27891DEEF6E1F1B589A6ED4, 61BE4A6394ED5C99CB84B720F6AA6B97C7FE71A7A04D822F6EE99AB084C55606 ] Ecache C:\Windows\system32\drivers\ecache.sys
21:38:24.0291 0x17fc Ecache - ok
21:38:24.0369 0x17fc [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:38:24.0447 0x17fc ehRecvr - ok
21:38:24.0478 0x17fc [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched C:\Windows\ehome\ehsched.exe
21:38:24.0556 0x17fc ehSched - ok
21:38:24.0572 0x17fc [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart C:\Windows\ehome\ehstart.dll
21:38:24.0603 0x17fc ehstart - ok
21:38:24.0666 0x17fc [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:38:24.0697 0x17fc elxstor - ok
21:38:24.0775 0x17fc [ E798C0BDFA4913CCF8A646D29BB34796, 7CDB2BCCDD8A8A70C6248C327A357EA3488C7ADED32D4F89B933ED72AE12B73B ] EMDMgmt C:\Windows\system32\emdmgmt.dll
21:38:24.0837 0x17fc EMDMgmt - ok
21:38:24.0931 0x17fc [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem C:\Windows\system32\es.dll
21:38:25.0024 0x17fc EventSystem - ok
21:38:25.0071 0x17fc [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat C:\Windows\system32\drivers\exfat.sys
21:38:25.0134 0x17fc exfat - ok
21:38:25.0180 0x17fc [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:38:25.0212 0x17fc fastfat - ok
21:38:25.0258 0x17fc [ 63BDADA84951B9C03E641800E176898A, AD3EA20CAD0E0C438422D5D39AEA9E0AAD9E1DC866A696AE503C76F5FAC4BE6E ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:38:25.0336 0x17fc fdc - ok
21:38:25.0368 0x17fc [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost C:\Windows\system32\fdPHost.dll
21:38:25.0430 0x17fc fdPHost - ok
21:38:25.0477 0x17fc [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub C:\Windows\system32\fdrespub.dll
21:38:25.0555 0x17fc FDResPub - ok
21:38:25.0617 0x17fc [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:38:25.0633 0x17fc FileInfo - ok
21:38:25.0680 0x17fc [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:38:25.0726 0x17fc Filetrace - ok
21:38:25.0758 0x17fc [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:38:25.0820 0x17fc flpydisk - ok
21:38:25.0882 0x17fc [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:38:25.0914 0x17fc FltMgr - ok
21:38:26.0007 0x17fc [ 456E786A157692A7463B3739C9ADBBF5, 9AB00B5A7CF8CCCF4332E1901286D8832508471809D8BCE45FD75CCFF9CEAD8E ] FontCache C:\Windows\system32\FntCache.dll
21:38:26.0116 0x17fc FontCache - ok
21:38:26.0210 0x17fc [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:38:26.0226 0x17fc FontCache3.0.0.0 - ok
21:38:26.0257 0x17fc [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:38:26.0304 0x17fc Fs_Rec - ok
21:38:26.0350 0x17fc [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:38:26.0366 0x17fc gagp30kx - ok
21:38:26.0397 0x17fc [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:38:26.0413 0x17fc GEARAspiWDM - ok
21:38:26.0491 0x17fc [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc C:\Windows\System32\gpsvc.dll
21:38:26.0584 0x17fc gpsvc - ok
21:38:26.0756 0x17fc [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate1ca4b172e6509a8 C:\Program Files\Google\Update\GoogleUpdate.exe
21:38:26.0772 0x17fc gupdate1ca4b172e6509a8 - ok
21:38:26.0834 0x17fc [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
21:38:26.0850 0x17fc gupdatem - ok
21:38:26.0896 0x17fc [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
21:38:26.0928 0x17fc gusvc - ok
21:38:26.0974 0x17fc [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:38:27.0068 0x17fc HdAudAddService - ok
21:38:27.0146 0x17fc [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:38:27.0224 0x17fc HDAudBus - ok
21:38:27.0255 0x17fc [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:38:27.0318 0x17fc HidBth - ok
21:38:27.0364 0x17fc [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr C:\Windows\system32\drivers\hidir.sys
21:38:27.0427 0x17fc HidIr - ok
21:38:27.0474 0x17fc [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv C:\Windows\system32\hidserv.dll
21:38:27.0520 0x17fc hidserv - ok
21:38:27.0552 0x17fc [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:38:27.0583 0x17fc HidUsb - ok
21:38:27.0614 0x17fc [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc C:\Windows\system32\kmsvc.dll
21:38:27.0676 0x17fc hkmsvc - ok
21:38:27.0708 0x17fc [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
21:38:27.0723 0x17fc HpCISSs - ok
21:38:27.0817 0x17fc [ 53229DCF431D76434816CD29251168A0, F27EF06B23F14C1D041275E8C1F9238151D81CFDBB6D58B2657BA3303CDEB7E1 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
21:38:27.0942 0x17fc HSF_DPV - ok
21:38:27.0988 0x17fc [ 31F949D452201F2F0AF0C88D7DB512CD, 26268129B7C6DF91F9C0FF115614308740D2921131662D8691F14F0573CBAD91 ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
21:38:28.0004 0x17fc HSXHWAZL - ok
21:38:28.0066 0x17fc [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:38:28.0129 0x17fc HTTP - ok
21:38:28.0160 0x17fc [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp C:\Windows\system32\drivers\i2omp.sys
21:38:28.0176 0x17fc i2omp - ok
21:38:28.0222 0x17fc [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:38:28.0254 0x17fc i8042prt - ok
21:38:28.0300 0x17fc [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
21:38:28.0316 0x17fc iaStorV - ok
21:38:28.0425 0x17fc [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
21:38:28.0472 0x17fc IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
21:38:29.0658 0x17fc Detect skipped due to KSN trusted
21:38:29.0658 0x17fc IDriverT - ok
21:38:29.0782 0x17fc [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:38:29.0845 0x17fc idsvc - ok
21:38:29.0970 0x17fc [ A4FBA5B34E69E46315A7C5223A470A17, 225ECC88DA6B76D69DDB4277A53FED7F41A13874A81112105A8A37B804FF06C0 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
21:38:30.0141 0x17fc igfx - ok
21:38:30.0188 0x17fc [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:38:30.0204 0x17fc iirsp - ok
21:38:30.0266 0x17fc [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT C:\Windows\System32\ikeext.dll
21:38:30.0328 0x17fc IKEEXT - ok
21:38:30.0484 0x17fc [ C61B3B87F3856CEF0C9F204028C6860D, 74E9FE064A89ECB63AD57115E473F36E15DA1961408BF9FF4777F9D7EA104A02 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
21:38:30.0594 0x17fc IntcAzAudAddService - ok
21:38:30.0656 0x17fc [ 97469037714070E45194ED318D636401, DDB5AE39BE0BD37ECB44969A5FA740E5B1169342347D0DB3E5DF0353A6708271 ] intelide C:\Windows\system32\drivers\intelide.sys
21:38:30.0672 0x17fc intelide - ok
21:38:30.0718 0x17fc [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:38:30.0796 0x17fc intelppm - ok
21:38:31.0062 0x17fc [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:38:31.0436 0x17fc IPBusEnum - ok
21:38:31.0670 0x17fc [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:38:32.0122 0x17fc IpFilterDriver - ok
21:38:32.0200 0x17fc [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:38:32.0294 0x17fc iphlpsvc - ok
21:38:32.0310 0x17fc IpInIp - ok
21:38:32.0356 0x17fc [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
21:38:32.0419 0x17fc IPMIDRV - ok
21:38:32.0466 0x17fc [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
21:38:32.0497 0x17fc IPNAT - ok
21:38:32.0575 0x17fc [ 35828479CCB4EE3CFD7523AF63443D5B, CA582DB092DC049597268B8245F2EEFF5DB807CBE2CFABEA04EA00DD5ED9A2B6 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:38:32.0622 0x17fc iPod Service - ok
21:38:32.0684 0x17fc [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:38:32.0731 0x17fc IRENUM - ok
21:38:32.0778 0x17fc [ 350FCA7E73CF65BCEF43FAE1E4E91293, 68403FE3F4DC40919CD26A2CC42BE4386AE6874F47DD382348FFD79080721A13 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:38:32.0778 0x17fc isapnp - ok
21:38:32.0856 0x17fc [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
21:38:32.0871 0x17fc iScsiPrt - ok
21:38:32.0902 0x17fc [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
21:38:32.0918 0x17fc iteatapi - ok
21:38:32.0965 0x17fc [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid C:\Windows\system32\drivers\iteraid.sys
21:38:32.0980 0x17fc iteraid - ok
21:38:33.0012 0x17fc [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:38:33.0027 0x17fc kbdclass - ok
21:38:33.0043 0x17fc [ D2600CB17B7408B4A83F231DC9A11AC3, C3025C2ED3541F58E8C1D792B0683949286BE583AB17B0C48F7362B4FA512BC0 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
21:38:33.0121 0x17fc kbdhid - ok
21:38:33.0152 0x17fc [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso C:\Windows\system32\lsass.exe
21:38:33.0214 0x17fc KeyIso - ok
21:38:33.0277 0x17fc [ E9648A2E6691B3BF0D17697640B8F7EB, 6832F086C3AD0BBB57A5D3B1B3DE8EAFB9F8E63906A70A77770B421670D61F8C ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:38:33.0308 0x17fc KSecDD - ok
21:38:33.0386 0x17fc [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm C:\Windows\system32\msdtckrm.dll
21:38:33.0464 0x17fc KtmRm - ok
21:38:33.0526 0x17fc [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer C:\Windows\system32\srvsvc.dll
21:38:33.0604 0x17fc LanmanServer - ok
21:38:33.0651 0x17fc [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:38:33.0714 0x17fc LanmanWorkstation - ok
21:38:33.0760 0x17fc [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:38:33.0807 0x17fc lltdio - ok
21:38:33.0870 0x17fc [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:38:33.0948 0x17fc lltdsvc - ok
21:38:33.0994 0x17fc [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:38:34.0072 0x17fc lmhosts - ok
21:38:34.0104 0x17fc [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:38:34.0119 0x17fc LSI_FC - ok
21:38:34.0150 0x17fc [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:38:34.0166 0x17fc LSI_SAS - ok
21:38:34.0182 0x17fc [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:38:34.0197 0x17fc LSI_SCSI - ok
21:38:34.0228 0x17fc [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv C:\Windows\system32\drivers\luafv.sys
21:38:34.0291 0x17fc luafv - ok
21:38:34.0353 0x17fc [ AF280405C10F0D20F37670B7432E5C2F, 89EDF1B686CA6FE2516A5771AD80D6E8A6B022BA3D31E7988C2D2078CE45BEBA ] lvpopflt C:\Windows\system32\DRIVERS\lvpopflt.sys
21:38:34.0384 0x17fc lvpopflt - ok
21:38:34.0416 0x17fc [ 8BE71D7EDB8C7494913722059F760DD0, BA02D1EC025BDA8ADAE34483AB6B422A75D0C11392761F83BCB0D0ADB5B1EAE2 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2Mon.sys
21:38:34.0416 0x17fc LVPr2Mon - ok
21:38:34.0509 0x17fc [ 2333057542C91AE8228BDCCC2E5F2632, 51324D2D468DCDEA039F848585F6C78F99801D2725F7ACED2466E2D20BF112CD ] LVPrcSrv C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
21:38:34.0525 0x17fc LVPrcSrv - ok
21:38:34.0556 0x17fc [ E52F5A2CADCF08D07F559962F807A0A2, 5AC12B9D43E593BD037DD4AB0414BC348762CEAEEB9031BF67F81A0E92AB6DC3 ] LVRS C:\Windows\system32\DRIVERS\lvrs.sys
21:38:34.0587 0x17fc LVRS - ok
21:38:35.0024 0x17fc [ C3D02260BEB2B48DEA1EFDFCA91E4B69, 7A0E53F217E1F57ED81845904886FDE500C09261BE352DC101CEF8B95A235D7D ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys
21:38:35.0991 0x17fc LVUVC - ok
21:38:36.0069 0x17fc [ B4CD87E78A01562E3DA67FE1C2779204, 536AC01C53A18E7B43F02F345FC3088C189A2D01F5E060714C0534FE7ECA2356 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:38:36.0085 0x17fc MBAMProtector - ok
21:38:36.0178 0x17fc [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
21:38:36.0256 0x17fc MBAMService - ok
21:38:36.0319 0x17fc [ EAFEB8DF3B5B2AD7848B4C367FDD6E05, 7444D9DB01D28100831CDE3208829784225A92C4CDF9ED594EA3DD8F5FEAEA98 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
21:38:36.0334 0x17fc MBAMWebAccessControl - ok
21:38:36.0381 0x17fc [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:38:36.0397 0x17fc Mcx2Svc - ok
21:38:36.0459 0x17fc [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
21:38:36.0490 0x17fc mdmxsdk - ok
21:38:36.0537 0x17fc [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas C:\Windows\system32\drivers\megasas.sys
21:38:36.0553 0x17fc megasas - ok
21:38:36.0584 0x17fc [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS C:\Windows\system32\mmcss.dll
21:38:36.0631 0x17fc MMCSS - ok
21:38:36.0662 0x17fc [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem C:\Windows\system32\drivers\modem.sys
21:38:36.0724 0x17fc Modem - ok
21:38:36.0787 0x17fc [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:38:36.0849 0x17fc monitor - ok
21:38:36.0896 0x17fc [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:38:36.0912 0x17fc mouclass - ok
21:38:36.0943 0x17fc [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:38:36.0990 0x17fc mouhid - ok
21:38:37.0021 0x17fc [ 3EAE06B0D9E32A3D45DC3E07F1FBFA97, 0C56D92C5131D60AF2FCCF071976F2932A2C544C5EC4C2A5476E99CDE17FF08C ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
21:38:37.0036 0x17fc MountMgr - ok
21:38:37.0130 0x17fc [ 81E8AF6407EC3F41908FE37F054353EA, 756C7656ED68AEAE4225E952ED1CED0717264D3378DB8DF0B2D70B6EBC67C62F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:38:37.0146 0x17fc MozillaMaintenance - ok
21:38:37.0177 0x17fc [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio C:\Windows\system32\drivers\mpio.sys
21:38:37.0192 0x17fc mpio - ok
21:38:37.0239 0x17fc [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:38:37.0302 0x17fc mpsdrv - ok
21:38:37.0364 0x17fc [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:38:37.0442 0x17fc MpsSvc - ok
21:38:37.0473 0x17fc [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
21:38:37.0473 0x17fc Mraid35x - ok
21:38:37.0520 0x17fc [ B0584CA7DEF55929FDB5169BD28B2484, AF6A7E404FEB29F7F3428D0AF6682195E5E8ED106996A04E6947DBD575696546 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:38:37.0551 0x17fc MRxDAV - ok
21:38:37.0598 0x17fc [ 1B864548B2ACEC1C0BB29B615CC42978, E1DA3E6764A2C7072D99F2F093E5F40DB6DC809701B59C155C6B4EE327AB9E41 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:38:37.0660 0x17fc mrxsmb - ok
21:38:37.0692 0x17fc [ 3F39B02EEDC5B8A0ED896EA1CDF7245F, 41C1DCD82F964A398B7C3D44178DBF7C8AF1C2DBC5F2D944BE6B00E909FE083B ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:38:37.0738 0x17fc mrxsmb10 - ok
21:38:37.0770 0x17fc [ D0670EC8E5AD3FA5BE372BF70AC0EABF, BD2D1BA151FD5409EAA41ECCBEB863FE52FF7C2D92349961FEE736D66970748E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:38:37.0816 0x17fc mrxsmb20 - ok
21:38:37.0863 0x17fc [ 742AED7939E734C36B7E8D6228CE26B7, 6F727144BBD42C9C5555087CA51DE8D501B5CBEFB9967866CC578733E3C5E681 ] msahci C:\Windows\system32\drivers\msahci.sys
21:38:37.0879 0x17fc msahci - ok
21:38:37.0941 0x17fc [ 8E46A7BAC823DD82D4FB2A34C3DF4C1D, FEA8FB1B8752660EC6174542B24D234A61EBFF8318A5855B3E5C91DB86856CAB ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe
21:38:37.0957 0x17fc MSCSPTISRV - detected UnsignedFile.Multi.Generic ( 1 )
21:38:39.0158 0x17fc Detect skipped due to KSN trusted
21:38:39.0158 0x17fc MSCSPTISRV - ok
21:38:39.0189 0x17fc [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:38:39.0205 0x17fc msdsm - ok
21:38:39.0252 0x17fc [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC C:\Windows\System32\msdtc.exe
21:38:39.0314 0x17fc MSDTC - ok
21:38:39.0376 0x17fc [ 343291A4DFD7C923C3F71F550830EC1C, E62DEEE0ECA76DD276FA27B02F91EA1A5314BDE1EA0F919FA89238A7662B8CA5 ] MSDV C:\Windows\system32\DRIVERS\msdv.sys
21:38:39.0423 0x17fc MSDV - ok
21:38:39.0470 0x17fc [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:38:39.0517 0x17fc Msfs - ok
21:38:39.0595 0x17fc [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:38:39.0610 0x17fc msisadrv - ok
21:38:39.0657 0x17fc [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:38:39.0688 0x17fc MSiSCSI - ok
21:38:39.0704 0x17fc msiserver - ok
21:38:39.0751 0x17fc [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:38:39.0798 0x17fc MSKSSRV - ok
21:38:39.0844 0x17fc [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:38:39.0891 0x17fc MSPCLOCK - ok
21:38:39.0922 0x17fc [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:38:39.0938 0x17fc MSPQM - ok
21:38:39.0985 0x17fc [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:38:40.0016 0x17fc MsRPC - ok
21:38:40.0063 0x17fc [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:38:40.0078 0x17fc mssmbios - ok
21:38:40.0125 0x17fc MSSQL$VAIO_VEDB - ok
21:38:40.0156 0x17fc [ ADAF062116B4E6D96E44D26486A87AF6, 1A2EE7C4598E8442F24A5C97FEBF7AC6A20703F7EA9097B6E48BE4A05E231D8C ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
21:38:40.0172 0x17fc MSSQLServerADHelper - ok
21:38:40.0203 0x17fc [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:38:40.0250 0x17fc MSTEE - ok
21:38:40.0297 0x17fc [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup C:\Windows\system32\Drivers\mup.sys
21:38:40.0312 0x17fc Mup - ok
21:38:40.0375 0x17fc [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent C:\Windows\system32\qagentRT.dll
21:38:40.0437 0x17fc napagent - ok
21:38:40.0515 0x17fc [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:38:40.0578 0x17fc NativeWifiP - ok
21:38:40.0640 0x17fc [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:38:40.0687 0x17fc NDIS - ok
21:38:40.0702 0x17fc [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:38:40.0749 0x17fc NdisTapi - ok
21:38:40.0796 0x17fc [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:38:40.0858 0x17fc Ndisuio - ok
21:38:40.0905 0x17fc [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:38:40.0952 0x17fc NdisWan - ok
21:38:41.0014 0x17fc [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:38:41.0061 0x17fc NDProxy - ok
21:38:41.0092 0x17fc [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:38:41.0139 0x17fc NetBIOS - ok
21:38:41.0186 0x17fc [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt C:\Windows\system32\DRIVERS\netbt.sys
21:38:41.0248 0x17fc netbt - ok
21:38:41.0280 0x17fc [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon C:\Windows\system32\lsass.exe
21:38:41.0295 0x17fc Netlogon - ok
21:38:41.0358 0x17fc [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman C:\Windows\System32\netman.dll
21:38:41.0436 0x17fc Netman - ok
21:38:41.0514 0x17fc [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm C:\Windows\System32\netprofm.dll
21:38:41.0623 0x17fc netprofm - ok
21:38:41.0670 0x17fc [ 53CB95A39E4ABBD421535CB38F4174DE, 70DF28B200E998D2FA59D2D8DDC71370F6CF50196EAC1ABEB0AAB74221A667D7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:38:41.0685 0x17fc NetTcpPortSharing - ok
21:38:41.0935 0x17fc [ ACC6170D80C69E50145B370023B64ED3, 62F04F8F601A0A227EC14577278BAEA579483181DDB7A8B0B351C8A5A9CCE5D4 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys
21:38:42.0106 0x17fc NETw3v32 - ok
21:38:42.0153 0x17fc [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:38:42.0169 0x17fc nfrd960 - ok
21:38:42.0216 0x17fc [ C96411DD46AABC0D6F3CF06D0E0E7E14, 0D36F322AF1B923D96735BFFCAC3FDB0B282E59220BADAB8B49AC178A6765380 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:38:42.0247 0x17fc NlaSvc - ok
21:38:42.0294 0x17fc [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:38:42.0325 0x17fc Npfs - ok
21:38:42.0356 0x17fc [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi C:\Windows\system32\nsisvc.dll
21:38:42.0403 0x17fc nsi - ok
21:38:42.0434 0x17fc [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:38:42.0481 0x17fc nsiproxy - ok
21:38:42.0574 0x17fc [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:38:42.0652 0x17fc Ntfs - ok
21:38:42.0699 0x17fc [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
21:38:42.0762 0x17fc ntrigdigi - ok
21:38:42.0808 0x17fc [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null C:\Windows\system32\drivers\Null.sys
21:38:42.0855 0x17fc Null - ok
21:38:42.0886 0x17fc [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:38:42.0902 0x17fc nvraid - ok
21:38:42.0933 0x17fc [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:38:42.0949 0x17fc nvstor - ok
21:38:42.0980 0x17fc [ 07C186427EB8FCC3D8D7927187F260F7, 9AFDE1CB7B7232BD019804BFC691580B9CC2E51A5BC0E5584B23907D532600D8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:38:42.0996 0x17fc nv_agp - ok
21:38:43.0011 0x17fc NwlnkFlt - ok
21:38:43.0011 0x17fc NwlnkFwd - ok
21:38:43.0074 0x17fc [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
21:38:43.0120 0x17fc ohci1394 - ok
21:38:43.0198 0x17fc [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:38:43.0214 0x17fc ose - ok
21:38:43.0308 0x17fc [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc C:\Windows\system32\p2psvc.dll
21:38:43.0401 0x17fc p2pimsvc - ok
21:38:43.0432 0x17fc [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc C:\Windows\system32\p2psvc.dll
21:38:43.0479 0x17fc p2psvc - ok
21:38:43.0542 0x17fc [ 753A8F339F231D2B857E2CCD51A6E6CA, 59510E69D623B9DA725A8097A44FD210FCF05BB3BA27D5296EA4610359DA0831 ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe
21:38:43.0604 0x17fc PACSPTISVR - detected UnsignedFile.Multi.Generic ( 1 )
21:38:44.0774 0x17fc Detect skipped due to KSN trusted
21:38:44.0774 0x17fc PACSPTISVR - ok
21:38:44.0821 0x17fc [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport C:\Windows\system32\drivers\parport.sys
21:38:44.0899 0x17fc Parport - ok
21:38:44.0946 0x17fc [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:38:44.0961 0x17fc partmgr - ok
21:38:44.0992 0x17fc [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
21:38:45.0070 0x17fc Parvdm - ok
21:38:45.0102 0x17fc [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc C:\Windows\System32\pcasvc.dll
21:38:45.0180 0x17fc PcaSvc - ok
21:38:45.0211 0x17fc [ FD2041E9BA03DB7764B2248F02475079, DECEED110524BF83B4097188BF24BF0DDE1CE838DF7748B0DC807ABE351EB20A ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
21:38:45.0258 0x17fc pccsmcfd - ok
21:38:45.0304 0x17fc [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci C:\Windows\system32\drivers\pci.sys
21:38:45.0336 0x17fc pci - ok
21:38:45.0351 0x17fc [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide C:\Windows\system32\DRIVERS\pciide.sys
21:38:45.0367 0x17fc pciide - ok
21:38:45.0414 0x17fc [ 3BB2244F343B610C29C98035504C9B75, DA61EC2600199DFA32020D0484E9BBF5E0742E7C8C952370BF6FAF91C914A999 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:38:45.0445 0x17fc pcmcia - ok
21:38:45.0523 0x17fc [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:38:45.0679 0x17fc PEAUTH - ok
21:38:45.0819 0x17fc [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla C:\Windows\system32\pla.dll
21:38:45.0975 0x17fc pla - ok
21:38:46.0038 0x17fc [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:38:46.0100 0x17fc PlugPlay - ok
21:38:46.0162 0x17fc [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
21:38:46.0240 0x17fc PNRPAutoReg - ok
21:38:46.0272 0x17fc [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc C:\Windows\system32\p2psvc.dll
21:38:46.0318 0x17fc PNRPsvc - ok
21:38:46.0365 0x17fc [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:38:46.0459 0x17fc PolicyAgent - ok
21:38:46.0521 0x17fc [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:38:46.0568 0x17fc PptpMiniport - ok
21:38:46.0630 0x17fc [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor C:\Windows\system32\drivers\processr.sys
21:38:46.0708 0x17fc Processor - ok
21:38:46.0755 0x17fc [ 0D5DAD610D7EA1627581ED06FB2BAA9A, 6E27CF3A1624AE10EECB8B5F38E03D76A6AABE4E75DD66DEDD67E0773935A396 ] ProfSvc C:\Windows\system32\profsvc.dll
21:38:46.0786 0x17fc ProfSvc - ok
21:38:46.0802 0x17fc [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
21:38:46.0833 0x17fc ProtectedStorage - ok
21:38:46.0864 0x17fc [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
21:38:46.0911 0x17fc PSched - ok
21:38:46.0989 0x17fc [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
21:38:47.0005 0x17fc PxHelp20 - ok
21:38:47.0067 0x17fc [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:38:47.0130 0x17fc ql2300 - ok
21:38:47.0176 0x17fc [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:38:47.0192 0x17fc ql40xx - ok
21:38:47.0254 0x17fc [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE C:\Windows\system32\qwave.dll
21:38:47.0286 0x17fc QWAVE - ok
21:38:47.0332 0x17fc [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:38:47.0364 0x17fc QWAVEdrv - ok
21:38:47.0410 0x17fc [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:38:47.0457 0x17fc RasAcd - ok
21:38:47.0504 0x17fc [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto C:\Windows\System32\rasauto.dll
21:38:47.0551 0x17fc RasAuto - ok
21:38:47.0598 0x17fc [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:38:47.0660 0x17fc Rasl2tp - ok
21:38:47.0722 0x17fc [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan C:\Windows\System32\rasmans.dll
21:38:47.0785 0x17fc RasMan - ok
21:38:47.0832 0x17fc [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:38:47.0878 0x17fc RasPppoe - ok
21:38:47.0925 0x17fc [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:38:47.0972 0x17fc RasSstp - ok
21:38:48.0034 0x17fc [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:38:48.0066 0x17fc rdbss - ok
21:38:48.0112 0x17fc [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:38:48.0159 0x17fc RDPCDD - ok
21:38:48.0253 0x17fc [ E8BD98D46F2ED77132BA927FCCB47D8B, 5187CF8F00AD67EDDF27DF675F3210C0D72E552578A89C58DF6953B1D5BEBCB8 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
21:38:48.0362 0x17fc rdpdr - ok
21:38:48.0378 0x17fc [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:38:48.0424 0x17fc RDPENCDD - ok
21:38:48.0487 0x17fc [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:38:48.0534 0x17fc RDPWD - ok
21:38:48.0596 0x17fc [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess C:\Windows\System32\mprdim.dll
21:38:48.0674 0x17fc RemoteAccess - ok
21:38:48.0721 0x17fc [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:38:48.0768 0x17fc RemoteRegistry - ok
21:38:48.0814 0x17fc [ 6482707F9F4DA0ECBAB43B2E0398A101, 7D57FC36577121D7E26A4F2D46DCA8725D55EC9F75B91DF994DB742BC4FB89C2 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
21:38:48.0861 0x17fc RFCOMM - ok
21:38:48.0908 0x17fc [ F17713D108ACA124A139FDE877EEF68A, AB254B8B4BDB10685280A8595CA69FEA2F1E68923E676C8CAF3F5468AE4C566E ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys
21:38:48.0939 0x17fc RimUsb - ok
21:38:48.0955 0x17fc [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator C:\Windows\system32\locator.exe
21:38:49.0033 0x17fc RpcLocator - ok
21:38:49.0126 0x17fc [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs C:\Windows\system32\rpcss.dll
21:38:49.0173 0x17fc RpcSs - ok
21:38:49.0204 0x17fc [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:38:49.0267 0x17fc rspndr - ok
21:38:49.0267 0x17fc [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs C:\Windows\system32\lsass.exe
21:38:49.0282 0x17fc SamSs - ok
21:38:49.0329 0x17fc [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:38:49.0345 0x17fc sbp2port - ok
21:38:49.0392 0x17fc [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:38:49.0454 0x17fc SCardSvr - ok
21:38:49.0532 0x17fc [ F79CC0F814748E15538BF4D808030739, 396E94A309AFB163791095A25950CB7D85EEC43B416E1E7F056F430E1B719F4D ] Schedule C:\Windows\system32\schedsvc.dll
21:38:49.0641 0x17fc Schedule - ok
21:38:49.0688 0x17fc [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc C:\Windows\System32\certprop.dll
21:38:49.0704 0x17fc SCPolicySvc - ok
21:38:49.0750 0x17fc [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:38:49.0828 0x17fc SDRSVC - ok
21:38:49.0860 0x17fc [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:38:49.0891 0x17fc secdrv - ok
21:38:49.0922 0x17fc [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon C:\Windows\system32\seclogon.dll
21:38:49.0953 0x17fc seclogon - ok
21:38:49.0969 0x17fc [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS C:\Windows\System32\sens.dll
21:38:50.0031 0x17fc SENS - ok
21:38:50.0047 0x17fc [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum C:\Windows\system32\drivers\serenum.sys
21:38:50.0094 0x17fc Serenum - ok
21:38:50.0125 0x17fc [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial C:\Windows\system32\drivers\serial.sys
21:38:50.0187 0x17fc Serial - ok
21:38:50.0203 0x17fc [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:38:50.0234 0x17fc sermouse - ok
21:38:50.0312 0x17fc [ 5BF59C6BC737BAAF541168E5CB2EC1D9, D792C95C54B9B7A5386EA75318DEF064000F3EDC48845D8EC152A4A6DB931734 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
21:38:50.0406 0x17fc ServiceLayer - detected UnsignedFile.Multi.Generic ( 1 )
21:38:51.0654 0x17fc Detect skipped due to KSN trusted
21:38:51.0654 0x17fc ServiceLayer - ok
21:38:51.0716 0x17fc [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll
21:38:51.0763 0x17fc SessionEnv - ok
21:38:51.0810 0x17fc [ 103B79418DA647736EE95645F305F68A, E4D356FD8C62B616D3584FE84905995A1CEE452288E3A456CC358FF41FEAB1B7 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:38:51.0872 0x17fc sffdisk - ok
21:38:51.0903 0x17fc [ 8FD08A310645FE872EEEC6E08C6BF3EE, 702A148C9DE172E7B5E331F057487255E0729FD42F949BB0FF2D5A01775933CF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:38:51.0981 0x17fc sffp_mmc - ok
21:38:52.0012 0x17fc [ 9CFA05FCFCB7124E69CFC812B72F9614, E9CFCE695E4D1AF146781CFAA295878536E573F06AEA65438878DE29EC9959AD ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:38:52.0075 0x17fc sffp_sd - ok
21:38:52.0090 0x17fc [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:38:52.0168 0x17fc sfloppy - ok
21:38:52.0215 0x17fc [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:38:52.0278 0x17fc SharedAccess - ok
21:38:52.0340 0x17fc [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:38:52.0371 0x17fc ShellHWDetection - ok
21:38:52.0418 0x17fc [ D2A595D6EEBEEAF4334F8E50EFBC9931, 851B8205C657BF806C4D815DC75356E99B4246016B6E1C1F51BAF8AD1E6D5299 ] sisagp C:\Windows\system32\drivers\sisagp.sys
21:38:52.0434 0x17fc sisagp - ok
21:38:52.0449 0x17fc [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
21:38:52.0465 0x17fc SiSRaid2 - ok
21:38:52.0496 0x17fc [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:38:52.0512 0x17fc SiSRaid4 - ok
21:38:52.0621 0x17fc [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
21:38:52.0636 0x17fc SkypeUpdate - ok
21:38:52.0870 0x17fc [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc C:\Windows\system32\SLsvc.exe
21:38:53.0182 0x17fc slsvc - ok
21:38:53.0245 0x17fc [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify C:\Windows\system32\SLUINotify.dll
21:38:53.0292 0x17fc SLUINotify - ok
21:38:53.0338 0x17fc [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:38:53.0370 0x17fc Smb - ok
21:38:53.0416 0x17fc [ DB31D8989B3450569C29780E7FA98C48, 018EFDF37E45163D2D6753B86AC7DB51F835E6A7CF58B2AAFEF559E873264065 ] SNC C:\Windows\system32\Drivers\SonyNC.sys
21:38:53.0448 0x17fc SNC - ok
21:38:53.0463 0x17fc [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:38:53.0479 0x17fc SNMPTRAP - ok
21:38:53.0541 0x17fc [ 86DA2BEFB800D726FEA98A539606553C, 62ABEAC563828302871AEB91E3C297EDC7A3CA9483A17E19B3BFE7A332A07557 ] SonicStage Back-End Service C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe
21:38:53.0557 0x17fc SonicStage Back-End Service - ok
21:38:53.0588 0x17fc [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys
21:38:53.0604 0x17fc spldr - ok
21:38:53.0650 0x17fc [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler C:\Windows\System32\spoolsv.exe
21:38:53.0682 0x17fc Spooler - ok
21:38:53.0728 0x17fc [ E3E6C96B0EF4492C3C8FD0DEEF4E35A1, BDCCF36D760B8B92BD8DF54C6F2992D66B76EBA1999623F60F0D68CD91D3CEE1 ] SPTISRV C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe
21:38:53.0744 0x17fc SPTISRV - detected UnsignedFile.Multi.Generic ( 1 )
21:38:55.0023 0x17fc Detect skipped due to KSN trusted
21:38:55.0023 0x17fc SPTISRV - ok
21:38:55.0086 0x17fc [ 5673E79BBB62A4C35B10D821FF1B4ACA, 26B809F1AC8B988E8DA86522A11DE03DF6FDBC09A09F3A359306DAAFBA4038FD ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
21:38:55.0117 0x17fc SQLBrowser - ok
21:38:55.0132 0x17fc [ 9263C8898732E2B890F7E954E7729AB7, DEBFD81E702893427972A6565A9AAA54A09B9F7F30CA9391011C6F7FB758A3F4 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
21:38:55.0148 0x17fc SQLWriter - ok
21:38:55.0210 0x17fc [ DC7E6FCD8C51AEF8FF3F2E23C786014A, 02852FC293359BA89155367FA7D3A69922EC2574E5B85C842517272768BE8808 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:38:55.0288 0x17fc srv - ok
21:38:55.0335 0x17fc [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:38:55.0382 0x17fc srv2 - ok
21:38:55.0413 0x17fc [ 8AE0783E3EDCED90D4B2961887056A2B, D24168259988576B13EB2A4B2C11622A736174DDF11F6718D9A0DC9837F50EA5 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:38:55.0460 0x17fc srvnet - ok
21:38:55.0507 0x17fc [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:38:55.0554 0x17fc SSDPSRV - ok
21:38:55.0585 0x17fc [ 6EB13F919D22D5056B4FB66AA3BB497A, B6FBF170873BCA1C4CC10D7AB6564CBE5EF2E62306758F8FE23CB8A66A839B7E ] SSScsiSV C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe
21:38:55.0600 0x17fc SSScsiSV - ok
21:38:55.0678 0x17fc [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:38:55.0725 0x17fc SstpSvc - ok
21:38:55.0788 0x17fc [ D2C02234E3E87EA5FE420F045068099B, A5BFB342FFF50E6EAF5586A72BCBE56E9DA4F7AE612EDE7D20D77DB59472D3FE ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
21:38:55.0803 0x17fc ssudmdm - ok
21:38:55.0897 0x17fc [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc C:\Windows\System32\wiaservc.dll
21:38:55.0944 0x17fc stisvc - ok
21:38:55.0959 0x17fc [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:38:55.0975 0x17fc swenum - ok
21:38:56.0037 0x17fc [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv C:\Windows\System32\swprv.dll
21:38:56.0084 0x17fc swprv - ok
21:38:56.0115 0x17fc [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
21:38:56.0131 0x17fc Symc8xx - ok
21:38:56.0162 0x17fc [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
21:38:56.0162 0x17fc Sym_hi - ok
21:38:56.0193 0x17fc [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
21:38:56.0209 0x17fc Sym_u3 - ok
21:38:56.0271 0x17fc [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain C:\Windows\system32\sysmain.dll
21:38:56.0334 0x17fc SysMain - ok
21:38:56.0365 0x17fc [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:38:56.0412 0x17fc TabletInputService - ok
21:38:56.0458 0x17fc [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:38:56.0521 0x17fc TapiSrv - ok
21:38:56.0583 0x17fc [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll
21:38:56.0614 0x17fc TBS - ok
21:38:56.0708 0x17fc [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:38:56.0770 0x17fc Tcpip - ok
21:38:56.0817 0x17fc [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
21:38:56.0880 0x17fc Tcpip6 - ok
21:38:56.0911 0x17fc [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:38:56.0973 0x17fc tcpipreg - ok
21:38:57.0004 0x17fc [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:38:57.0036 0x17fc TDPIPE - ok
21:38:57.0082 0x17fc [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:38:57.0160 0x17fc TDTCP - ok
21:38:57.0192 0x17fc [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:38:57.0238 0x17fc tdx - ok
21:38:57.0426 0x17fc [ 1A35E7079C650D9EB17B55E4FF4C0DCD, 4ADA2D82868CD55F602B32C619CCF5E813AC648F0EC7416E3AD9ECBDCBF3B833 ] TeamViewer5 C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
21:38:57.0550 0x17fc TeamViewer5 - ok
21:38:57.0628 0x17fc [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:38:57.0644 0x17fc TermDD - ok
21:38:57.0722 0x17fc [ DBD84E59D631569EC3E756EF144E8431, 9E58629EC762584A2D294A619593620626F7CBE467045AD0F920B6CF1D4B4724 ] TermService C:\Windows\System32\termsrv.dll
21:38:57.0816 0x17fc TermService - ok
21:38:57.0847 0x17fc [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes C:\Windows\system32\shsvcs.dll
21:38:57.0894 0x17fc Themes - ok
21:38:57.0909 0x17fc [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll
21:38:57.0940 0x17fc THREADORDER - ok
21:38:58.0018 0x17fc [ 909CD987B54A8179C9AEE874D754721A, E532791D8DC9B861E6486BC35C25F0263D2581F01181AE3964BC6A0503E678F8 ] ti21sony C:\Windows\system32\drivers\ti21sony.sys
21:38:58.0143 0x17fc ti21sony - ok
21:38:58.0206 0x17fc [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll
21:38:58.0268 0x17fc TrkWks - ok
21:38:58.0346 0x17fc [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:38:58.0393 0x17fc TrustedInstaller - ok
21:38:58.0440 0x17fc [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:38:58.0533 0x17fc tssecsrv - ok
21:38:58.0564 0x17fc [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
21:38:58.0580 0x17fc tunmp - ok
21:38:58.0627 0x17fc [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:38:58.0689 0x17fc tunnel - ok
21:38:58.0736 0x17fc [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:38:58.0767 0x17fc uagp35 - ok
21:38:58.0798 0x17fc [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:38:58.0845 0x17fc udfs - ok
21:38:58.0892 0x17fc [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:38:58.0954 0x17fc UI0Detect - ok
21:38:58.0970 0x17fc [ 75E6890EBFCE0841D3291B02E7A8BDB0, FDF9CDCCCCC0AA2A52623C5A67AC5F5224557EE4C8F6487CB13CAEB012575E2A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:38:58.0986 0x17fc uliagpkx - ok
21:38:59.0032 0x17fc [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci C:\Windows\system32\drivers\uliahci.sys
21:38:59.0064 0x17fc uliahci - ok
21:38:59.0095 0x17fc [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys
21:38:59.0110 0x17fc UlSata - ok
21:38:59.0142 0x17fc [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
21:38:59.0157 0x17fc ulsata2 - ok
21:38:59.0204 0x17fc [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:38:59.0266 0x17fc umbus - ok
21:38:59.0329 0x17fc [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll
21:38:59.0407 0x17fc upnphost - ok
21:38:59.0438 0x17fc upperdev - ok
21:38:59.0500 0x17fc [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
21:38:59.0563 0x17fc USBAAPL - ok
21:38:59.0625 0x17fc [ 1114579556DB85E9FAF9590DBC64CD62, 10479A3C12BBBB9B5759082358FE11AC20BAEFA6B4977C8AE6E60AA17BE6C7FA ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:38:59.0656 0x17fc usbaudio - ok
21:38:59.0719 0x17fc [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:38:59.0797 0x17fc usbccgp - ok
21:38:59.0859 0x17fc [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:38:59.0922 0x17fc usbcir - ok
21:38:59.0953 0x17fc [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:38:59.0968 0x17fc usbehci - ok
21:39:00.0000 0x17fc [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:39:00.0015 0x17fc usbhub - ok
21:39:00.0046 0x17fc [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:39:00.0109 0x17fc usbohci - ok
21:39:00.0218 0x17fc [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:39:00.0280 0x17fc usbprint - ok
21:39:00.0312 0x17fc [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:39:00.0358 0x17fc usbscan - ok
21:39:00.0390 0x17fc [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:39:00.0452 0x17fc USBSTOR - ok
21:39:00.0499 0x17fc [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
21:39:00.0546 0x17fc usbuhci - ok
21:39:00.0608 0x17fc [ E67998E8F14CB0627A769F6530BCB352, 60982F168E9BF13954328C728F55F4D3ADDC572CACB65289B0E895A63DAA08C1 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
21:39:00.0670 0x17fc usbvideo - ok
21:39:00.0733 0x17fc [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms C:\Windows\System32\uxsms.dll
21:39:00.0889 0x17fc UxSms - ok
21:39:00.0967 0x17fc [ 4E9C6BF8D0655BB7538088DC6F2306D9, 915029F7C1B5B03B9EB7A6AE0E052594809CABCCF20F998B9414604D09D2B8AF ] VAIO Entertainment TV Device Arbitration Service C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
21:39:01.0014 0x17fc VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic ( 1 )
21:39:02.0246 0x17fc Detect skipped due to KSN trusted
21:39:02.0246 0x17fc VAIO Entertainment TV Device Arbitration Service - ok
21:39:02.0355 0x17fc [ 8A9F18ADAD471402236CA931553BF79B, D6FBECC83C5A8052C3F65A6B43BC42466212D9BE3B704CC150A8BA49E37F0291 ] VAIO Event Service C:\Program Files\sony\VAIO Event Service\VESMgr.exe
21:39:02.0371 0x17fc VAIO Event Service - ok
21:39:03.0307 0x17fc [ 88DC6B884824A578B0E1E9C3790C105B, E269CD0ACA3DA6FC0E0913C1FB146EC89F58B86AC2B1AA1554599C532DD88655 ] VAIOMediaPlatform-IntegratedServer-AppServer C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe
21:39:03.0619 0x17fc VAIOMediaPlatform-IntegratedServer-AppServer - detected UnsignedFile.Multi.Generic ( 1 )
21:39:04.0976 0x17fc Detect skipped due to KSN trusted
21:39:04.0976 0x17fc VAIOMediaPlatform-IntegratedServer-AppServer - ok
21:39:05.0132 0x17fc [ 56E33AAA46CBA8431E72486196AFB3A1, 8AD1759AF582C3AF21855BEEA190FAAD297D98567130BD8FFDAF3C12168A41A7 ] VAIOMediaPlatform-IntegratedServer-HTTP C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
21:39:05.0210 0x17fc VAIOMediaPlatform-IntegratedServer-HTTP - detected UnsignedFile.Multi.Generic ( 1 )
21:39:06.0458 0x17fc Detect skipped due to KSN trusted
21:39:06.0458 0x17fc VAIOMediaPlatform-IntegratedServer-HTTP - ok
21:39:06.0895 0x17fc [ ADDF0E4E19BD2FF0A0B852D324FDC281, 848E81C9986B9FB52652EB073852412BE02A7A97CA2A062A8D0A959865869726 ] VAIOMediaPlatform-IntegratedServer-UPnP C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
21:39:07.0004 0x17fc VAIOMediaPlatform-IntegratedServer-UPnP - detected UnsignedFile.Multi.Generic ( 1 )
21:39:08.0158 0x17fc Detect skipped due to KSN trusted
21:39:08.0158 0x17fc VAIOMediaPlatform-IntegratedServer-UPnP - ok
21:39:08.0408 0x17fc [ 52D4F568FE7D05AE5026B8717EEB59EB, BF263043A756EFC4853C28A1F62FC56C43810A4734D16EBBCE6E9B71283CBE05 ] VAIOMediaPlatform-UCLS-AppServer C:\Program Files\sony\VAIO Media Integrated Server\UCLS.exe
21:39:08.0470 0x17fc VAIOMediaPlatform-UCLS-AppServer - detected UnsignedFile.Multi.Generic ( 1 )
21:39:09.0640 0x17fc Detect skipped due to KSN trusted
21:39:09.0640 0x17fc VAIOMediaPlatform-UCLS-AppServer - ok
21:39:09.0703 0x17fc [ 56E33AAA46CBA8431E72486196AFB3A1, 8AD1759AF582C3AF21855BEEA190FAAD297D98567130BD8FFDAF3C12168A41A7 ] VAIOMediaPlatform-UCLS-HTTP C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
21:39:09.0765 0x17fc VAIOMediaPlatform-UCLS-HTTP - detected UnsignedFile.Multi.Generic ( 1 )
21:39:09.0765 0x17fc Detect skipped due to KSN trusted
21:39:09.0765 0x17fc VAIOMediaPlatform-UCLS-HTTP - ok
21:39:10.0124 0x17fc [ ADDF0E4E19BD2FF0A0B852D324FDC281, 848E81C9986B9FB52652EB073852412BE02A7A97CA2A062A8D0A959865869726 ] VAIOMediaPlatform-UCLS-UPnP C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
21:39:10.0186 0x17fc VAIOMediaPlatform-UCLS-UPnP - detected UnsignedFile.Multi.Generic ( 1 )
21:39:10.0186 0x17fc Detect skipped due to KSN trusted
21:39:10.0186 0x17fc VAIOMediaPlatform-UCLS-UPnP - ok
21:39:10.0186 0x17fc Vcsw - ok
21:39:10.0280 0x17fc [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds C:\Windows\System32\vds.exe
21:39:10.0342 0x17fc vds - ok
21:39:10.0389 0x17fc [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:39:10.0436 0x17fc vga - ok
21:39:10.0545 0x17fc [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys
21:39:10.0639 0x17fc VgaSave - ok
21:39:10.0654 0x17fc [ 045D9961E591CF0674A920B6BA3BA5CB, EBF498A0424CEA0F7ECBAAE144A8669CE6B5DD67115DE22CEC5A46AED26CD90B ] viaagp C:\Windows\system32\drivers\viaagp.sys
21:39:10.0686 0x17fc viaagp - ok
21:39:10.0717 0x17fc [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7 C:\Windows\system32\drivers\viac7.sys
21:39:10.0795 0x17fc ViaC7 - ok
21:39:10.0826 0x17fc [ FD2E3175FCADA350C7AB4521DCA187EC, 1C914B184478611A27E0141F90EBC34FC63DFB2A83441DD36DFA43D945FB1C52 ] viaide C:\Windows\system32\drivers\viaide.sys
21:39:10.0857 0x17fc viaide - ok
21:39:10.0888 0x17fc [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:39:10.0904 0x17fc volmgr - ok
21:39:10.0998 0x17fc [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:39:11.0060 0x17fc volmgrx - ok
21:39:11.0122 0x17fc [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:39:11.0154 0x17fc volsnap - ok
21:39:11.0200 0x17fc [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:39:11.0294 0x17fc vsmraid - ok
21:39:11.0388 0x17fc [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS C:\Windows\system32\vssvc.exe
21:39:11.0544 0x17fc VSS - ok
21:39:11.0762 0x17fc [ AD137204D107A60D563030145C3BE695, 4470AD9D1D2B0302A2CAA56CD3847287D9CEC56D274405B4B8DF4448EFD45EB0 ] VUAgent C:\Program Files\sony\VAIO Update 5\VUAgent.exe
21:39:11.0840 0x17fc VUAgent - ok
21:39:11.0918 0x17fc [ 5FEB20D9ED9A2BD4F234222B0A3BB855, 8B1BD9F0FE5839F0F5E7E4ED418B79CF6305AF7BA0D4849330D0CD18156C8350 ] VzCdbSvc C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
21:39:11.0965 0x17fc VzCdbSvc - detected UnsignedFile.Multi.Generic ( 1 )
21:39:13.0260 0x17fc Detect skipped due to KSN trusted
21:39:13.0260 0x17fc VzCdbSvc - ok
21:39:13.0353 0x17fc [ 3757DFD3C07896EF660D4060366E7B4E, 0FCA391810B88D684CB9344883192AFB62CE5B9E6D37185FD8EB4DD4566CE6AB ] VzFw C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
21:39:13.0400 0x17fc VzFw - detected UnsignedFile.Multi.Generic ( 1 )
21:39:14.0601 0x17fc Detect skipped due to KSN trusted
21:39:14.0601 0x17fc VzFw - ok
21:39:14.0695 0x17fc [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time C:\Windows\system32\w32time.dll
21:39:14.0757 0x17fc W32Time - ok
21:39:14.0788 0x17fc [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:39:14.0866 0x17fc WacomPen - ok
21:39:14.0929 0x17fc [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
21:39:14.0960 0x17fc Wanarp - ok
21:39:14.0960 0x17fc [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:39:14.0991 0x17fc Wanarpv6 - ok
21:39:15.0085 0x17fc [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:39:15.0178 0x17fc wcncsvc - ok
21:39:15.0225 0x17fc [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:39:15.0256 0x17fc WcsPlugInService - ok
21:39:15.0303 0x17fc [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd C:\Windows\system32\drivers\wd.sys
21:39:15.0334 0x17fc Wd - ok
21:39:15.0412 0x17fc [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:39:15.0475 0x17fc Wdf01000 - ok
21:39:15.0537 0x17fc [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:39:15.0600 0x17fc WdiServiceHost - ok
21:39:15.0600 0x17fc [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:39:15.0646 0x17fc WdiSystemHost - ok
21:39:15.0693 0x17fc [ BB77BAA3E7FD8F1A5D092A96D37B5A2D, 880C37347091224DFB7C442252FE4A29FD7002DA6A8BA994B8CEAABC5E535593 ] WebClient C:\Windows\System32\webclnt.dll
21:39:15.0787 0x17fc WebClient - ok
21:39:15.0834 0x17fc [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:39:15.0927 0x17fc Wecsvc - ok
21:39:15.0974 0x17fc [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:39:16.0036 0x17fc wercplsupport - ok
21:39:16.0083 0x17fc [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc C:\Windows\System32\WerSvc.dll
21:39:16.0177 0x17fc WerSvc - ok
21:39:16.0255 0x17fc [ 6D2350BB6E77E800FC4BE4E5B7A2E89A, 5C70AA76991B85D4EA52C70A03C932B34B51133CC55B3F4CC25F4A7044574885 ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
21:39:16.0333 0x17fc winachsf - ok
21:39:16.0426 0x17fc [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
21:39:16.0458 0x17fc WinDefend - ok
21:39:16.0458 0x17fc WinHttpAutoProxySvc - ok
21:39:16.0614 0x17fc [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:39:16.0645 0x17fc Winmgmt - ok
21:39:16.0926 0x17fc [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll
21:39:17.0175 0x17fc WinRM - ok
21:39:17.0284 0x17fc [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:39:17.0472 0x17fc Wlansvc - ok
21:39:17.0503 0x17fc [ 701A9F884A294327E9141D73746EE279, C8A46B8C32F9EAC7848D385473F6B5C4B6DA719A941A75AD5F081757FC07A09D ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:39:17.0565 0x17fc WmiAcpi - ok
21:39:17.0612 0x17fc [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:39:17.0674 0x17fc wmiApSrv - ok
21:39:17.0955 0x17fc [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
21:39:18.0049 0x17fc WMPNetworkSvc - ok
21:39:18.0111 0x17fc [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:39:18.0189 0x17fc WPCSvc - ok
21:39:18.0220 0x17fc [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:39:18.0298 0x17fc WPDBusEnum - ok
21:39:18.0345 0x17fc [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
21:39:18.0361 0x17fc WpdUsb - ok
21:39:18.0938 0x17fc [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:39:19.0000 0x17fc WPFFontCache_v0400 - ok
21:39:19.0047 0x17fc [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:39:19.0078 0x17fc ws2ifsl - ok
21:39:19.0125 0x17fc [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc C:\Windows\System32\wscsvc.dll
21:39:19.0172 0x17fc wscsvc - ok
21:39:19.0219 0x17fc [ 4422AC5ED8D4C2F0DB63E71D4C069DD7, B010DCC7B802C26A701A7DE1CA1B21D6B43D99FE88524D015C9228376B0BDA6E ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
21:39:19.0266 0x17fc WSDPrintDevice - ok
21:39:19.0344 0x17fc [ 65D1FF8AAFF4A7D8F787A290E5087816, 9681C1B3B683E7F9531CD223C4C09877C829EFF3C707DD826752A815C1CF8982 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
21:39:19.0406 0x17fc WSDScan - ok
21:39:19.0422 0x17fc WSearch - ok
21:39:19.0827 0x17fc [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
21:39:19.0999 0x17fc wuauserv - ok
21:39:20.0061 0x17fc [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:39:20.0124 0x17fc WudfPf - ok
21:39:20.0155 0x17fc [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:39:20.0170 0x17fc WUDFRd - ok
21:39:20.0217 0x17fc [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:39:20.0280 0x17fc wudfsvc - ok
21:39:20.0342 0x17fc [ 5A7FF9A18FF6D7E0527FE3ABF9204EF8, 3660379AADB6DB56E54D9C680929CD3882CDE4E6A8BB888FC892110D6B50C627 ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
21:39:20.0389 0x17fc XAudio - ok
21:39:20.0498 0x17fc [ 28DC5D626E036A75A572556F0A6EB1F6, 9AE635C08B87AD85A552ADE0AF8BA10DC258E0DEFE133A2A74EFCD43B7A38A98 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
21:39:20.0545 0x17fc XAudioService - ok
21:39:20.0623 0x17fc [ 69222091B6285906AFF82E43681CF826, 7D3BED1B60D606B76688B5F8779A72FB4BB5735F59B48B9F69E8C2F73C1C6972 ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
21:39:20.0701 0x17fc yukonwlh - ok
21:39:20.0716 0x17fc ================ Scan global ===============================
21:39:20.0763 0x17fc [ 2F2DFC846D75D680B9018823A8B5EF07, DBC823CF0C659B6D7482CB080CD042EC6BBAEDB6297DB712CADA1BCEAA8A95C8 ] C:\Windows\system32\basesrv.dll
21:39:20.0826 0x17fc [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
21:39:20.0857 0x17fc [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
21:39:20.0919 0x17fc [ 4F0A7910FC7D8A66433FA9961EEF8BB5, 2086EDEE8CF9CC9BDBDC03018F7C28BB56172F941CB4D6F3D857BCF82B32FB6B ] C:\Windows\system32\services.exe
21:39:20.0935 0x17fc [ Global ] - ok
21:39:20.0935 0x17fc ================ Scan MBR ==================================
21:39:20.0950 0x17fc [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
21:39:23.0836 0x17fc \Device\Harddisk0\DR0 - ok
21:39:23.0836 0x17fc ================ Scan VBR ==================================
21:39:23.0868 0x17fc [ 5F8B4F85C13045F128381E3F9B57882E ] \Device\Harddisk0\DR0\Partition1
21:39:23.0930 0x17fc \Device\Harddisk0\DR0\Partition1 - ok
21:39:23.0930 0x17fc ================ Scan generic autorun ======================
21:39:24.0148 0x17fc [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
21:39:24.0195 0x17fc Windows Defender - ok
21:39:24.0273 0x17fc [ 80762E7117CC630C1023A51823A5A43E, E03143C912ECB2D37959FD4F392306180CE74CC237B31164E54BA9F3EAE7EBC1 ] C:\Windows\system32\igfxtray.exe
21:39:24.0304 0x17fc IgfxTray - ok
21:39:24.0351 0x17fc [ 618442297DD5E593136826C499CD128F, 800FA80CADC8E14E96142F73AC0215DBCAFCE035E389A987F2546E2F2C7623DC ] C:\Windows\system32\hkcmd.exe
21:39:24.0382 0x17fc HotKeysCmds - ok
21:39:24.0398 0x17fc [ 312A2A79186803DF500566D825918DB0, E32957DD4CD20A55A196C72B4E0DADD86227C9D5454A65CBE7C5D80C935B6566 ] C:\Windows\system32\igfxpers.exe
21:39:24.0445 0x17fc Persistence - ok
21:39:25.0428 0x17fc [ A086B1BDCCA45A5D346187B14BE3D7BC, 0E359CF6A02107F5603FCD8EFB94946839B8D662E7E68DBCB30C6ED194706E01 ] C:\Windows\RtHDVCpl.exe
21:39:25.0896 0x17fc RtHDVCpl - ok
21:39:26.0005 0x17fc [ A50BB4FFB1498327FACC0E844039BDF2, 155EC714B7FDCFE113328997EC1E72B748BBEFFD00DC2178DF1B100CF43CB628 ] C:\Program Files\Apoint\Apoint.exe
21:39:26.0020 0x17fc Apoint - ok
21:39:26.0098 0x17fc [ 322CF4872B86852FB584AA37250AC619, 7C6576904A62E2187E9951B08F554D26597ADEC8BC484ABA70057F16D8DD69F2 ] C:\Program Files\FreePDF_XP\fpassist.exe
21:39:26.0114 0x17fc FreePDF Assistant - detected UnsignedFile.Multi.Generic ( 1 )
21:39:27.0284 0x17fc Detect skipped due to KSN trusted
21:39:27.0284 0x17fc FreePDF Assistant - ok
21:39:27.0424 0x17fc [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
21:39:27.0565 0x17fc Sidebar - ok
21:39:27.0580 0x17fc WindowsWelcomeCenter - ok
21:39:27.0627 0x17fc [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
21:39:27.0705 0x17fc Sidebar - ok
21:39:27.0705 0x17fc WindowsWelcomeCenter - ok
21:39:27.0783 0x17fc [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehTray.exe
21:39:27.0799 0x17fc ehTray.exe - ok
21:39:27.0846 0x17fc [ E616A6A6E91B0A86F2F6217CDE835FFE, 411671C4B2BB4DB3F02A21C199A5479F31394165704736A549B53245B94577F7 ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
21:39:27.0861 0x17fc swg - ok
21:39:28.0002 0x17fc [ 9EB925EDC8CF1C3D06E50E9348B54A0A, 99C1F8D40A65E1F4975B0D1180B3056712832E0E8FBE829785FDD505B6222AEA ] C:\Users\Tobias\AppData\Local\Facebook\Update\FacebookUpdate.exe
21:39:28.0017 0x17fc Facebook Update - ok
21:39:28.0220 0x17fc [ 36C632A8B799F8D1287B258B497F4795, 801A1B95863FAD10CD93B98C04EC756B9BDD6625A49B8D984767547EB8215B17 ] C:\Users\Tobias\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
21:39:28.0329 0x17fc Spotify Web Helper - ok
21:39:29.0062 0x17fc [ 97D2F09CA286D6223D4DFED75A7F9884, 4681BB3967AA27AC9C87264AABD97C1C06D681433DDCA19B6E6A313E1547BD7A ] C:\Users\Tobias\AppData\Roaming\Spotify\Spotify.exe
21:39:29.0577 0x17fc Spotify - ok
21:39:29.0671 0x17fc [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehtray.exe
21:39:29.0702 0x17fc Application Restart #0 - ok
21:39:29.0827 0x17fc [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
21:39:29.0889 0x17fc Application Restart #1 - ok
21:39:29.0998 0x17fc [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
21:39:30.0108 0x17fc Sidebar - ok
21:39:30.0139 0x17fc [ E616A6A6E91B0A86F2F6217CDE835FFE, 411671C4B2BB4DB3F02A21C199A5479F31394165704736A549B53245B94577F7 ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
21:39:30.0139 0x17fc swg - ok
21:39:30.0217 0x17fc [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
21:39:30.0342 0x17fc Sidebar - ok
21:39:30.0357 0x17fc WindowsWelcomeCenter - ok
21:39:30.0357 0x17fc [ E616A6A6E91B0A86F2F6217CDE835FFE, 411671C4B2BB4DB3F02A21C199A5479F31394165704736A549B53245B94577F7 ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
21:39:30.0373 0x17fc swg - ok
21:39:30.0435 0x17fc [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
21:39:30.0544 0x17fc Sidebar - ok
21:39:30.0544 0x17fc [ E616A6A6E91B0A86F2F6217CDE835FFE, 411671C4B2BB4DB3F02A21C199A5479F31394165704736A549B53245B94577F7 ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
21:39:30.0560 0x17fc swg - ok
21:39:30.0950 0x17fc [ 76BEBE0FDE1DDDB9B70BEF85B40DDE70, 977228BD8634A8DDFC476C21859E56935325EA8C1CD1CB27445B13FF00E2F7D1 ] C:\Users\Gast\AppData\Roaming\Spotify\Spotify.exe
21:39:31.0527 0x17fc Spotify - ok
21:39:31.0668 0x17fc [ F10ADB851EF1BD5144FE6D1691CD7576, C35431A6D0A95722002A601BB076B8294603C17A8F4544856C2E2F75C5D42F3D ] C:\Users\Gast\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
21:39:31.0746 0x17fc Spotify Web Helper - ok
21:39:31.0746 0x17fc Waiting for KSN requests completion. In queue: 60
21:39:32.0760 0x17fc Waiting for KSN requests completion. In queue: 60
21:39:34.0413 0x17fc Win FW state via NFP2: enabled ( trusted )
21:39:35.0536 0x17fc ============================================================
21:39:35.0536 0x17fc Scan finished
21:39:35.0536 0x17fc ============================================================
21:39:35.0536 0x00ac Detected object count: 0
21:39:35.0536 0x00ac Actual detected object count: 0
|
|
07.10.2015, 18:01
| #8 |
| /// the machine /// TB-Ausbilder | Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.10.2015, 19:55
| #9 |
| | Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-ScanCode:
ATTFilter ComboFix 15-10-06.01 - Tobias_2 07.10.2015 20:18:13.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.1013.196 [GMT 2:00]
ausgeführt von:: c:\users\Tobias_2\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\CddbCdda.dll
c:\windows\system32\drivers\etc\hosts.ics
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-09-07 bis 2015-10-07 ))))))))))))))))))))))))))))))
.
.
2015-10-07 18:35 . 2015-10-07 18:35 -------- d-----w- c:\users\Tobias\AppData\Local\temp
2015-10-07 18:35 . 2015-10-07 18:35 -------- d-----w- c:\users\Gast\AppData\Local\temp
2015-10-07 18:35 . 2015-10-07 18:35 -------- d-----w- c:\users\Maike\AppData\Local\temp
2015-10-06 17:06 . 2015-10-06 18:42 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-10-06 16:39 . 2015-08-31 23:05 8884144 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4FB3D25C-E3C2-48D7-8A84-172821434299}\mpengine.dll
2015-10-04 08:13 . 2015-10-05 17:59 -------- d-----w- C:\FRST
2015-10-03 17:16 . 2015-10-03 17:16 -------- d-----w- c:\program files\ESET
2015-10-03 16:20 . 2015-10-06 17:06 170200 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-10-03 16:19 . 2015-10-06 17:05 94936 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-10-03 16:19 . 2015-10-03 16:19 -------- d-----w- c:\program files\ Malwarebytes Anti-Malware
2015-10-03 16:19 . 2015-10-03 16:19 -------- d-----w- c:\programdata\Malwarebytes
2015-10-03 16:19 . 2015-06-18 06:41 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-10-03 16:19 . 2015-06-18 06:41 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-10-03 12:53 . 2015-01-29 01:35 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2015-10-03 12:52 . 2015-08-13 14:15 304640 ----a-w- c:\windows\system32\drivers\srv.sys
2015-10-03 12:52 . 2015-08-13 14:15 102912 ----a-w- c:\windows\system32\drivers\srvnet.sys
2015-10-03 12:51 . 2015-01-29 01:35 975360 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-10-03 12:50 . 2015-07-21 20:55 1206192 ----a-w- c:\windows\system32\ntdll.dll
2015-10-03 12:50 . 2015-07-21 16:07 56256 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-10-03 12:50 . 2015-07-21 16:07 140224 ----a-w- c:\windows\system32\drivers\ecache.sys
2015-10-03 12:50 . 2015-07-21 16:03 10752 ----a-w- c:\windows\system32\msmmsp.dll
2015-10-03 12:50 . 2015-07-21 16:03 49664 ----a-w- c:\windows\system32\csrsrv.dll
2015-10-03 12:50 . 2015-07-21 16:07 3605440 ----a-w- c:\windows\system32\ntkrnlpa.exe
2015-10-03 12:50 . 2015-07-21 16:03 564224 ----a-w- c:\windows\system32\emdmgmt.dll
2015-10-03 12:50 . 2015-07-21 16:07 3553216 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-10-03 12:49 . 2015-07-03 16:04 1316864 ----a-w- c:\windows\system32\ole32.dll
2015-10-03 12:48 . 2015-09-02 21:26 1402368 ----a-w- c:\windows\system32\msxml6.dll
2015-10-03 12:48 . 2015-09-02 21:26 1253376 ----a-w- c:\windows\system32\msxml3.dll
2015-10-03 12:46 . 2014-06-26 22:17 99480 ----a-w- c:\windows\system32\infocardapi.dll
2015-10-03 12:46 . 2014-06-26 22:17 619664 ----a-w- c:\windows\system32\icardagt.exe
2015-10-03 12:46 . 2014-06-26 22:17 8856 ----a-w- c:\windows\system32\icardres.dll
2015-10-03 12:45 . 2014-06-06 04:28 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2015-10-03 12:44 . 2015-07-31 19:27 103120 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-03 12:43 . 2014-06-15 22:18 1131664 ----a-w- c:\windows\system32\dfshim.dll
2015-10-03 12:43 . 2014-06-13 18:22 81560 ----a-w- c:\windows\system32\mscories.dll
2015-10-03 12:43 . 2014-06-13 18:22 156824 ----a-w- c:\windows\system32\mscorier.dll
2015-10-03 12:42 . 2014-06-02 10:30 33280 ----a-w- c:\windows\system32\appinfo.dll
2015-10-03 12:42 . 2014-06-02 08:56 82432 ----a-w- c:\windows\system32\consent.exe
2015-10-03 12:42 . 2015-06-17 16:50 2264576 ----a-w- c:\windows\system32\msi.dll
2015-10-03 12:42 . 2015-06-17 15:09 73216 ----a-w- c:\windows\system32\msiexec.exe
2015-10-03 12:42 . 2014-06-02 10:31 332800 ----a-w- c:\windows\system32\msihnd.dll
2015-10-03 12:42 . 2014-06-02 10:30 1993728 ----a-w- c:\windows\system32\authui.dll
2015-10-03 12:41 . 2014-10-10 01:00 146432 ----a-w- c:\windows\system32\msaudite.dll
2015-10-03 12:41 . 2014-10-09 23:22 619520 ----a-w- c:\windows\system32\adtschema.dll
2015-10-03 12:41 . 2014-10-10 01:01 449536 ----a-w- c:\windows\system32\termsrv.dll
2015-10-03 12:40 . 2014-12-19 00:25 115200 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2015-10-03 12:39 . 2015-06-12 16:01 298496 ----a-w- c:\windows\system32\gdi32.dll
2015-10-03 12:38 . 2015-04-24 15:54 532480 ----a-w- c:\windows\system32\comctl32.dll
2015-10-03 12:37 . 2015-07-10 19:37 2067968 ----a-w- c:\windows\system32\mstscax.dll
2015-10-03 12:27 . 2015-03-05 02:32 244152 ----a-w- c:\windows\system32\clfs.sys
2015-10-03 12:27 . 2015-03-05 02:23 57344 ----a-w- c:\windows\system32\clfsw32.dll
2015-10-03 12:26 . 2014-10-24 01:04 67072 ----a-w- c:\windows\system32\packager.dll
2015-10-03 12:23 . 2014-11-26 02:05 564224 ----a-w- c:\windows\system32\oleaut32.dll
2015-10-03 12:22 . 2015-07-18 16:03 68608 ----a-w- c:\windows\system32\basesrv.dll
2015-10-03 12:22 . 2015-01-09 00:18 64000 ----a-w- c:\windows\system32\smss.exe
2015-10-03 12:21 . 2015-01-21 02:02 807936 ----a-w- c:\windows\system32\msctf.dll
2015-10-03 12:21 . 2014-08-12 02:25 729600 ----a-w- c:\windows\system32\IMJP10K.DLL
2015-10-03 12:19 . 2015-07-10 14:21 2048 ----a-w- c:\windows\system32\tzres.dll
2015-10-03 12:18 . 2015-08-05 15:59 1220608 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2015-10-03 12:18 . 2015-08-05 15:58 985600 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2015-10-03 12:18 . 2015-08-05 15:58 967680 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2015-10-03 12:18 . 2015-08-05 15:58 940032 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2015-10-03 12:18 . 2015-08-05 14:24 1850880 ----a-w- c:\program files\Windows Journal\Journal.exe
2015-10-03 12:18 . 2015-09-02 21:26 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-10-03 12:18 . 2015-09-02 19:55 2067456 ----a-w- c:\windows\system32\win32k.sys
2015-10-03 12:18 . 2015-09-02 19:54 297472 ----a-w- c:\windows\system32\atmfd.dll
2015-10-03 12:15 . 2015-08-05 15:59 602112 ----a-w- c:\windows\system32\schedsvc.dll
2015-10-03 12:14 . 2014-10-03 01:18 274432 ----a-w- c:\windows\system32\AUDIOKSE.dll
2015-10-03 12:14 . 2014-10-03 01:17 170496 ----a-w- c:\windows\system32\EncDump.dll
2015-10-03 12:14 . 2014-10-03 01:17 396800 ----a-w- c:\windows\system32\AudioEng.dll
2015-10-03 12:14 . 2014-10-03 01:17 316928 ----a-w- c:\windows\system32\audiosrv.dll
2015-10-03 12:14 . 2014-12-06 03:14 48640 ----a-w- c:\windows\system32\nlaapi.dll
2015-10-03 12:14 . 2014-12-06 03:14 174080 ----a-w- c:\windows\system32\nlasvc.dll
2015-10-03 12:14 . 2014-12-06 03:14 93184 ----a-w- c:\windows\system32\ncsi.dll
2015-10-03 12:13 . 2014-08-27 00:55 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-10-03 12:12 . 2015-05-31 08:11 225792 ----a-w- c:\windows\system32\cewmdm.dll
2015-10-03 11:51 . 2015-04-10 23:22 279552 ----a-w- c:\windows\system32\services.exe
2015-10-03 11:51 . 2015-07-31 21:46 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2015-10-03 11:51 . 2015-07-31 21:46 189952 ----a-w- c:\windows\system32\d3d10core.dll
2015-10-03 11:51 . 2015-07-31 21:46 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2015-10-03 11:51 . 2015-07-31 20:40 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2015-10-03 11:51 . 2015-07-31 21:46 1029120 ----a-w- c:\windows\system32\d3d10.dll
2015-10-03 11:51 . 2015-07-31 20:41 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2015-10-03 11:51 . 2015-07-31 20:35 682496 ----a-w- c:\windows\system32\d2d1.dll
2015-10-03 11:51 . 2015-07-31 20:33 1072640 ----a-w- c:\windows\system32\DWrite.dll
2015-10-03 11:51 . 2015-07-31 20:33 802304 ----a-w- c:\windows\system32\FntCache.dll
2015-10-03 11:49 . 2015-06-27 16:02 218112 ----a-w- c:\windows\system32\msv1_0.dll
2015-10-03 11:49 . 2015-06-27 14:21 217088 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2015-10-03 11:49 . 2015-06-27 14:21 81408 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2015-10-03 11:49 . 2015-01-09 00:17 107008 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2015-10-03 11:49 . 2015-06-27 16:03 783872 ----a-w- c:\windows\system32\rpcrt4.dll
2015-10-03 11:49 . 2015-06-27 16:02 501248 ----a-w- c:\windows\system32\kerberos.dll
2015-10-03 11:49 . 2015-06-27 16:01 801280 ----a-w- c:\windows\system32\advapi32.dll
2015-10-03 11:49 . 2015-06-12 13:13 440768 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-10-03 11:49 . 2015-04-30 16:03 279040 ----a-w- c:\windows\system32\schannel.dll
2015-10-03 11:49 . 2014-10-10 01:00 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2015-10-03 11:49 . 2014-09-04 23:27 143360 ----a-w- c:\windows\system32\drivers\fastfat.sys
2015-10-03 11:48 . 2014-12-08 01:59 306176 ----a-w- c:\windows\system32\scesrv.dll
2015-10-03 11:48 . 2015-07-01 15:57 199680 ----a-w- c:\windows\system32\WebClnt.dll
2015-10-03 11:47 . 2015-07-09 14:25 151040 ----a-w- c:\windows\system32\notepad.exe
2015-10-03 11:47 . 2015-07-09 14:25 151040 ----a-w- c:\windows\notepad.exe
2015-10-03 11:47 . 2015-05-04 22:50 7680 ----a-w- c:\windows\system32\spwmp.dll
2015-10-03 11:46 . 2015-05-04 22:50 4096 ----a-w- c:\windows\system32\msdxm.ocx
2015-10-03 11:46 . 2015-05-04 22:50 4096 ----a-w- c:\windows\system32\dxmasf.dll
2015-10-03 11:46 . 2015-05-04 21:21 107520 ----a-w- c:\program files\Windows Media Player\wmpconfig.exe
2015-10-03 11:46 . 2015-05-04 21:21 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2015-10-03 11:46 . 2015-05-04 21:21 107520 ----a-w- c:\program files\Windows Media Player\wmpshare.exe
2015-10-03 11:46 . 2015-05-04 21:21 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2015-10-03 11:45 . 2014-12-06 03:14 153600 ----a-w- c:\windows\system32\profsvc.dll
2015-10-03 11:44 . 2014-06-06 08:59 506880 ----a-w- c:\windows\system32\qedit.dll
2015-10-03 11:43 . 2014-05-30 06:53 273408 ----a-w- c:\windows\system32\drivers\afd.sys
2015-10-03 11:42 . 2014-04-05 02:42 905664 ----a-w- c:\windows\system32\drivers\tcpip.sys
2015-10-03 11:42 . 2014-04-26 16:01 502784 ----a-w- c:\windows\system32\usp10.dll
2015-10-03 11:42 . 2014-06-14 00:44 638400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2015-10-03 11:42 . 2014-06-14 00:33 37376 ----a-w- c:\windows\system32\cdd.dll
2015-10-03 11:42 . 2014-06-07 02:08 1305088 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
2015-10-03 11:42 . 2014-06-07 02:08 149504 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tabskb.dll
2015-10-03 11:42 . 2014-06-07 02:08 114688 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TipBand.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-09-21 19:04 . 2013-03-23 10:15 780488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-09-21 19:04 . 2011-10-16 00:25 142536 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{6BF739DD-3323-4C6A-975B-C7E00A50B154}]
2015-01-23 05:05 3491192 ----a-w- c:\program files\Ghostery\bin\ghostery.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ffeOverlayIconNeg]
@="{0B8B6796-B56B-45D4-A016-09846E00FEA1}"
[HKEY_CLASSES_ROOT\CLSID\{0B8B6796-B56B-45D4-A016-09846E00FEA1}]
2008-11-26 10:37 98304 ----a-w- c:\program files\apsec\fideAS file enterprise\Private Edtion\ffeOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ffeOverlayIconPos]
@="{0B8B6796-B56B-45D4-A016-09846E00FEA0}"
[HKEY_CLASSES_ROOT\CLSID\{0B8B6796-B56B-45D4-A016-09846E00FEA0}]
2008-11-26 10:37 98304 ----a-w- c:\program files\apsec\fideAS file enterprise\Private Edtion\ffeOverlay.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-07 68856]
"GoogleChromeAutoLaunch_08DA38D71141E6A5E0731FEFBF7BF14E"="c:\program files\Google\Chrome\Application\chrome.exe" [2015-09-24 815944]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-01-24 98304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-01-24 106496]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-01-24 81920]
"RtHDVCpl"="RtHDVCpl.exe" [2007-02-06 4317184]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2007-01-12 118784]
"FreePDF Assistant"="c:\program files\FreePDF_XP\fpassist.exe" [2007-06-26 312320]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-07-31 43816]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2014-08-01 152392]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-02-13 14:19 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"NokiaOviSuite2"=c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
S2 AAV UpdateService;AAV UpdateService;c:\program files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [2008-10-24 128296]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-09-29 16:53 997704 ----a-w- c:\program files\Google\Chrome\Application\45.0.2454.101\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-10-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-23 19:05]
.
2015-10-06 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003Core.job
- c:\users\Tobias\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-29 16:55]
.
2015-10-06 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003UA.job
- c:\users\Tobias\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-29 16:55]
.
2015-10-05 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-26 20:45]
.
2015-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-12 19:23]
.
2015-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-12 19:23]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.club-vaio.com
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.192.1
DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} - hxxp://static.ak.studivz.net/photouploader/ImageUploader5.cab?nocache=20080115-1
FF - ProfilePath - c:\users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - ExtSQL: !HIDDEN! 2009-10-30 20:19; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-{65B41DCE-101B-4A4A-A53F-374ABB560841} - c:\program files\Ecocho Toolbar\ecocho-asia.dll
WebBrowser-{65B41DCE-101B-4A4A-A53F-374ABB560841} - c:\program files\Ecocho Toolbar\ecocho-asia.dll
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2015-10-07 20:36
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2015-10-07 20:41:26
ComboFix-quarantined-files.txt 2015-10-07 18:41
.
Vor Suchlauf: 2.652.606.464 Bytes frei
Nach Suchlauf: 5.391.511.552 Bytes frei
.
- - End Of File - - B6A71D3B9480A1AD9F3EC5CF99BF3760
5C616939100B85E558DA92B899A0FC36
|
|
08.10.2015, 19:14
| #10 |
| /// the machine /// TB-Ausbilder | Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.10.2015, 22:23
| #11 |
| | Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-ScanCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 08.10.2015 Suchlaufzeit: 20:39:49 Protokolldatei: mbamlog.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.10.08.04 Rootkit-Datenbank: v2015.10.06.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows Vista Service Pack 2 CPU: x86 Dateisystem: NTFS Benutzer: Tobias_2 Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 502938 Abgelaufene Zeit: 36 Min., 52 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v5.012 - Bericht erstellt am 08/10/2015 um 21:38:27
# Aktualisiert am 08/10/2015 von Xplode
# Datenbank : 2015-10-07.1 [Server]
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Benutzername : Tobias_2 - TOBI-PC
# Gestartet von : C:\Users\Tobias_2\Desktop\adwcleaner_5.012.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{77DC3A00-0413-4A93-B21A-6E7C3B3A132A}
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\Ask.com
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AppDataLow\Software\AskToolbar
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PokerStars.net
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PokerStars.net
[!] Schlüssel Nicht Gelöscht : HKU\.DEFAULT\Software\AppDataLow\Software\AskToolbar
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-18\Software\AppDataLow\Software\AskToolbar
***** [ Internetbrowser ] *****
[-] [C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : de.ask.com
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1712 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Tobias_2 on 08.10.2015 at 21:46:47,31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_08DA38D71141E6A5E0731FEFBF7BF14E
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Classes\TypeLib\{006ad7b2-968a-11de-88c9-5bde55d89593}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CA6319C0-31B7-401E-A518-A07C3DB8F777}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}
~~~ Files
~~~ Folders
~~~ Chrome
[C:\Users\Tobias_2\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Tobias_2\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Tobias_2\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Tobias_2\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.10.2015 at 22:51:48,21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:08-10-2015
durchgeführt von Tobias_2 (Administrator) auf TOBI-PC (08-10-2015 23:12:15)
Gestartet von C:\Users\Tobias_2\Desktop
Geladene Profile: Tobias_2 (Verfügbare Profile: Tobias & Tobias_2 & Maike & Gast)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4317184 2007-02-06] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [118784 2007-01-12] (Alps Electric Co., Ltd.)
HKLM\...\Run: [FreePDF Assistant] => C:\Program Files\FreePDF_XP\fpassist.exe [312320 2007-06-26] (shbox.de)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll [2007-02-13] (Sony Corporation)
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-02-08] (Google Inc.)
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\...\Run: [GoogleChromeAutoLaunch_08DA38D71141E6A5E0731FEFBF7BF14E] => C:\Program Files\Google\Chrome\Application\chrome.exe [815944 2015-09-24] (Google Inc.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\System32\vaiomov.scr [53248 2004-12-27] (Sony Corporation)
ShellIconOverlayIdentifiers: [ffeOverlayIconNeg] -> {0B8B6796-B56B-45D4-A016-09846E00FEA1} => C:\Program Files\apsec\fideAS file enterprise\Private Edtion\ffeOverlay.dll [2008-11-26] (Applied Security GmbH)
ShellIconOverlayIdentifiers: [ffeOverlayIconPos] -> {0B8B6796-B56B-45D4-A016-09846E00FEA0} => C:\Program Files\apsec\fideAS file enterprise\Private Edtion\ffeOverlay.dll [2008-11-26] (Applied Security GmbH)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{75150A78-C350-47D0-A029-3EEC5D8DD586}: [DhcpNameServer] 192.168.192.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://partnerpage.google.com/eu.sony.com/de
hxxp://www.club-vaio.com/vbc
SearchScopes: HKLM -> {47A69BFA-63EF-41C2-B09F-7F84F19B5FDF} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3051598103-94963199-2244021974-1005 -> {47A69BFA-63EF-41C2-B09F-7F84F19B5FDF} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22] (Adobe Systems Incorporated)
BHO: Ghostery Plugin -> {6BF739DD-3323-4C6A-975B-C7E00A50B154} -> C:\Program Files\Ghostery\bin\ghostery.dll [2015-01-23] (Ghostery, Inc.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-15] (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-3051598103-94963199-2244021974-1005 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} hxxp://static.ak.studivz.net/photouploader/ImageUploader4.cab?nocache=20071219-1
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} hxxp://static.ak.studivz.net/photouploader/ImageUploader5.cab?nocache=20080115-1
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2006-06-23] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default
FF DefaultSearchUrl: hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-21] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [Keine Datei]
FF Plugin: @divx.com/DivX Content Upload Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Content Uploader\npUpload.dll [Keine Datei]
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll [Keine Datei]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files\Picasa2\npPicasa2.dll [2008-08-21] (Google, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Picasa2\npPicasa3.dll [2010-06-03] (Google, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-11-15] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-18] (Google)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-11-15] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2007-09-06] (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2011-04-14] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012-06-20] (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\searchplugins\google-images.xml [2014-11-08]
FF SearchPlugin: C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\searchplugins\google-maps.xml [2014-11-08]
FF Extension: Cliqz Beta - C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\Extensions\cliqz@cliqz.com [2014-08-17]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2009-11-09]
FF HKLM\...\Firefox\Extensions: [{3112ca9c-de6d-4884-a869-9855de68056c}] - C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
FF Extension: Google Toolbar for Firefox - C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010-02-16]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-01-30]
FF HKU\S-1-5-21-3051598103-94963199-2244021974-1005\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\extensions\cliqz@cliqz.com
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-03-08]
Chrome:
=======
CHR Profile: C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-06]
CHR Extension: (Google Docs) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-06]
CHR Extension: (Google Drive) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-06]
CHR Extension: (YouTube) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-06]
CHR Extension: (Google-Suche) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-06]
CHR Extension: (Google Tabellen) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-06]
CHR Extension: (Avira Browserschutz) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-10-06]
CHR Extension: (Google Docs Offline) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-10-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-06]
CHR Extension: (Google Mail) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-06]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S3 AllShare; C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [6638080 2010-07-16] () [Datei ist nicht signiert]
S2 gupdate1ca4b172e6509a8; C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-03] (Google Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation) [Datei ist nicht signiert]
R2 MSSQL$VAIO_VEDB; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [28933976 2007-02-05] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2007-02-05] (Microsoft Corporation)
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe [57344 2006-12-14] () [Datei ist nicht signiert]
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [652800 2010-01-26] (Nokia) [Datei ist nicht signiert]
S3 SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe [112184 2007-01-24] (Sony Corporation)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation) [Datei ist nicht signiert]
S3 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe [75320 2007-01-24] (Sony Corporation)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2007-01-10] (Sony Corporation) [Datei ist nicht signiert]
S2 VAIO Event Service; C:\Program Files\sony\VAIO Event Service\VESMgr.exe [182392 2007-02-13] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe [2523136 2007-01-16] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-IntegratedServer-HTTP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-01-08] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-01-16] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-Mobile-Gateway; C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe [491520 2007-01-08] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-UCLS-AppServer; C:\Program Files\sony\VAIO Media Integrated Server\UCLS.exe [745472 2007-01-10] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-UCLS-HTTP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-01-08] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-UCLS-UPnP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-01-16] (Sony Corporation) [Datei ist nicht signiert]
S3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [274432 2006-11-28] (Sony Corporation) [Datei ist nicht signiert]
S3 VUAgent; C:\Program Files\sony\VAIO Update 5\VUAgent.exe [722288 2010-04-09] (Sony Corporation)
S2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [172032 2006-11-28] (Sony Corporation) [Datei ist nicht signiert]
S2 VzFw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [135168 2006-11-28] (Sony Corporation) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
S2 CLTNetCnService; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [45696 2008-01-19] (Microsoft Corporation)
R2 apsecf3; C:\Program Files\apsec\fideAS file enterprise\Private Edtion\vt\apsecf3.sys [77184 2008-12-12] (apsec) [Datei ist nicht signiert]
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25824 2010-05-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [812544 2007-04-23] (Texas Instruments)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\Users\Tobias_2\AppData\Local\Temp\catchme.sys [X]
S3 eapihdrv; \??\C:\Users\Tobias_2\AppData\Local\Temp\ehdrv.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-08 23:12 - 2015-10-08 23:16 - 00020292 _____ C:\Users\Tobias_2\Desktop\FRST.txt
2015-10-08 23:12 - 2015-10-08 23:12 - 00000000 ____D C:\Users\Tobias_2\Desktop\FRST-OlderVersion
2015-10-08 22:51 - 2015-10-08 22:51 - 00001875 _____ C:\Users\Tobias_2\Desktop\JRT.txt
2015-10-08 21:45 - 2015-10-08 21:45 - 01798976 _____ (Malwarebytes) C:\Users\Tobias_2\Desktop\JRT.exe
2015-10-08 21:42 - 2015-10-08 21:42 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-10-08 21:32 - 2015-10-08 21:32 - 01682432 _____ C:\Users\Tobias_2\Desktop\adwcleaner_5.012.exe
2015-10-07 20:41 - 2015-10-07 20:41 - 00020835 _____ C:\ComboFix.txt
2015-10-07 20:09 - 2015-10-07 20:41 - 00000000 ____D C:\Qoobox
2015-10-07 20:09 - 2015-10-07 20:41 - 00000000 ____D C:\ComboFix
2015-10-07 20:09 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-10-07 20:09 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-10-07 20:09 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-10-07 20:09 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-10-07 20:09 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-10-07 20:09 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-10-07 20:09 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-10-07 20:09 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-10-07 20:07 - 2015-10-07 20:39 - 00000000 ____D C:\Windows\erdnt
2015-10-07 19:45 - 2015-10-07 19:45 - 05635766 ____R (Swearware) C:\Users\Tobias_2\Desktop\ComboFix.exe
2015-10-06 21:34 - 2015-10-06 21:34 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Tobias_2\Desktop\tdsskiller.exe
2015-10-06 19:06 - 2015-10-06 20:42 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-06 19:03 - 2015-10-06 20:42 - 00000000 ____D C:\Users\Tobias_2\Desktop\mbar
2015-10-06 19:00 - 2015-10-06 19:01 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Tobias_2\Desktop\mbar-1.09.3.1001.exe
2015-10-05 19:52 - 2015-10-08 23:12 - 01698304 _____ (Farbar) C:\Users\Tobias_2\Desktop\FRST.exe
2015-10-04 14:44 - 2015-10-06 18:58 - 00001963 _____ C:\Users\Tobias_2\Desktop\Google Chrome.lnk
2015-10-04 10:16 - 2015-10-04 10:17 - 00039027 _____ C:\Users\Tobias\Desktop\Addition.txt
2015-10-04 10:13 - 2015-10-08 23:12 - 00000000 ____D C:\FRST
2015-10-04 10:13 - 2015-10-04 10:17 - 00048222 _____ C:\Users\Tobias\Desktop\FRST.txt
2015-10-04 10:05 - 2015-10-04 10:06 - 00000478 _____ C:\Users\Tobias\Desktop\defogger_disable.log
2015-10-04 10:05 - 2015-10-04 10:05 - 00000000 _____ C:\Users\Tobias_2\defogger_reenable
2015-10-04 09:55 - 2015-10-04 09:55 - 00380416 _____ C:\Users\Tobias\Desktop\Gmer-19357.exe
2015-10-04 09:53 - 2015-10-04 09:54 - 01697280 _____ (Farbar) C:\Users\Tobias\Desktop\FRST.exe
2015-10-04 09:52 - 2015-10-04 09:52 - 00050477 _____ C:\Users\Tobias\Desktop\Defogger.exe
2015-10-03 19:16 - 2015-10-03 19:16 - 00000000 ____D C:\Program Files\ESET
2015-10-03 19:15 - 2015-10-03 19:15 - 02870984 _____ (ESET) C:\Users\Tobias\Downloads\esetsmartinstaller_deu (1).exe
2015-10-03 18:20 - 2015-10-08 21:22 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-03 18:19 - 2015-10-06 19:05 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-03 18:19 - 2015-10-03 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-10-03 18:19 - 2015-10-03 18:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-03 18:19 - 2015-10-03 18:19 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware
2015-10-03 18:19 - 2015-06-18 08:41 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-03 18:19 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-10-03 18:16 - 2015-10-03 18:17 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Tobias\Downloads\mbam-setup-2.1.8.1057.exe
2015-10-03 14:53 - 2015-01-29 03:35 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-10-03 14:52 - 2015-08-13 16:15 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-10-03 14:52 - 2015-08-13 16:15 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-10-03 14:51 - 2015-01-29 03:35 - 00975360 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-10-03 14:50 - 2015-07-21 22:55 - 01206192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-03 14:50 - 2015-07-21 18:07 - 03605440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-10-03 14:50 - 2015-07-21 18:07 - 03553216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-03 14:50 - 2015-07-21 18:07 - 00140224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2015-10-03 14:50 - 2015-07-21 18:07 - 00056256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-10-03 14:50 - 2015-07-21 18:03 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2015-10-03 14:50 - 2015-07-21 18:03 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-03 14:50 - 2015-07-21 18:03 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-10-03 14:49 - 2015-07-03 18:04 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-10-03 14:48 - 2015-09-02 23:26 - 01402368 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-10-03 14:48 - 2015-09-02 23:26 - 01253376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-10-03 14:46 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-10-03 14:46 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-10-03 14:46 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-10-03 14:45 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-10-03 14:44 - 2015-07-31 21:27 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-03 14:43 - 2014-06-16 00:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-10-03 14:43 - 2014-06-13 20:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-10-03 14:43 - 2014-06-13 20:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-10-03 14:42 - 2015-06-17 18:50 - 02264576 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-10-03 14:42 - 2015-06-17 17:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-10-03 14:42 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-10-03 14:42 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-10-03 14:42 - 2014-06-02 12:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-10-03 14:42 - 2014-06-02 10:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-10-03 14:41 - 2014-10-10 03:01 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-10-03 14:41 - 2014-10-10 03:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-03 14:41 - 2014-10-10 01:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-03 14:40 - 2014-12-19 02:25 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-10-03 14:39 - 2015-06-12 18:01 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-10-03 14:38 - 2015-04-24 17:54 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-10-03 14:37 - 2015-07-10 21:37 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-10-03 14:27 - 2015-03-05 04:32 - 00244152 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-10-03 14:27 - 2015-03-05 04:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-10-03 14:26 - 2014-10-24 03:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-10-03 14:25 - 2015-07-11 17:56 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-03 14:23 - 2014-11-26 04:05 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-10-03 14:22 - 2015-07-18 18:03 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-10-03 14:22 - 2015-01-09 02:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-03 14:21 - 2015-01-21 04:02 - 00807936 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-10-03 14:21 - 2014-08-12 04:25 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-10-03 14:19 - 2015-07-10 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-10-03 14:18 - 2015-09-02 23:26 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-10-03 14:18 - 2015-09-02 21:55 - 02067456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-10-03 14:18 - 2015-09-02 21:54 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-10-03 14:15 - 2015-08-05 17:59 - 00602112 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-10-03 14:14 - 2014-12-06 05:14 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-10-03 14:14 - 2014-12-06 05:14 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-10-03 14:14 - 2014-12-06 05:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-10-03 14:14 - 2014-10-03 03:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-10-03 14:14 - 2014-10-03 03:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-10-03 14:14 - 2014-10-03 03:17 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-10-03 14:14 - 2014-10-03 03:17 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-10-03 14:13 - 2014-08-27 02:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-10-03 14:12 - 2015-05-31 10:11 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-10-03 13:51 - 2015-07-31 23:46 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-10-03 13:51 - 2015-07-31 23:46 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-10-03 13:51 - 2015-07-31 23:46 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-10-03 13:51 - 2015-07-31 23:46 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-10-03 13:51 - 2015-07-31 22:41 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-10-03 13:51 - 2015-07-31 22:40 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-10-03 13:51 - 2015-07-31 22:35 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-10-03 13:51 - 2015-07-31 22:33 - 01072640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-10-03 13:51 - 2015-07-31 22:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-10-03 13:51 - 2015-04-11 01:22 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-10-03 13:49 - 2015-06-27 18:03 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-03 13:49 - 2015-06-27 18:02 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-03 13:49 - 2015-06-27 18:02 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-03 13:49 - 2015-06-27 18:01 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-10-03 13:49 - 2015-06-27 16:21 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-03 13:49 - 2015-06-27 16:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-03 13:49 - 2015-06-12 15:13 - 00440768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-03 13:49 - 2015-05-09 01:08 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-03 13:49 - 2015-04-30 18:03 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-03 13:49 - 2015-01-09 02:17 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-03 13:49 - 2014-10-10 03:00 - 01259008 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-03 13:49 - 2014-09-05 01:27 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2015-10-03 13:48 - 2015-07-01 17:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-10-03 13:48 - 2014-12-08 03:59 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-10-03 13:47 - 2015-07-09 16:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-10-03 13:47 - 2015-07-09 16:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-10-03 13:47 - 2015-05-05 00:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-10-03 13:46 - 2015-05-05 00:51 - 10628608 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-10-03 13:46 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-10-03 13:46 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-10-03 13:46 - 2015-05-04 23:21 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-10-03 13:45 - 2014-12-06 05:14 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-10-03 13:44 - 2014-06-06 10:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-10-03 13:43 - 2014-05-30 08:53 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-10-03 13:42 - 2014-06-14 02:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-10-03 13:42 - 2014-06-14 02:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-10-03 13:42 - 2014-04-26 18:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-10-03 13:42 - 2014-04-05 04:42 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-10-03 13:39 - 2015-08-17 19:12 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-03 13:38 - 2015-08-17 19:18 - 01814016 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-03 13:38 - 2015-08-17 19:17 - 12388352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-03 13:38 - 2015-08-17 19:14 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-03 13:38 - 2015-08-17 19:13 - 09751040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-03 13:38 - 2015-08-17 19:12 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-03 13:38 - 2015-08-17 19:11 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-03 13:38 - 2015-08-17 19:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-03 13:38 - 2015-08-17 19:10 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-10-03 13:38 - 2015-08-17 19:10 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-10-03 13:38 - 2015-08-17 19:09 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-23 20:07 - 2015-09-23 20:08 - 00010495 _____ C:\Users\Tobias\Downloads\Tobias_elster_23.09.2015_20.03.pfx
2015-09-20 22:58 - 2015-09-20 23:09 - 00000000 ____D C:\Users\Tobias\Downloads\Anna luth
2015-09-14 21:04 - 2015-09-14 21:04 - 00347816 _____ (Microsoft Corporation) C:\Users\Tobias\Downloads\MicrosoftFixit.wu.Run.exe
2015-09-13 12:57 - 2015-09-13 12:58 - 00852704 _____ C:\Users\Tobias\Downloads\SecurityCheck.exe
2015-09-13 10:55 - 2015-09-13 10:56 - 02870984 _____ (ESET) C:\Users\Tobias\Downloads\esetsmartinstaller_deu.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-08 23:02 - 2013-06-30 17:10 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-08 22:52 - 2009-10-12 10:51 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-08 22:00 - 2012-03-29 18:50 - 00001142 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003UA.job
2015-10-08 21:55 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-08 21:55 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-08 21:50 - 2007-10-26 18:45 - 02053718 _____ C:\Windows\WindowsUpdate.log
2015-10-08 21:42 - 2009-10-12 10:51 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-08 21:41 - 2011-01-02 13:22 - 00000000 ____D C:\Windows\system32\logishrd
2015-10-08 21:41 - 2007-02-26 18:30 - 01072794 _____ C:\Windows\PFRO.log
2015-10-08 21:41 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-08 21:40 - 2008-04-18 15:22 - 00000012 _____ C:\Windows\bthservsdp.dat
2015-10-08 21:40 - 2006-11-02 15:01 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-08 21:38 - 2015-02-22 20:00 - 00000000 ____D C:\AdwCleaner
2015-10-08 19:00 - 2012-03-29 18:50 - 00001120 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003Core.job
2015-10-08 18:04 - 2011-08-12 18:16 - 00001052 _____ C:\Windows\Tasks\Google Software Updater.job
2015-10-07 20:41 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2015-10-07 20:36 - 2006-11-02 12:23 - 00000215 _____ C:\Windows\system.ini
2015-10-05 11:37 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2015-10-05 11:23 - 2006-11-02 12:33 - 01624692 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-04 20:22 - 2015-07-26 16:16 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Spotify
2015-10-04 14:44 - 2009-11-09 17:21 - 00000000 ____D C:\Users\Tobias_2\AppData\Local\Google
2015-10-04 10:05 - 2009-11-09 17:21 - 00000000 ____D C:\Users\Tobias_2
2015-10-03 15:51 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2015-10-03 15:46 - 2007-02-26 18:10 - 00000000 ____D C:\Program Files\Microsoft.NET
2015-10-03 15:33 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2015-10-03 15:15 - 2006-11-02 14:47 - 00385216 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-03 15:09 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2015-10-03 15:09 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2015-10-03 14:12 - 2014-04-03 21:49 - 00000000 ____D C:\Windows\system32\MRT
2015-10-03 11:33 - 2014-02-06 19:23 - 00000000 ____D C:\Users\Tobias\Desktop\Bilder Tisch Verkaufsliste
2015-10-03 11:21 - 2014-12-15 10:09 - 00000000 ____D C:\Users\Tobias\Desktop\Faulhaber
2015-10-03 11:19 - 2015-04-25 14:33 - 00000000 ____D C:\Users\Tobias\AppData\Local\CrashDumps
2015-10-03 08:43 - 2011-11-03 16:13 - 00000000 ____D C:\Users\Tobias\AppData\Local\.elfohilfe
2015-09-27 09:05 - 2015-02-08 20:45 - 00000000 ____D C:\Users\Tobias\Desktop\Tor Browser
2015-09-21 21:04 - 2013-03-23 12:15 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-09-21 21:04 - 2011-10-16 02:25 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-09-21 20:34 - 2006-11-02 14:52 - 00149663 _____ C:\Windows\setupact.log
2015-09-12 18:21 - 2007-10-26 18:12 - 00000000 ____D C:\Users\Tobias\AppData\Local\Google
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2008-07-15 18:52 - 2008-07-15 18:52 - 0000032 _____ () C:\ProgramData\ezsid.dat
Einige Dateien in TEMP:
====================
C:\Users\Tobias_2\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-08 22:09
==================== Ende vom FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:08-10-2015
durchgeführt von Tobias_2 (2015-10-08 23:18:27)
Gestartet von C:\Users\Tobias_2\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2007-10-26 16:45:09)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3051598103-94963199-2244021974-500 - Administrator - Disabled)
Gast (S-1-5-21-3051598103-94963199-2244021974-501 - Limited - Enabled) => C:\Users\Gast
Maike (S-1-5-21-3051598103-94963199-2244021974-1006 - Limited - Enabled) => C:\Users\Maike
Tobias (S-1-5-21-3051598103-94963199-2244021974-1003 - Limited - Enabled) => C:\Users\Tobias
Tobias_2 (S-1-5-21-3051598103-94963199-2244021974-1005 - Administrator - Enabled) => C:\Users\Tobias_2
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 4.57 (HKLM\...\7-Zip) (Version: - )
AAVUpdateManager (HKLM\...\{0D410F4D-9009-43F8-9DF1-BDADCE7FC43F}) (Version: 3.00.0000 - Akademische Arbeitsgemeinschaft)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Reader 9.4.4 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A94000000001}) (Version: 9.4.4 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - )
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Browser Address Error Redirector (HKLM\...\{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version: - )
CameraHelperMsi (Version: 13.00.1774.0 - Logitech) Hidden
Canon MP Navigator EX 3.0 (HKLM\...\MP Navigator EX 3.0) (Version: - )
Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version: - )
Click to DVD 2.0.05 Menu Data (HKLM\...\{9E407618-D9CD-4F39-9490-9ED45294073D}) (Version: 2.0.05 - Sony Corporation)
Click to DVD 2.6.00 (HKLM\...\{E809063C-51A3-4269-8984-D1EB742F2151}) (Version: 2.6.00 - Sony Corporation)
Cliqz (HKLM\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.0.1 - Cliqz.com)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Designer 2.0 (HKLM\...\Designer 2.0_is1) (Version: 7.7.4 - fotobuch.de AG)
DivX-Setup (HKLM\...\DivX Setup.divx.com) (Version: 1.0.2.23 - DivX, Inc. )
ElsterFormular (HKLM\...\ElsterFormular 11.2.0.4074) (Version: 11.2.0.4074 - Landesfinanzdirektion Thüringen)
ElsterFormular 2008/2009 (HKLM\...\{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}) (Version: 10.0.0.0 - Steuerverwaltung des Bundes und der Länder)
ElsterFormular-Upgrade (HKLM\...\ElsterFormular für Privatanwender 12.2.0.6412p) (Version: 16.2.17437 - Landesfinanzdirektion Thüringen)
erLT (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
fideAS® file enterprise private edition (HKLM\...\{9D02EA09-A131-49A3-8D51-8E02D04F9847}) (Version: - )
FreePDF XP (Remove only) (HKLM\...\FreePDF_XP) (Version: - )
Ghostery (HKLM\...\Ghostery) (Version: - Ghostery Inc)
Google Chrome (HKLM\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Firefox (HKLM\...\{2CCBABCB-6427-4A55-B091-49864623C43F}) (Version: 7.1.20110512 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
GPL Ghostscript 8.60 (HKLM\...\GPL Ghostscript 8.60) (Version: - )
GPL Ghostscript Fonts (HKLM\...\GPL Ghostscript Fonts) (Version: - )
HDAUDIO SoftV92 Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200) (Version: - )
ICQ7.2 (HKLM\...\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}) (Version: 7.2 - ICQ)
iTunes (HKLM\...\{86D04316-F49A-4AF2-B3F1-A1E943886CE7}) (Version: 11.3.1.2 - Apple Inc.)
Java(TM) 6 Update 29 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216029FF}) (Version: 6.0.290 - Oracle)
Java(TM) SE Runtime Environment 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160000}) (Version: 1.6.0.0 - Sun Microsystems, Inc.)
LAN-Express AS IEEE 802.11 Wireless LAN (HKLM\...\{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}) (Version: 7.1.0.116 - LAN-Express)
Logitech Vid HD (HKLM\...\Logitech Vid) (Version: 7.2 (7240) - Logitech Inc..)
Logitech Webcam Software (HKLM\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{547DCEC7-DD2A-47E9-82C7-5CF1EAB526DA}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{2DFB5485-A3EF-4298-9280-4AF80C9F4BE9}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Works (HKLM\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 de) (HKLM\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.1.1 (x86 de) (HKLM\...\Mozilla Thunderbird 24.1.1 (x86 de)) (Version: 24.1.1 - Mozilla)
Mp3tag v2.59a (HKLM\...\Mp3tag) (Version: v2.59a - Florian Heidenreich)
MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Napster 5 Beta (HKLM\...\com.Rhapsody.Napster5) (Version: 1.0.61 - Rhapsody International Inc)
Napster 5 Beta (Version: 1.0.61 - Rhapsody International Inc) Hidden
Nokia Connectivity Cable Driver (HKLM\...\{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}) (Version: 7.1.27.0 - Nokia)
Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 6.86.9.0 - Nokia)
Nokia PC Suite (Version: 6.86.9.0 - Nokia) Hidden
Nokia Software Updater (HKLM\...\{D043E0F8-5EFA-4102-A863-08F39D9DF2F4}) (Version: 02.04.005.41445 - Nokia Corporation)
OpenMG Limited Patch 4.7-07-13-24-01 (HKLM\...\OpenMG HotFix4.7-07-13-22-01) (Version: - )
OpenMG Secure Module 4.7.00 (HKLM\...\InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}) (Version: 4.7.00.12140 - Sony Corporation)
OpenMG Secure Module 4.7.00 (Version: 4.7.00.12140 - Sony Corporation) Hidden
PC Connectivity Solution (HKLM\...\{7397EDED-F38A-4654-B669-BF61065803D0}) (Version: 10.6.2.0 - Nokia)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.313.0 - Tracker Software Products Ltd)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.6 - Google, Inc.)
Pixum Fotobuch (HKLM\...\Pixum Fotobuch) (Version: - )
PS3 Media Server (HKLM\...\PS3 Media Server) (Version: 1.81.0 - PS3 Media Server)
QuickTime (HKLM\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5350 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
Roxio Easy Media Creator Home (HKLM\...\{B7FB0C86-41A4-4402-9A33-912C462042A0}) (Version: 9.0.178 - Roxio)
SAMSUNG PC Share Manager (HKLM\...\InstallShield_{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}) (Version: 4.0 - SAMSUNG)
SAMSUNG PC Share Manager (Version: 4.0 - SAMSUNG) Hidden
Setting Utility Series (HKLM\...\{59452470-A902-477F-9338-9B88101681BD}) (Version: 2.1.00.13300 - Sony Corporation)
Skype™ 6.9 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.9.106 - Skype Technologies S.A.)
SonicStage 4.3 (HKLM\...\{A0EB195B-5876-48E6-879D-33D4B2102610}) (Version: 4.3 - Sony Corporation)
Sony Utilities DLL (HKLM\...\{EF3D45BB-2260-4008-88EA-492E7744A9DF}) (Version: 7.1.00.13300 - Sony Corporation)
Sony Video Shared Library (HKLM\...\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}) (Version: 3.1.03 - Sony Corporation)
Steuersparer 2014 (HKLM\...\{485DBEA2-58E9-4136-9E6C-6C3022B02349}) (Version: 21.00.8480 - Buhl Data Service GmbH)
TeamViewer 5 (HKLM\...\TeamViewer 5) (Version: 5.1.13999 - TeamViewer GmbH)
The GodFather (HKLM\...\The GodFather) (Version: - )
TOL 7.0.27.6 Components (HKLM\...\{82BB647B-C09E-423D-8395-BFFBA0B8644B}) (Version: 7.0.27.6 - Auralog)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.2047.00 - Microsoft Corporation)
VAIO Aqua Breeze Wallpaper (HKLM\...\{97BCD719-6ECB-458F-97D6-F38D2E07375E}) (Version: 1.0.11.13240 - Sony Corporation)
VAIO Content Importer VAIO Content Exporter (Version: 1.3.00.13300 - Sony Corporation) Hidden
VAIO Content Importer / VAIO Content Exporter (HKLM\...\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}) (Version: 1.3.00.13300 - Sony Corporation)
VAIO Control Center (HKLM\...\{FC37C108-821D-4EDE-8F40-D5B497586805}) (Version: 2.0.00.11060 - Sony Corporation)
VAIO Cozy Orange Wallpaper (HKLM\...\{2A2FF7F5-6F0E-4A5D-A881-39365E718BD6}) (Version: 1.0.11.13240 - Sony Corporation)
VAIO Data Restore Tool (HKLM\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.0.01.02070 - Sony Corporation)
VAIO Entertainment Platform (HKLM\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 2.0.02.13290 - Sony Corporation)
VAIO Event Service (HKLM\...\{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}) (Version: 3.1.00.14130 - Sony Corporation)
VAIO Hardware Diagnostics (HKLM\...\{A947C2B3-7445-42C4-9063-EE704CACCB22}) (Version: - )
VAIO Media (Version: 6.0.10 - Sony Corporation) Hidden
VAIO Media 6.0 (HKLM\...\{560F6B2E-F0DF-44E5-8190-A4A161F0E205}) (Version: 6.0.10 - Sony Corporation)
VAIO Media AC3 Decoder 1.0 (HKLM\...\{2063C2E8-3812-4BBD-9998-6610F80C1DD4}) (Version: - )
VAIO Media Content Collection 6.0 (HKLM\...\{500162A0-4DD5-460A-BAFD-895AAE48C532}) (Version: - Sony Corporation)
VAIO Media Integrated Server 6.0 (HKLM\...\{785EB1D4-ECEC-4195-99B4-73C47E187721}) (Version: - Sony Corporation)
VAIO Media Redistribution 6.0 (HKLM\...\{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}) (Version: 6.0.10 - Sony Corporation)
VAIO Media Registration Tool (Version: 6.0.10 - Sony Corporation) Hidden
VAIO Media Registration Tool 6.0 (HKLM\...\{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}) (Version: 6.0.10 - Sony Corporation)
VAIO Original Screen Saver (HKLM\...\{1BEF9285-5530-426B-A5F1-5836B95C7EB1}) (Version: - )
VAIO Photo 2007 (HKLM\...\{5E343EF6-D27C-4CFC-9FAE-9AAFB541BCEE}) (Version: 1.0.01.01250 - Sony Corporation)
VAIO Power Management (HKLM\...\{9E319E96-ED8E-4B01-9775-C521A1869A25}) (Version: 2.1.00.14090 - Sony Corporation)
VAIO Tender Green Wallpaper (HKLM\...\{934A3213-1CB6-4264-84A2-EE080C017BCA}) (Version: 1.0.11.10180 - Sony Corporation)
VAIO Update (HKLM\...\{5BEE8F1F-BD32-4553-8107-500439E43BD7}) (Version: 5.1.1.04090 - Sony Corporation)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0 - DivX, Inc) Hidden
VisiPics V1.31 (HKLM\...\VisiPics_is1) (Version: - Ozone)
VLC media player 0.9.8a (HKLM\...\VLC media player) (Version: 0.9.8a - VideoLAN Team)
Winamp (HKLM\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3051598103-94963199-2244021974-1005\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows-Treiberpaket - Nokia Modem (03/05/2008 3.7) (HKLM\...\CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A) (Version: 03/05/2008 3.7 - Nokia)
Windows-Treiberpaket - Nokia Modem (03/13/2008 6.86.0.1) (HKLM\...\E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D) (Version: 03/13/2008 6.86.0.1 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinDVD for VAIO (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B6.113 - InterVideo Inc.)
WinDVD for VAIO (Version: 8.0-B6.113 - InterVideo Inc.) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3051598103-94963199-2244021974-1005_Classes\CLSID\{7644204c-5eb0-4e21-b225-fc6c1fca74f7}\localserver32 -> C:\Program Files\Nokia\Nokia PC Suite 6\MultimediaPlayer.exe (Nokia)
CustomCLSID: HKU\S-1-5-21-3051598103-94963199-2244021974-1005_Classes\CLSID\{FBE88A10-FF53-11E0-AB2A-AE904824019B}\InprocServer32 -> C:\Users\Tobias_2\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAI~1.DLL => Keine Datei
==================== Wiederherstellungspunkte =========================
04-10-2015 12:13:08 Geplanter Prüfpunkt
05-10-2015 10:00:53 Windows Update
06-10-2015 21:08:31 Geplanter Prüfpunkt
08-10-2015 19:13:49 Geplanter Prüfpunkt
08-10-2015 21:46:52 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2006-11-02 12:23 - 2015-10-07 20:36 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {03292A64-7B17-437B-9DA2-D3E930906277} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-03] (Google Inc.)
Task: {04B8B746-6BF7-47EA-99D0-7730BCE7F577} - System32\Tasks\LaunchMCV => MyClubVaio.vbs
Task: {0B5E040C-AD07-4054-8009-55FD6A6AAB7E} - System32\Tasks\MCVRegistrationReminder3 => reminder.exe
Task: {0E88563E-6870-46CC-85C5-28B2E654BE19} - System32\Tasks\SONY\WSSU\WSSU => C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
Task: {0F614CB5-37C8-4B6F-80B6-ABC59FA334AB} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09] (Sun Microsystems, Inc.)
Task: {1E0CF3DC-DF39-437B-8205-25DCC08EADFC} - System32\Tasks\MCVRegistrationReminder2 => reminder.exe
Task: {2209DF9F-5640-4DEB-84C3-3436BC3034CB} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003UA => C:\Users\Tobias\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {2BFBEBC7-9615-4E55-B21E-5C30EAE3A84C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003Core => C:\Users\Tobias\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {3FABAD80-64FB-4D44-A4B7-6D6A8EEF1F25} - System32\Tasks\MCVRegistrationReminder4 => reminder.exe
Task: {4358621B-9F5F-4ACD-A7BC-31CAD8B59FD2} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21] (Adobe Systems Incorporated)
Task: {4790FDBD-6127-4D9B-89AC-71F68627654D} - System32\Tasks\MCVSurveyReminder1 => reminder.exe
Task: {56B9293A-1863-4DDD-83CA-28AC0A33836D} - System32\Tasks\MCVSurveyReminder2 => reminder.exe
Task: {62B77C40-E498-4DC1-9254-5B51BE706ECB} - System32\Tasks\MCVSurveyReminder3 => reminder.exe
Task: {6AA69C80-8E22-4030-90B1-3955E6D3EEA4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-21] (Adobe Systems Incorporated)
Task: {7751B2CE-0C18-4074-96ED-62A6FF85FF5F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9362BE8A-1751-4D85-A816-C3F0C1DFB5E6} - System32\Tasks\{5CD16FC8-E171-4B05-BB45-1B854FD80A0E} => pcalua.exe -a C:\ProgramData\Sony\MyClubVAIO\MyClubVAIO.exe -d C:\ProgramData\Sony\MyClubVAIO
Task: {9A27AE43-7CC4-40F4-9500-12DF824E11E8} - System32\Tasks\MCVRegistrationReminder1 => reminder.exe
Task: {AE312CF0-704E-4EF9-A1F9-BFAAE6181039} - System32\Tasks\{49422247-D8A0-4B6E-8E37-82554BEFE11E} => pcalua.exe -a C:\Users\Tobias\setup-Reisen-tuerkriviera.exe -d C:\Users\Tobias
Task: {AECAC0BB-56ED-42A9-A828-4FF6F51307D4} - System32\Tasks\SONY\VAIO Update\VAIO Update 5 => C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe [2010-04-09] (Sony Corporation)
Task: {B2071D54-F7E8-4E5D-ADCB-061257AB6345} - System32\Tasks\SONY\VAIO Update\Launch Application => C:\Program Files\Sony\VAIO Update 5\ShellExeProxy.exe [2010-04-09] (Sony Corporation)
Task: {B7A2ACFD-BA6A-4102-A268-B20318834D79} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-03] (Google Inc.)
Task: {C14DD04F-1A66-48E6-A975-7522B5C4CA43} - System32\Tasks\MCVSurveyReminder4 => reminder.exe
Task: {C5FD2310-9476-489B-A052-45068BB3FF84} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-19] (Microsoft Corporation)
Task: {D80E2DFA-FB3A-4170-B7AA-727A4CFA4D14} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-22] (Google)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003Core.job => C:\Users\Tobias\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003UA.job => C:\Users\Tobias\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2008-03-04 18:53 - 2005-01-06 19:33 - 00116224 _____ () C:\Windows\System32\redmonnt.dll
2007-02-26 21:02 - 2007-01-24 11:02 - 00077824 _____ () C:\Windows\System32\hccutils.DLL
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
DNS Servers: 192.168.192.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [{28CFDEA3-1FFE-445E-BD6B-A4637549DBF5}] => (Allow) C:\Program Files\Google\Google Talk\googletalk.exe
FirewallRules: [{B853D6C8-BE18-4F9F-BA31-E6B14A1C8375}] => (Allow) C:\Program Files\Google\Google Talk\googletalk.exe
FirewallRules: [{1A1CD5E7-2AC5-404F-8A09-8FB4D708E942}] => (Allow) C:\Program Files\sony\VAIO Media 6.0\Vc.exe
FirewallRules: [{0EDBBDDF-09F8-4990-96F5-458203C2CF9B}] => (Allow) C:\Program Files\sony\VAIO Media 6.0\Vc.exe
FirewallRules: [TCP Query User{2481657B-1641-4E6C-A363-5423EE417079}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [UDP Query User{55C341FC-8AC2-4B7E-B136-D3D0E6ED184E}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [TCP Query User{6B5686E8-CB7A-4058-8BB6-B06F0A96A270}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{8D9186EB-1153-4738-85F7-A0D1B3D88093}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{D9961355-22D1-495C-B015-48F80A6E1FAA}F:\medias42\jre\bin\javaw.exe] => (Allow) F:\medias42\jre\bin\javaw.exe
FirewallRules: [UDP Query User{9306F6B8-408E-4501-9715-6C0C4A46B0E2}F:\medias42\jre\bin\javaw.exe] => (Allow) F:\medias42\jre\bin\javaw.exe
FirewallRules: [TCP Query User{1E3B55D9-83D2-4EF5-8928-7B319DEC8449}H:\filme und musik normen\spiele\soldat\soldat\soldat.exe] => (Block) H:\filme und musik normen\spiele\soldat\soldat\soldat.exe
FirewallRules: [UDP Query User{A05C71EC-5117-4B68-A649-E1976551D6D2}H:\filme und musik normen\spiele\soldat\soldat\soldat.exe] => (Block) H:\filme und musik normen\spiele\soldat\soldat\soldat.exe
FirewallRules: [{93C19A66-0B4F-4500-8F22-4BF65D3BA3D2}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{AD5316F2-BCE8-4EAF-9AE9-795EF71C8D15}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [UDP Query User{64B3005A-B06D-42BE-9D61-B63EF593CF77}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [TCP Query User{7A3D3597-79EE-4E7C-86EC-D2C472DDBCAB}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [UDP Query User{067C67C2-4FF9-430C-9D87-BB6844606E77}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [{944DA102-993D-4305-88F0-E17C7BD1EF21}] => (Allow) C:\Windows\Temp\KD_installer.exe
FirewallRules: [{72E8284F-400C-4DAD-A540-0045A3509488}] => (Allow) C:\Windows\Temp\KD_installer.exe
FirewallRules: [TCP Query User{FA429FA2-8476-4AED-831F-82B7396E4462}C:\program files\icq6.5\icq.exe] => (Allow) C:\program files\icq6.5\icq.exe
FirewallRules: [UDP Query User{594768EA-2059-41A3-9118-B9C468D1B751}C:\program files\icq6.5\icq.exe] => (Allow) C:\program files\icq6.5\icq.exe
FirewallRules: [TCP Query User{5D950F6A-0BAB-4DB8-935F-CBDE976BCCAC}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe] => (Allow) C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [UDP Query User{3A9F5922-2D10-45AD-ACFF-FB700F4DFB17}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe] => (Allow) C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [TCP Query User{C8108D91-91C2-4E2F-942E-7B29D4667048}C:\program files\nokia\nokia software updater\nsu_ui_client.exe] => (Allow) C:\program files\nokia\nokia software updater\nsu_ui_client.exe
FirewallRules: [UDP Query User{88A4A4B2-1C61-4141-8DE4-BEB6CF68FE26}C:\program files\nokia\nokia software updater\nsu_ui_client.exe] => (Allow) C:\program files\nokia\nokia software updater\nsu_ui_client.exe
FirewallRules: [TCP Query User{E522214B-C37A-4DE1-BDE3-72794AA78FE8}C:\program files\nokia\nokia software updater\nsu_ui_client.exe] => (Allow) C:\program files\nokia\nokia software updater\nsu_ui_client.exe
FirewallRules: [UDP Query User{2F0305A5-97DF-4A65-BFD7-AB57A24F0C0C}C:\program files\nokia\nokia software updater\nsu_ui_client.exe] => (Allow) C:\program files\nokia\nokia software updater\nsu_ui_client.exe
FirewallRules: [TCP Query User{99F8A7D3-7E51-4A2D-A672-A1CB9335A821}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe] => (Allow) C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [UDP Query User{41DCE95C-86F8-476E-84A3-E56B1FDD0283}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe] => (Allow) C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [{EA68F7EC-2EE8-4A2E-8800-A2D75AFB86E5}] => (Allow) C:\Program Files\TeamViewer\Version5\TeamViewer.exe
FirewallRules: [{2ABAE764-8746-4C1A-BF23-1E3D0D78D172}] => (Allow) C:\Program Files\TeamViewer\Version5\TeamViewer.exe
FirewallRules: [TCP Query User{7AAF1241-C0AF-4C7D-8E9F-53E259B60A2A}C:\program files\google\google earth\client\googleearth.exe] => (Block) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{3F1F2C39-0675-4BC9-AEA9-DB34BA799DF8}C:\program files\google\google earth\client\googleearth.exe] => (Block) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [{1AA33B8E-5CC2-4A18-961C-16E6647E38D3}] => (Allow) C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{2B6F0BC7-8F2E-41E6-A31A-938A748AC480}] => (Allow) C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{0AA0629C-83BE-436A-896F-D164B52938B3}] => (Allow) C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{0BC252E2-5A17-4E07-8DA6-2B55CE22B84F}] => (Allow) C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{B674EE12-A64D-46D5-B5C5-43CBA55BA932}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{9F77F05A-21D3-4DE1-A3E1-79D39191C15D}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{4ADFAAB8-6F72-42F1-B0FE-9F50B299F963}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{F4FFDFE3-41C8-4640-BFE3-44C15784CB8D}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{7E69422E-A34A-4BE6-825F-3B182B0744B5}] => (Allow) C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
FirewallRules: [{9E4E39E6-E721-4433-8144-B9DA09366166}] => (Allow) C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
FirewallRules: [{C903A740-D1DA-4512-814B-E734F7EB5664}] => (Allow) C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe
FirewallRules: [{03CB3D3D-FD62-4813-A92B-1E22866EC922}] => (Allow) C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe
FirewallRules: [{6D770C92-8066-464F-9EA9-E23633C2C834}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe
FirewallRules: [{997DDA14-3ACE-4601-9E76-C977ED47E7EC}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe
FirewallRules: [{0A536BE2-9B8B-45B4-B064-691B3AF3D32E}] => (Allow) C:\Users\Tobias\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{09BC94BA-3A7C-44C2-B9E5-41C53AFB5917}] => (Allow) C:\Users\Tobias\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{02C154E6-9507-42A0-B539-BD9DDCDD7C68}] => (Allow) C:\Program Files\TeamViewer\Version5\TeamViewer.exe
FirewallRules: [{C6FA9CB9-A187-4569-8B98-D06B92C4DD75}] => (Allow) C:\Program Files\TeamViewer\Version5\TeamViewer.exe
FirewallRules: [{A83763DD-9B9B-4ABE-A734-3EABCB4DEC66}] => (Allow) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
FirewallRules: [{313C0051-51C5-4A31-B14E-35A0EC404B0F}] => (Allow) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
FirewallRules: [{AE3D2A82-EF1A-4177-8AB9-130E30509122}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{64AEE323-F9A2-4C6F-A44D-76CB4DB639D0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{31F31923-621F-4331-8F19-12DD86BD58DD}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe
FirewallRules: [UDP Query User{35B4ABDB-BD77-405D-B3FE-5B59CF18C0FD}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe
FirewallRules: [TCP Query User{17C64AD6-E2F8-488E-9B0F-459BC3A19388}C:\program files\winamp\winamp.exe] => (Block) C:\program files\winamp\winamp.exe
FirewallRules: [UDP Query User{777E9E31-7F55-445C-9ABB-641DF8685D31}C:\program files\winamp\winamp.exe] => (Block) C:\program files\winamp\winamp.exe
FirewallRules: [TCP Query User{2C843C09-6FDD-40EF-BE30-3E57BC37A234}C:\program files\java\jre6\bin\javaw.exe] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{E2BE1DDD-D5B2-418C-A623-EB2A7742AEC3}C:\program files\java\jre6\bin\javaw.exe] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{FEB4580A-36CA-4578-9E7C-1E79D7CE7F30}C:\users\gast\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gast\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{35E4F129-FC20-4D7D-9C77-CE0B1EDE6FEB}C:\users\gast\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gast\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{9A673BBC-A7B6-4192-8183-D705150C0C84}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{923894EE-0F16-4343-82E0-F3D0082A1FB6}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{6C06EB5A-861B-469B-A132-CAA7DA24AE55}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{3E862549-9089-4CB8-B75B-1648B7E5986E}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{68168967-06E5-462E-8D18-57B124DC6AA9}] => (Allow) LPort=80
FirewallRules: [{56BA1E51-2A5E-4EFA-B160-4552B941741C}] => (Allow) LPort=80
FirewallRules: [{82951208-6457-4AF9-82B8-BD534CD1CF46}] => (Allow) LPort=80
FirewallRules: [{5597D2B1-B28D-4508-A17B-748A6F5C9C4B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5DEAC93A-CBED-41A3-B1FA-7BFED7E30443}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{789A0F53-28A5-4728-B5AB-2E62A2AEA6EC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{0DA9DD76-ADA6-4040-94B3-EADDEFF9E2D6}C:\users\tobias\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tobias\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5778E77C-9FDE-4220-8F6A-7361D7EBD168}C:\users\tobias\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tobias\appdata\roaming\spotify\spotify.exe
FirewallRules: [{85DF8EB2-15F9-4EF5-B460-3A90DC1486C6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\fotobuch.de AG\Designer 2.0\Designer.exe] => Designer.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/08/2015 06:04:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 76027571
Error: (10/08/2015 06:04:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 76027571
Error: (10/08/2015 06:04:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/07/2015 08:57:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15740
Error: (10/07/2015 08:57:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15740
Error: (10/07/2015 08:57:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/05/2015 11:46:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15600
Error: (10/05/2015 11:46:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15600
Error: (10/05/2015 11:46:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/05/2015 11:40:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 49036559
Systemfehler:
=============
Error: (10/08/2015 09:52:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Softwarelizenzierung11200001Neustart des Diensts
Error: (10/08/2015 09:52:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: VAIO Entertainment Database Service1
Error: (10/08/2015 09:52:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Modules Installer11200001Neustart des Diensts
Error: (10/08/2015 09:52:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: VAIO Event Service1
Error: (10/08/2015 09:52:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: VAIO Entertainment File Import Service1
Error: (10/08/2015 09:52:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: AAV UpdateService1
Error: (10/08/2015 09:52:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: iPod-Dienst1
Error: (10/08/2015 09:52:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: VAIO Entertainment UPnP Client Adapter1
Error: (10/08/2015 09:52:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Apple Mobile Device1600001Neustart des Diensts
Error: (10/08/2015 09:52:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Bonjour"1
CodeIntegrity:
===================================
Date: 2015-10-08 23:17:34.128
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-08 23:17:33.332
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-08 23:17:32.427
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-08 23:17:31.632
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-08 23:17:30.893
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-08 23:17:30.577
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-08 23:17:30.233
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-08 23:17:29.672
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-08 23:14:00.679
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-08 23:13:59.681
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz
Prozentuale Nutzung des RAM: 66%
Installierter physikalischer RAM: 1013.45 MB
Verfügbarer physikalischer RAM: 341.11 MB
Summe virtueller Speicher: 2291.21 MB
Verfügbarer virtueller Speicher: 1467.12 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:83.85 GB) (Free:7.37 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 93.2 GB) (Disk ID: 0A508B38)
Partition 1: (Not Active) - (Size=9.3 GB) - (Type=27)
Partition 2: (Active) - (Size=83.8 GB) - (Type=07 NTFS)
==================== Ende vom Addition.txt ============================
|
|
09.10.2015, 23:45
| #12 |
| /// the machine /// TB-Ausbilder | Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-ScanESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.10.2015, 19:46
| #13 |
| | Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-ScanCode:
ATTFilter # product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=563b7ffd29eb9f40b716daf60326b67a
# end=init
# utc_time=2015-10-03 05:16:51
# local_time=2015-10-03 07:16:51 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
Update Init
Update Download
Update Finalize
Updated modules version: 26063
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=563b7ffd29eb9f40b716daf60326b67a
# end=updated
# utc_time=2015-10-03 05:22:04
# local_time=2015-10-03 07:22:04 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=563b7ffd29eb9f40b716daf60326b67a
# engine=26063
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-10-03 07:55:52
# local_time=2015-10-03 09:55:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1=''
# compatibility_mode=5892 16776573 100 100 35150 281434880 0 0
# scanned=209985
# found=17
# cleaned=0
# scan_time=9227
sh=14309152E731BC4D86E3149DF6FD2FBE03557958 ft=1 fh=a19bc11331cd63d7 vn="Variante von MSIL/Adware.iBryte.I Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Search Extensions\Client.exe.vir"
sh=16068B8977B4DC562AE782D91BC009472667E331 ft=1 fh=c3b5a87b7d152749 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tobias_2\AppData\Local\Temp\OCS\ocs_v71a.exe.vir"
sh=9A4FCC5C1D00A5509DE12B8402EF754959D754F7 ft=0 fh=0000000000000000 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias\AppData\Local\Temp\6BF7.tmp"
sh=A20F28E74CD706977A86DCA1808198D28FFE7FCA ft=1 fh=a67d48d9397656de vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias\AppData\Local\Temp\DMR\dmr_72.exe"
sh=3C1E8D3DD1A61DE147926F8E94462C80FD550E8F ft=1 fh=1b50f6309e9a92d1 vn="Variante von Win32/Toolbar.SearchSuite.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias\AppData\Local\Temp\nsyA3BF.tmp\Helper.dll"
sh=5172B55DB1BD9D7C9943E5C8643609848EA79998 ft=1 fh=c71c00110e9b5324 vn="Variante von Win32/Soffer.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias\AppData\Local\Temp\nsyA3BF.tmp\soffer.dll"
sh=EAE2784C9115FE9CFA44A116B74E72C1BCCFA7F6 ft=1 fh=2e79e77116fe19c4 vn="Win32/WebDevAZ.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias\Downloads\MyPhoneExplorer_Setup_1.8.5.exe"
sh=982CBA880955552478FBC9A2E3743D7E44C053FC ft=1 fh=9dad3ccc7f2043ca vn="Win32/WebDevAZ.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias\Downloads\MyPhoneExplorer_Setup_v1.8.6.exe"
sh=AD05A8CEE821A5AEBDABE5FF621DDBA8609E4603 ft=1 fh=2543ee6478afc561 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias\Downloads\Simple Webcam Recorder - CHIP-Installer.exe"
sh=C1315CE980B9B356957A3F77AF6FC82CBBC8D6F0 ft=1 fh=497b94c0dd7c4759 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias\Downloads\VisiPics - CHIP-Installer.exe"
sh=5543317AB6CC3C84B018F7262CD7F6048CA22C4B ft=1 fh=1b57474b1411cddc vn="Win32/InstallMonetizer.AH evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias\Downloads\wichtige Downloads\MyPhoneExplorer_Setup_1.8.4.exe"
sh=69EA492B98825BE54EDECA800EC9C490E89A42F3 ft=1 fh=6b9e0dd6d2f542ba vn="Win32/InstallMonetizer.AZ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9DWMEEDJ\MyPhoneExplorer_v2_5185[2].exe"
sh=6AC3F1C0C0CC50584D184152673D0F3AFE77ED41 ft=1 fh=02b333feb221be9b vn="Win32/Somoto.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9DWMEEDJ\setup[1].exe"
sh=7028F239FAC673EE7DC7772ACC75D759EA73837D ft=1 fh=e769f095fe49f653 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9DWMEEDJ\spstub[1].exe"
sh=40CE0A58E99858007E5DCD0BB5BF6A122686A917 ft=1 fh=f92770b35775886c vn="Win32/Somoto.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9P8ACS3K\BiTool[1].dll"
sh=29531FF34ED520FDEF40B88D1C27B77D4064C1B7 ft=1 fh=6f280fcdcbb1a73e vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ODB6W858\OrbiterInstaller[1].exe"
sh=FB24FEA961DF1EC689422F05A8D80349A05F2857 ft=1 fh=bbfe88937d20f9ad vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ODB6W858\SPSetup[1].exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=563b7ffd29eb9f40b716daf60326b67a
# end=init
# utc_time=2015-10-11 02:43:27
# local_time=2015-10-11 04:43:27 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
Update Init
Update Download
Update Finalize
Updated modules version: 26183
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=563b7ffd29eb9f40b716daf60326b67a
# end=updated
# utc_time=2015-10-11 02:45:49
# local_time=2015-10-11 04:45:49 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=563b7ffd29eb9f40b716daf60326b67a
# engine=26183
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-10-11 05:38:34
# local_time=2015-10-11 07:38:34 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1=''
# compatibility_mode=5892 16776573 100 100 11773 282117842 0 0
# scanned=252737
# found=7
# cleaned=0
# scan_time=10363
sh=14309152E731BC4D86E3149DF6FD2FBE03557958 ft=1 fh=a19bc11331cd63d7 vn="Variante von MSIL/Adware.iBryte.I Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Search Extensions\Client.exe.vir"
sh=16068B8977B4DC562AE782D91BC009472667E331 ft=1 fh=c3b5a87b7d152749 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tobias_2\AppData\Local\Temp\OCS\ocs_v71a.exe.vir"
sh=EAE2784C9115FE9CFA44A116B74E72C1BCCFA7F6 ft=1 fh=2e79e77116fe19c4 vn="Win32/WebDevAZ.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias\Downloads\MyPhoneExplorer_Setup_1.8.5.exe"
sh=982CBA880955552478FBC9A2E3743D7E44C053FC ft=1 fh=9dad3ccc7f2043ca vn="Win32/WebDevAZ.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias\Downloads\MyPhoneExplorer_Setup_v1.8.6.exe"
sh=AD05A8CEE821A5AEBDABE5FF621DDBA8609E4603 ft=1 fh=2543ee6478afc561 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias\Downloads\Simple Webcam Recorder - CHIP-Installer.exe"
sh=C1315CE980B9B356957A3F77AF6FC82CBBC8D6F0 ft=1 fh=497b94c0dd7c4759 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias\Downloads\VisiPics - CHIP-Installer.exe"
sh=5543317AB6CC3C84B018F7262CD7F6048CA22C4B ft=1 fh=1b57474b1411cddc vn="Win32/InstallMonetizer.AH evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias\Downloads\wichtige Downloads\MyPhoneExplorer_Setup_1.8.4.exe"
Code:
ATTFilter Results of screen317's Security Check version 1.009
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java(TM) 6 Update 29
Java(TM) SE Runtime Environment 6
Java version 32-bit out of Date!
Adobe Flash Player 19.0.0.185
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (for.)
Mozilla Thunderbird 24.1.1 Thunderbird out of Date!
Google Chrome (45.0.2454.101)
Google Chrome (45.0.2454.99)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:11-10-2015 01
durchgeführt von Tobias_2 (Administrator) auf TOBI-PC (11-10-2015 20:33:36)
Gestartet von C:\Users\Tobias_2\Desktop
Geladene Profile: Tobias_2 (Verfügbare Profile: Tobias & Tobias_2 & Maike & Gast)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Sony Corporation) C:\Program Files\sony\VAIO Update 5\VAIOUpdt.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
(Sony Corporation) C:\Program Files\sony\VAIO Power Management\SPMgr.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4317184 2007-02-06] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [118784 2007-01-12] (Alps Electric Co., Ltd.)
HKLM\...\Run: [FreePDF Assistant] => C:\Program Files\FreePDF_XP\fpassist.exe [312320 2007-06-26] (shbox.de)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll [2007-02-13] (Sony Corporation)
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-02-08] (Google Inc.)
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\...\Run: [GoogleChromeAutoLaunch_08DA38D71141E6A5E0731FEFBF7BF14E] => C:\Program Files\Google\Chrome\Application\chrome.exe [815944 2015-09-24] (Google Inc.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\System32\vaiomov.scr [53248 2004-12-27] (Sony Corporation)
ShellIconOverlayIdentifiers: [ffeOverlayIconNeg] -> {0B8B6796-B56B-45D4-A016-09846E00FEA1} => C:\Program Files\apsec\fideAS file enterprise\Private Edtion\ffeOverlay.dll [2008-11-26] (Applied Security GmbH)
ShellIconOverlayIdentifiers: [ffeOverlayIconPos] -> {0B8B6796-B56B-45D4-A016-09846E00FEA0} => C:\Program Files\apsec\fideAS file enterprise\Private Edtion\ffeOverlay.dll [2008-11-26] (Applied Security GmbH)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{75150A78-C350-47D0-A029-3EEC5D8DD586}: [DhcpNameServer] 192.168.192.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://partnerpage.google.com/eu.sony.com/de
hxxp://www.club-vaio.com/vbc
SearchScopes: HKLM -> {47A69BFA-63EF-41C2-B09F-7F84F19B5FDF} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3051598103-94963199-2244021974-1005 -> {47A69BFA-63EF-41C2-B09F-7F84F19B5FDF} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22] (Adobe Systems Incorporated)
BHO: Ghostery Plugin -> {6BF739DD-3323-4C6A-975B-C7E00A50B154} -> C:\Program Files\Ghostery\bin\ghostery.dll [2015-01-23] (Ghostery, Inc.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-15] (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-3051598103-94963199-2244021974-1005 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} hxxp://static.ak.studivz.net/photouploader/ImageUploader4.cab?nocache=20071219-1
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} hxxp://static.ak.studivz.net/photouploader/ImageUploader5.cab?nocache=20080115-1
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2006-06-23] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default
FF DefaultSearchUrl: hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-21] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [Keine Datei]
FF Plugin: @divx.com/DivX Content Upload Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Content Uploader\npUpload.dll [Keine Datei]
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll [Keine Datei]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files\Picasa2\npPicasa2.dll [2008-08-21] (Google, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Picasa2\npPicasa3.dll [2010-06-03] (Google, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-11-15] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-18] (Google)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-11-15] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2007-09-06] (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2011-04-14] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012-06-20] (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\searchplugins\google-images.xml [2014-11-08]
FF SearchPlugin: C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\searchplugins\google-maps.xml [2014-11-08]
FF Extension: Cliqz Beta - C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\Extensions\cliqz@cliqz.com [2014-08-17]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2009-11-09]
FF HKLM\...\Firefox\Extensions: [{3112ca9c-de6d-4884-a869-9855de68056c}] - C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
FF Extension: Google Toolbar for Firefox - C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010-02-16]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-01-30]
FF HKU\S-1-5-21-3051598103-94963199-2244021974-1005\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\extensions\cliqz@cliqz.com
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-03-08]
Chrome:
=======
CHR Profile: C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-06]
CHR Extension: (Google Docs) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-06]
CHR Extension: (Google Drive) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-06]
CHR Extension: (YouTube) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-06]
CHR Extension: (Google-Suche) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-06]
CHR Extension: (Google Tabellen) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-06]
CHR Extension: (Avira Browserschutz) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-10-06]
CHR Extension: (Google Docs Offline) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-10-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-06]
CHR Extension: (Google Mail) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-06]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S3 AllShare; C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [6638080 2010-07-16] () [Datei ist nicht signiert]
S2 gupdate1ca4b172e6509a8; C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-03] (Google Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation) [Datei ist nicht signiert]
R2 MSSQL$VAIO_VEDB; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [28933976 2007-02-05] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2007-02-05] (Microsoft Corporation)
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe [57344 2006-12-14] () [Datei ist nicht signiert]
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [652800 2010-01-26] (Nokia) [Datei ist nicht signiert]
S3 SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe [112184 2007-01-24] (Sony Corporation)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation) [Datei ist nicht signiert]
S3 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe [75320 2007-01-24] (Sony Corporation)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2007-01-10] (Sony Corporation) [Datei ist nicht signiert]
R2 VAIO Event Service; C:\Program Files\sony\VAIO Event Service\VESMgr.exe [182392 2007-02-13] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe [2523136 2007-01-16] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-IntegratedServer-HTTP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-01-08] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-01-16] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-Mobile-Gateway; C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe [491520 2007-01-08] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-UCLS-AppServer; C:\Program Files\sony\VAIO Media Integrated Server\UCLS.exe [745472 2007-01-10] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-UCLS-HTTP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-01-08] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-UCLS-UPnP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-01-16] (Sony Corporation) [Datei ist nicht signiert]
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [274432 2006-11-28] (Sony Corporation) [Datei ist nicht signiert]
S3 VUAgent; C:\Program Files\sony\VAIO Update 5\VUAgent.exe [722288 2010-04-09] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [172032 2006-11-28] (Sony Corporation) [Datei ist nicht signiert]
R2 VzFw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [135168 2006-11-28] (Sony Corporation) [Datei ist nicht signiert]
R3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
S2 CLTNetCnService; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [45696 2008-01-19] (Microsoft Corporation)
R2 apsecf3; C:\Program Files\apsec\fideAS file enterprise\Private Edtion\vt\apsecf3.sys [77184 2008-12-12] (apsec) [Datei ist nicht signiert]
R3 eapihdrv; C:\Users\Tobias_2\AppData\Local\Temp\ehdrv.sys [135760 2015-10-11] (ESET)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25824 2010-05-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [812544 2007-04-23] (Texas Instruments)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\Users\Tobias_2\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-11 20:33 - 2015-10-11 20:33 - 00022019 _____ C:\Users\Tobias_2\Desktop\FRST.txt
2015-10-11 20:23 - 2015-10-11 20:23 - 00852720 _____ C:\Users\Tobias_2\Desktop\SecurityCheck.exe
2015-10-11 16:41 - 2015-10-11 16:41 - 02870984 _____ (ESET) C:\Users\Tobias_2\Desktop\esetsmartinstaller_deu.exe
2015-10-08 23:18 - 2015-10-08 23:20 - 00042704 _____ C:\Users\Tobias_2\Desktop\Addition.txt
2015-10-08 23:12 - 2015-10-11 20:33 - 00000000 ____D C:\Users\Tobias_2\Desktop\FRST-OlderVersion
2015-10-08 22:51 - 2015-10-08 22:51 - 00001875 _____ C:\Users\Tobias_2\Desktop\JRT.txt
2015-10-08 21:45 - 2015-10-08 21:45 - 01798976 _____ (Malwarebytes) C:\Users\Tobias_2\Desktop\JRT.exe
2015-10-08 21:42 - 2015-10-11 15:54 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-10-08 21:32 - 2015-10-08 21:32 - 01682432 _____ C:\Users\Tobias_2\Desktop\adwcleaner_5.012.exe
2015-10-07 20:41 - 2015-10-07 20:41 - 00020835 _____ C:\ComboFix.txt
2015-10-07 20:09 - 2015-10-07 20:41 - 00000000 ____D C:\Qoobox
2015-10-07 20:09 - 2015-10-07 20:41 - 00000000 ____D C:\ComboFix
2015-10-07 20:09 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-10-07 20:09 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-10-07 20:09 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-10-07 20:09 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-10-07 20:09 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-10-07 20:09 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-10-07 20:09 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-10-07 20:09 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-10-07 20:07 - 2015-10-07 20:39 - 00000000 ____D C:\Windows\erdnt
2015-10-07 19:45 - 2015-10-07 19:45 - 05635766 ____R (Swearware) C:\Users\Tobias_2\Desktop\ComboFix.exe
2015-10-06 21:34 - 2015-10-06 21:34 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Tobias_2\Desktop\tdsskiller.exe
2015-10-06 19:06 - 2015-10-06 20:42 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-06 19:03 - 2015-10-06 20:42 - 00000000 ____D C:\Users\Tobias_2\Desktop\mbar
2015-10-06 19:00 - 2015-10-06 19:01 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Tobias_2\Desktop\mbar-1.09.3.1001.exe
2015-10-05 19:52 - 2015-10-11 20:33 - 01699328 _____ (Farbar) C:\Users\Tobias_2\Desktop\FRST.exe
2015-10-04 14:44 - 2015-10-06 18:58 - 00001963 _____ C:\Users\Tobias_2\Desktop\Google Chrome.lnk
2015-10-04 10:16 - 2015-10-04 10:17 - 00039027 _____ C:\Users\Tobias\Desktop\Addition.txt
2015-10-04 10:13 - 2015-10-11 20:33 - 00000000 ____D C:\FRST
2015-10-04 10:13 - 2015-10-04 10:17 - 00048222 _____ C:\Users\Tobias\Desktop\FRST.txt
2015-10-04 10:05 - 2015-10-04 10:06 - 00000478 _____ C:\Users\Tobias\Desktop\defogger_disable.log
2015-10-04 10:05 - 2015-10-04 10:05 - 00000000 _____ C:\Users\Tobias_2\defogger_reenable
2015-10-04 09:55 - 2015-10-04 09:55 - 00380416 _____ C:\Users\Tobias\Desktop\Gmer-19357.exe
2015-10-04 09:53 - 2015-10-04 09:54 - 01697280 _____ (Farbar) C:\Users\Tobias\Desktop\FRST.exe
2015-10-04 09:52 - 2015-10-04 09:52 - 00050477 _____ C:\Users\Tobias\Desktop\Defogger.exe
2015-10-03 19:15 - 2015-10-03 19:15 - 02870984 _____ (ESET) C:\Users\Tobias\Downloads\esetsmartinstaller_deu (1).exe
2015-10-03 18:20 - 2015-10-08 21:22 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-03 18:19 - 2015-10-06 19:05 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-03 18:19 - 2015-10-03 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-10-03 18:19 - 2015-10-03 18:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-03 18:19 - 2015-10-03 18:19 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware
2015-10-03 18:19 - 2015-06-18 08:41 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-03 18:19 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-10-03 18:16 - 2015-10-03 18:17 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Tobias\Downloads\mbam-setup-2.1.8.1057.exe
2015-10-03 14:53 - 2015-01-29 03:35 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-10-03 14:52 - 2015-08-13 16:15 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-10-03 14:52 - 2015-08-13 16:15 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-10-03 14:51 - 2015-01-29 03:35 - 00975360 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-10-03 14:50 - 2015-07-21 22:55 - 01206192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-03 14:50 - 2015-07-21 18:07 - 03605440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-10-03 14:50 - 2015-07-21 18:07 - 03553216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-03 14:50 - 2015-07-21 18:07 - 00140224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2015-10-03 14:50 - 2015-07-21 18:07 - 00056256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-10-03 14:50 - 2015-07-21 18:03 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2015-10-03 14:50 - 2015-07-21 18:03 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-03 14:50 - 2015-07-21 18:03 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-10-03 14:49 - 2015-07-03 18:04 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-10-03 14:48 - 2015-09-02 23:26 - 01402368 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-10-03 14:48 - 2015-09-02 23:26 - 01253376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-10-03 14:46 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-10-03 14:46 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-10-03 14:46 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-10-03 14:45 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-10-03 14:44 - 2015-07-31 21:27 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-03 14:43 - 2014-06-16 00:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-10-03 14:43 - 2014-06-13 20:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-10-03 14:43 - 2014-06-13 20:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-10-03 14:42 - 2015-06-17 18:50 - 02264576 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-10-03 14:42 - 2015-06-17 17:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-10-03 14:42 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-10-03 14:42 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-10-03 14:42 - 2014-06-02 12:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-10-03 14:42 - 2014-06-02 10:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-10-03 14:41 - 2014-10-10 03:01 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-10-03 14:41 - 2014-10-10 03:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-03 14:41 - 2014-10-10 01:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-03 14:40 - 2014-12-19 02:25 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-10-03 14:39 - 2015-06-12 18:01 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-10-03 14:38 - 2015-04-24 17:54 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-10-03 14:37 - 2015-07-10 21:37 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-10-03 14:27 - 2015-03-05 04:32 - 00244152 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-10-03 14:27 - 2015-03-05 04:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-10-03 14:26 - 2014-10-24 03:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-10-03 14:25 - 2015-07-11 17:56 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-03 14:23 - 2014-11-26 04:05 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-10-03 14:22 - 2015-07-18 18:03 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-10-03 14:22 - 2015-01-09 02:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-03 14:21 - 2015-01-21 04:02 - 00807936 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-10-03 14:21 - 2014-08-12 04:25 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-10-03 14:19 - 2015-07-10 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-10-03 14:18 - 2015-09-02 23:26 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-10-03 14:18 - 2015-09-02 21:55 - 02067456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-10-03 14:18 - 2015-09-02 21:54 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-10-03 14:15 - 2015-08-05 17:59 - 00602112 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-10-03 14:14 - 2014-12-06 05:14 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-10-03 14:14 - 2014-12-06 05:14 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-10-03 14:14 - 2014-12-06 05:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-10-03 14:14 - 2014-10-03 03:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-10-03 14:14 - 2014-10-03 03:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-10-03 14:14 - 2014-10-03 03:17 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-10-03 14:14 - 2014-10-03 03:17 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-10-03 14:13 - 2014-08-27 02:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-10-03 14:12 - 2015-05-31 10:11 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-10-03 13:51 - 2015-07-31 23:46 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-10-03 13:51 - 2015-07-31 23:46 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-10-03 13:51 - 2015-07-31 23:46 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-10-03 13:51 - 2015-07-31 23:46 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-10-03 13:51 - 2015-07-31 22:41 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-10-03 13:51 - 2015-07-31 22:40 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-10-03 13:51 - 2015-07-31 22:35 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-10-03 13:51 - 2015-07-31 22:33 - 01072640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-10-03 13:51 - 2015-07-31 22:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-10-03 13:51 - 2015-04-11 01:22 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-10-03 13:49 - 2015-06-27 18:03 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-03 13:49 - 2015-06-27 18:02 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-03 13:49 - 2015-06-27 18:02 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-03 13:49 - 2015-06-27 18:01 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-10-03 13:49 - 2015-06-27 16:21 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-03 13:49 - 2015-06-27 16:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-03 13:49 - 2015-06-12 15:13 - 00440768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-03 13:49 - 2015-05-09 01:08 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-03 13:49 - 2015-04-30 18:03 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-03 13:49 - 2015-01-09 02:17 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-03 13:49 - 2014-10-10 03:00 - 01259008 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-03 13:49 - 2014-09-05 01:27 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2015-10-03 13:48 - 2015-07-01 17:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-10-03 13:48 - 2014-12-08 03:59 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-10-03 13:47 - 2015-07-09 16:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-10-03 13:47 - 2015-07-09 16:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-10-03 13:47 - 2015-05-05 00:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-10-03 13:46 - 2015-05-05 00:51 - 10628608 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-10-03 13:46 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-10-03 13:46 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-10-03 13:46 - 2015-05-04 23:21 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-10-03 13:45 - 2014-12-06 05:14 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-10-03 13:44 - 2014-06-06 10:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-10-03 13:43 - 2014-05-30 08:53 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-10-03 13:42 - 2014-06-14 02:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-10-03 13:42 - 2014-06-14 02:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-10-03 13:42 - 2014-04-26 18:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-10-03 13:42 - 2014-04-05 04:42 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-10-03 13:39 - 2015-08-17 19:12 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-03 13:38 - 2015-08-17 19:18 - 01814016 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-03 13:38 - 2015-08-17 19:17 - 12388352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-03 13:38 - 2015-08-17 19:14 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-03 13:38 - 2015-08-17 19:13 - 09751040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-03 13:38 - 2015-08-17 19:12 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-03 13:38 - 2015-08-17 19:11 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-03 13:38 - 2015-08-17 19:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-03 13:38 - 2015-08-17 19:10 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-10-03 13:38 - 2015-08-17 19:10 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-10-03 13:38 - 2015-08-17 19:09 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-23 20:07 - 2015-09-23 20:08 - 00010495 _____ C:\Users\Tobias\Downloads\Tobias_elster_23.09.2015_20.03.pfx
2015-09-20 22:58 - 2015-09-20 23:09 - 00000000 ____D C:\Users\Tobias\Downloads\Anna luth
2015-09-14 21:04 - 2015-09-14 21:04 - 00347816 _____ (Microsoft Corporation) C:\Users\Tobias\Downloads\MicrosoftFixit.wu.Run.exe
2015-09-13 12:57 - 2015-09-13 12:58 - 00852704 _____ C:\Users\Tobias\Downloads\SecurityCheck.exe
2015-09-13 10:55 - 2015-09-13 10:56 - 02870984 _____ (ESET) C:\Users\Tobias\Downloads\esetsmartinstaller_deu.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-11 20:02 - 2013-06-30 17:10 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-11 19:53 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-11 19:53 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-11 19:52 - 2009-10-12 10:51 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-11 19:26 - 2007-10-26 18:45 - 02094051 _____ C:\Windows\WindowsUpdate.log
2015-10-11 19:00 - 2012-03-29 18:50 - 00001142 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003UA.job
2015-10-11 19:00 - 2012-03-29 18:50 - 00001120 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003Core.job
2015-10-11 17:52 - 2009-10-12 10:51 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-11 16:07 - 2006-11-02 12:33 - 01601276 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-11 15:53 - 2011-01-02 13:22 - 00000000 ____D C:\Windows\system32\logishrd
2015-10-11 15:53 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-08 23:26 - 2008-04-18 15:22 - 00000012 _____ C:\Windows\bthservsdp.dat
2015-10-08 23:26 - 2006-11-02 15:01 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-08 21:41 - 2007-02-26 18:30 - 01072794 _____ C:\Windows\PFRO.log
2015-10-08 21:38 - 2015-02-22 20:00 - 00000000 ____D C:\AdwCleaner
2015-10-08 18:04 - 2011-08-12 18:16 - 00001052 _____ C:\Windows\Tasks\Google Software Updater.job
2015-10-07 20:41 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2015-10-07 20:36 - 2006-11-02 12:23 - 00000215 _____ C:\Windows\system.ini
2015-10-05 11:37 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2015-10-04 20:22 - 2015-07-26 16:16 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Spotify
2015-10-04 14:44 - 2009-11-09 17:21 - 00000000 ____D C:\Users\Tobias_2\AppData\Local\Google
2015-10-04 10:05 - 2009-11-09 17:21 - 00000000 ____D C:\Users\Tobias_2
2015-10-03 15:51 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2015-10-03 15:46 - 2007-02-26 18:10 - 00000000 ____D C:\Program Files\Microsoft.NET
2015-10-03 15:33 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2015-10-03 15:15 - 2006-11-02 14:47 - 00385216 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-03 15:09 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2015-10-03 15:09 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2015-10-03 14:12 - 2014-04-03 21:49 - 00000000 ____D C:\Windows\system32\MRT
2015-10-03 11:33 - 2014-02-06 19:23 - 00000000 ____D C:\Users\Tobias\Desktop\Bilder Tisch Verkaufsliste
2015-10-03 11:21 - 2014-12-15 10:09 - 00000000 ____D C:\Users\Tobias\Desktop\Faulhaber
2015-10-03 11:19 - 2015-04-25 14:33 - 00000000 ____D C:\Users\Tobias\AppData\Local\CrashDumps
2015-10-03 08:43 - 2011-11-03 16:13 - 00000000 ____D C:\Users\Tobias\AppData\Local\.elfohilfe
2015-09-27 09:05 - 2015-02-08 20:45 - 00000000 ____D C:\Users\Tobias\Desktop\Tor Browser
2015-09-21 21:04 - 2013-03-23 12:15 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-09-21 21:04 - 2011-10-16 02:25 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-09-21 20:34 - 2006-11-02 14:52 - 00149663 _____ C:\Windows\setupact.log
2015-09-12 18:21 - 2007-10-26 18:12 - 00000000 ____D C:\Users\Tobias\AppData\Local\Google
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2008-07-15 18:52 - 2008-07-15 18:52 - 0000032 _____ () C:\ProgramData\ezsid.dat
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\ezsid.dat
Einige Dateien in TEMP:
====================
C:\Users\Tobias_2\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-11 16:50
==================== Ende vom FRST.txt ============================
|
|
12.10.2015, 17:42
| #14 |
| /// the machine /// TB-Ausbilder | Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\Tobias\AppData\Local\Temp\6BF7.tmp
C:\Users\Tobias\AppData\Local\Temp\DMR\dmr_72.exe
C:\Users\Tobias\AppData\Local\Temp\nsyA3BF.tmp\Helper.dll
C:\Users\Tobias\AppData\Local\Temp\nsyA3BF.tmp\soffer.dll
C:\Users\Tobias\Downloads\MyPhoneExplorer_Setup_1.8.5.exe
C:\Users\Tobias\Downloads\MyPhoneExplorer_Setup_v1.8.6.exe
C:\Users\Tobias\Downloads\Simple Webcam Recorder - CHIP-Installer.exe
C:\Users\Tobias\Downloads\VisiPics - CHIP-Installer.exe
C:\Users\Tobias\Downloads\wichtige Downloads\MyPhoneExplorer_Setup_1.8.4.exe
C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9DWMEEDJ\MyPhoneExplorer_v2_5185[2].exe
C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9DWMEEDJ\setup[1].exe
C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9DWMEEDJ\spstub[1].exe
C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9P8ACS3K\BiTool[1].dll
C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ODB6W858\OrbiterInstaller[1].exe
C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ODB6W858\SPSetup[1].exe
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Java, Adobe und Thunderbird updaten. Downloadverhalten überdenken: CHIP-Installer - was ist das? - Anleitungen Es kann sein dass das Benutzerkonto einfach kaputt ist. Bitte Windows Repair laufen lassen: Windows reparieren - so geht's - Anleitungen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.10.2015, 19:36
| #15 |
| | Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-ScanCode:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x86) Version:11-10-2015 02
durchgeführt von Tobias_2 (2015-10-12 20:24:31) Run:1
Gestartet von C:\Users\Tobias_2\Desktop
Geladene Profile: Tobias_2 (Verfügbare Profile: Tobias & Tobias_2 & Maike & Gast)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
C:\Users\Tobias\AppData\Local\Temp\6BF7.tmp
C:\Users\Tobias\AppData\Local\Temp\DMR\dmr_72.exe
C:\Users\Tobias\AppData\Local\Temp\nsyA3BF.tmp\Helper.dll
C:\Users\Tobias\AppData\Local\Temp\nsyA3BF.tmp\soffer.dll
C:\Users\Tobias\Downloads\MyPhoneExplorer_Setup_1.8.5.exe
C:\Users\Tobias\Downloads\MyPhoneExplorer_Setup_v1.8.6.exe
C:\Users\Tobias\Downloads\Simple Webcam Recorder - CHIP-Installer.exe
C:\Users\Tobias\Downloads\VisiPics - CHIP-Installer.exe
C:\Users\Tobias\Downloads\wichtige Downloads\MyPhoneExplorer_Setup_1.8.4.exe
C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9DWMEEDJ\MyPhoneExplorer_v2_5185[2].exe
C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9DWMEEDJ\setup[1].exe
C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9DWMEEDJ\spstub[1].exe
C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9P8ACS3K\BiTool[1].dll
C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ODB6W858\OrbiterInstaller[1].exe
C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ODB6W858\SPSetup[1].exe
Emptytemp:
*****************
"C:\Users\Tobias\AppData\Local\Temp\6BF7.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Tobias\AppData\Local\Temp\DMR\dmr_72.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Tobias\AppData\Local\Temp\nsyA3BF.tmp\Helper.dll" => Datei/Ordner nicht gefunden.
"C:\Users\Tobias\AppData\Local\Temp\nsyA3BF.tmp\soffer.dll" => Datei/Ordner nicht gefunden.
C:\Users\Tobias\Downloads\MyPhoneExplorer_Setup_1.8.5.exe => erfolgreich verschoben
C:\Users\Tobias\Downloads\MyPhoneExplorer_Setup_v1.8.6.exe => erfolgreich verschoben
C:\Users\Tobias\Downloads\Simple Webcam Recorder - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\Tobias\Downloads\VisiPics - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\Tobias\Downloads\wichtige Downloads\MyPhoneExplorer_Setup_1.8.4.exe => erfolgreich verschoben
"C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9DWMEEDJ\MyPhoneExplorer_v2_5185[2].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9DWMEEDJ\setup[1].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9DWMEEDJ\spstub[1].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9P8ACS3K\BiTool[1].dll" => Datei/Ordner nicht gefunden.
"C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ODB6W858\OrbiterInstaller[1].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ODB6W858\SPSetup[1].exe" => Datei/Ordner nicht gefunden.
EmptyTemp: => 356.3 MB temporäre Dateien entfernt.
Das System musste neu gestartet werden.
==== Ende vom Fixlog 20:25:59 ====
|
|
| Themen zu Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan |
| administrator, dateien, desktop, direkt, ergebnis, eset, files, gmer, infizierte, infos, klick, komplett, log, neue, neuen, neustart, nicht mehr, problem, rechner, scan, starten, taskleiste, vista, windows, windows vista |
WARNUNG an die MITLESER: 
Linear-Darstellung
