Trojaner-Board - Virus "System Error. Hard disk failure detected"

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - Virus "System Error. Hard disk failure detected" (https://www.trojaner-board.de/114893-virus-system-error-hard-disk-failure-detected.html)

Jami87

07.05.2012 18:11

Virus "System Error. Hard disk failure detected"

Hallo,

ich hoffe mir kann jemand helfen? Die oben genannte Fehlermeldung steht bei mir sowie x-viele andere und ich bin gerade am Verzweifeln...
Kann dadurch was mit meinen Dateien passieren?!?

Die genannten Schritte habe ich ausgeführt...

Jetzt finde ich die Dateien nicht mehr... Bin ich echt so blöd? Ou man... Ich versuche es gleich nochmal :-(

So, anbei die beiden ersten Dateien und hier noch der Inhalt der GMER-Datei...

Hab ich das jetzt so in etwa richtig gemacht?!?

GMER Logfile:

Code:

GMER 1.0.15.15641 - hxxp://www.gmer.net

Rootkit scan 2012-05-07 20:37:09

Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 FUJITSU_ rev.0000

Running: grx5cy7z.exe; Driver: C:\Users\JAMIE-~1\AppData\Local\Temp\fwtdipob.sys

 

 

---- System - GMER 1.0.15 ----

 

SSDT            90ED0326                                                                                                 ZwCreateSection

SSDT            90ED0330                                                                                                 ZwRequestWaitReplyPort

SSDT            90ED032B                                                                                                 ZwSetContextThread

SSDT            90ED0335                                                                                                 ZwSetSecurityObject

SSDT            90ED033A                                                                                                 ZwSystemDebugControl

SSDT            90ED02C7                                                                                                 ZwTerminateProcess

 

---- Kernel code sections - GMER 1.0.15 ----

 

.text           ntkrnlpa.exe!KeSetEvent + 215                                                                            83EBE998 4 Bytes  [26, 03, ED, 90]

.text           ntkrnlpa.exe!KeSetEvent + 539                                                                            83EBECBC 4 Bytes  [30, 03, ED, 90] {XOR [EBX], AL; IN EAX, DX; NOP }

.text           ntkrnlpa.exe!KeSetEvent + 56D                                                                            83EBECF0 4 Bytes  [2B, 03, ED, 90] {SUB EAX, [EBX]; IN EAX, DX; NOP }

.text           ntkrnlpa.exe!KeSetEvent + 5D1                                                                            83EBED54 4 Bytes  [35, 03, ED, 90]

.text           ntkrnlpa.exe!KeSetEvent + 619                                                                            83EBED9C 4 Bytes  [3A, 03, ED, 90] {CMP AL, [EBX]; IN EAX, DX; NOP }

.text           ...                                                                                                      

.text           C:\Windows\system32\DRIVERS\nvlddmkm.sys                                                                 section is writeable [0x8E404340, 0x39C277, 0xE8000020]

?               C:\Users\JAMIE-~1\AppData\Local\Temp\mbr.sys                                                             Das System kann die angegebene Datei nicht finden. !

 

---- User code sections - GMER 1.0.15 ----

 

.text           C:\Program Files\Mozilla Firefox\firefox.exe[1164] ntdll.dll!LdrLoadDll                                  776F9378 5 Bytes  JMP 5DCDC930 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

.text           C:\Program Files\Mozilla Firefox\firefox.exe[1164] kernel32.dll!MapViewOfFile                            77426B10 5 Bytes  JMP 5DF0E083 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

.text           C:\Program Files\Mozilla Firefox\firefox.exe[1164] kernel32.dll!VirtualAlloc                             7742AF75 5 Bytes  JMP 5DF0E0AA C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

.text           C:\Program Files\Mozilla Firefox\firefox.exe[1164] GDI32.dll!CreateDIBSection                            77657461 3 Bytes  JMP 5DF0E00D C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

.text           C:\Program Files\Mozilla Firefox\firefox.exe[1164] GDI32.dll!CreateDIBSection + 4                        77657465 1 Byte  [E6]

.text           C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe[2608] USER32.dll!InSendMessageEx + 4C9           771DE7C8 7 Bytes  JMP 10053940 C:\Program Files\Sony\Sony PC Companion\NewUI.dll (New UI/Avanquest Software)

.text           C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe[2608] USER32.dll!CreateIconFromResourceEx + 340  771E0E45 7 Bytes  JMP 100537F0 C:\Program Files\Sony\Sony PC Companion\NewUI.dll (New UI/Avanquest Software)

.text           C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe[2608] USER32.dll!DdeQueryStringW + 5CE           771FFA2D 7 Bytes  JMP 10053920 C:\Program Files\Sony\Sony PC Companion\NewUI.dll (New UI/Avanquest Software)

.text           C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe[2608] USER32.dll!MessageBoxIndirectA + F5        7722D5CE 7 Bytes  JMP 10053990 C:\Program Files\Sony\Sony PC Companion\NewUI.dll (New UI/Avanquest Software)

.text           C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe[2608] USER32.dll!MessageBoxIndirectW + 61        7722D634 7 Bytes  JMP 10053A60 C:\Program Files\Sony\Sony PC Companion\NewUI.dll (New UI/Avanquest Software)

.text           C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe[2608] USER32.dll!MessageBoxExA + 1F              7722D658 7 Bytes  JMP 10053A10 C:\Program Files\Sony\Sony PC Companion\NewUI.dll (New UI/Avanquest Software)

.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[4604] USER32.dll!SetWindowLongA                    771DE7CD 5 Bytes  JMP 5E065EE6 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[4604] USER32.dll!SetWindowLongW                    771E13B4 5 Bytes  JMP 5E065E78 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[4604] USER32.dll!GetWindowInfo                     771E428E 5 Bytes  JMP 5DE54822 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[4604] USER32.dll!TrackPopupMenu                    771F14F3 5 Bytes  JMP 5DE54DD6 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

 

---- Devices - GMER 1.0.15 ----

 

AttachedDevice  \Driver\volsnap \Device\HarddiskVolumeShadowCopy2                                                        NBVolUp.sys (Nero Backup Volume Upper Filter Driver for the Disk Stack/Nero AG)

AttachedDevice  \Driver\volsnap \Device\HarddiskVolumeShadowCopy3                                                        NBVolUp.sys (Nero Backup Volume Upper Filter Driver for the Disk Stack/Nero AG)

AttachedDevice  \Driver\volsnap \Device\HarddiskVolumeShadowCopy4                                                        NBVolUp.sys (Nero Backup Volume Upper Filter Driver for the Disk Stack/Nero AG)

AttachedDevice  \Driver\volsnap \Device\HarddiskVolumeShadowCopy7                                                        NBVolUp.sys (Nero Backup Volume Upper Filter Driver for the Disk Stack/Nero AG)

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume1                                                                   NBVol.sys (Nero Backup Volume Filter Driver for the Disk Stack/Nero AG)

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume2                                                                   NBVol.sys (Nero Backup Volume Filter Driver for the Disk Stack/Nero AG)

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume3                                                                   NBVol.sys (Nero Backup Volume Filter Driver for the Disk Stack/Nero AG)

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume4                                                                   NBVol.sys (Nero Backup Volume Filter Driver for the Disk Stack/Nero AG)

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume5                                                                   NBVol.sys (Nero Backup Volume Filter Driver for the Disk Stack/Nero AG)

 

---- Registry - GMER 1.0.15 ----

 

Reg             HKLM\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\0019c1ea12d4 (not active ControlSet)          

Reg             HKLM\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\001bfb1b0716 (not active ControlSet)          

Reg             HKLM\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\001bfb8cb00a (not active ControlSet)          

Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0019c1ea12d4                              

Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001bfb1b0716                              

Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001bfb8cb00a                              

Reg             HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\0019c1ea12d4 (not active ControlSet)          

Reg             HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\001bfb1b0716 (not active ControlSet)          

Reg             HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\001bfb8cb00a (not active ControlSet)          

 

---- Files - GMER 1.0.15 ----

 

File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS06648.log                                   131072 bytes

File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS06649.log                                   131072 bytes

 

---- EOF - GMER 1.0.15 ----

--- --- ---

So, habe jetzt noch das Malware-Programm durchlaufen lassen - kann man die Funde einfach löschen?!?

Anbei die Logdatei...

Ist das alles richtig so? Habe Angst, dass ich noch mehr Schaden anrichte?!?

cosinus

08.05.2012 13:02

Bitte erstmal routinemäßig einen Vollscan mit malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

hier steht das Log

Jami87

08.05.2012 20:57

Mh... Also das mit den Malwarebytes hatte ich ja eigentlich schon gemacht?!? Oder war das so nicht richtig?

Also bei mir läuft der Scan mit "Malwarebytes" nund schon über 2 Stunden und ich falle gleich vom Stuhl vor Müdigkeit...
Oder hätte auch der Quick Scan nochmal gereicht? (Obwohl ich den ja schon gemacht habe?)

So, da mal die Datei von Malwarebytes:

Code:

Malwarebytes Anti-Malware (Test) 1.61.0.1400

www.malwarebytes.org
 

Datenbank Version: v2012.05.08.08
 

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 7.0.6002.18005

Jamie-Anthony :: TEDDYBÄR [Administrator]
 

Schutz: Aktiviert
 

08.05.2012 20:55:10

mbam-log-2012-05-08 (20-55-10).txt
 

Art des Suchlaufs: Vollständiger Suchlauf

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 449605

Laufzeit: 3 Stunde(n), 10 Minute(n), 33 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 1

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Uncompressor (PUP.Adware.InstallCore) -> Erfolgreich gelöscht und in Quarantäne gestellt.
 

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 1

C:\Program Files\Uncompressor\Uninstall\Uninstall.exe (PUP.Adware.InstallCore) -> Erfolgreich gelöscht und in Quarantäne gestellt.
 

(Ende)

Zitat:

Zitat von Jami87 (Beitrag 826926)

Code:

Malwarebytes Anti-Malware (Test) 1.61.0.1400

www.malwarebytes.org
 

Datenbank Version: v2012.05.08.08
 

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 7.0.6002.18005

Jamie-Anthony :: TEDDYBÄR [Administrator]
 

Schutz: Aktiviert
 

08.05.2012 20:55:10

mbam-log-2012-05-08 (20-55-10).txt
 

Art des Suchlaufs: Vollständiger Suchlauf

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 449605

Laufzeit: 3 Stunde(n), 10 Minute(n), 33 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 1

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Uncompressor (PUP.Adware.InstallCore) -> Erfolgreich gelöscht und in Quarantäne gestellt.
 

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 1

C:\Program Files\Uncompressor\Uninstall\Uninstall.exe (PUP.Adware.InstallCore) -> Erfolgreich gelöscht und in Quarantäne gestellt.
 

(Ende)

So, und nun noch das vom ESET:

Code:

 ESETSmartInstaller@High as downloader log:

all ok

ESETSmartInstaller@High as downloader log:

all ok

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=3d83703d8e9a2b42adc31e9054d2558f

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2012-05-09 08:46:07

# local_time=2012-05-09 10:46:07 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1033

# osver=6.0.6002 NT Service Pack 2

# compatibility_mode=768 16777215 100 0 125694743 125694743 0 0

# compatibility_mode=1792 16777215 100 0 1128022 1128022 0 0

# compatibility_mode=5892 16776573 100 100 154443 174075447 0 0

# compatibility_mode=8192 67108863 100 0 39669 39669 0 0

# scanned=251245

# found=11

# cleaned=0

# scan_time=10448

C:\Users\Jamie-Anthony\AppData\Local\Temp\FreemakeVideoConverter_3.0.1.3.exe        Win32/Toolbar.Zugo application (unable to clean)        00000000000000000000000000000000        I

C:\Users\Jamie-Anthony\AppData\Local\Temp\ICReinstall\Facemoods.exe        probably a variant of Win32/InstallCore.A application (unable to clean)        00000000000000000000000000000000        I

C:\Users\Jamie-Anthony\AppData\Local\Temp\is1293846689\MyBabylonTB.exe        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I

C:\Users\Jamie-Anthony\Downloads\Facemoods(1).exe        probably a variant of Win32/InstallCore.A application (unable to clean)        00000000000000000000000000000000        I

C:\Users\Jamie-Anthony\Downloads\Facemoods.exe        probably a variant of Win32/InstallCore.A application (unable to clean)        00000000000000000000000000000000        I

C:\Users\Jamie-Anthony\Downloads\Setup19_FreeConverter.exe        Win32/Toolbar.Widgi application (unable to clean)        00000000000000000000000000000000        I

C:\Users\Jamie-Anthony\Downloads\Setup_FreeFlvConverter(2).exe        Win32/Toolbar.Widgi application (unable to clean)        00000000000000000000000000000000        I

C:\Users\Jamie-Anthony\Downloads\Setup_FreeFlvConverter(3).exe        Win32/Toolbar.Widgi application (unable to clean)        00000000000000000000000000000000        I

C:\Users\Jamie-Anthony\Downloads\Setup_FreeFlvConverter(4).exe        Win32/Toolbar.Widgi application (unable to clean)        00000000000000000000000000000000        I

C:\Users\Jamie-Anthony\Downloads\Setup_FreeFlvConverter.exe        Win32/Toolbar.Widgi application (unable to clean)        00000000000000000000000000000000        I

C:\Users\Jamie-Anthony\Downloads\vlc-1.1.6-win32.exe        Win32/StartPage.OIE trojan (unable to clean)        00000000000000000000000000000000        I

Was kann ich nun noch tun?!?
Und wie kann ich den Hintergrund auf meinen Desktop bzw. die Programmanzeige unter dem Startmenü wieder herstellen?

Vielen Dank für eure Mühe...

cosinus

11.05.2012 10:03

Du hast aber vorher mit Malwarebytes nur einen Quickscan gemacht!
Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

Jami87

11.05.2012 16:15

Ok, alles klar wegen dem Quickscan...

Also an sich geht alles soweit...
Allerdings ist eben der Hintergrund schwarz und die Symbole auf dem Desktop waren alle weg - mittlerweile sind sie aber wieder da (habe das mit dem - irgendein Wort mit h?!? - weiß nicht mehr wie es heißt - versucht... Weiß nicht, ob deswegen etwas wieder da ist?)

Und das Startmenü ist eben auch weg... Ja... :-( Also da steht nur noch "alle Programme" und darunter ist glaube ich alles da - kann ich nur nicht so gut einschätzen, weil ich sogut wie nie über diesen Weg Ordner geöffnet habe... Geht aber soweit alles auf...

Ansonten geht auch alles - also ich gehe dann immer über den Explorer, um die Programme zu starten, die ich sonst über das Startmenü aufrufe...

Habe gerade nochmal geschaut... "Unhide" hieß das eine, womit ich eventl. wieder paar Symbole hergestellt habe... Wenn es denn daran lag...

cosinus

11.05.2012 20:26

Ja unhide ist das Tool für den Fall der Fälle wenn ich nicht sicher bin ob bei dir nun alles angezeigt wird oder nicht
Das hat NICHTS mit Schlosssymbolen auf den Ordnern die du nicht öffnen kannst zu tun (falls du fragst :D )

Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Vista und 7 User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

Jami87

12.05.2012 09:11

Also ich hatte unhide doch schon installiert und auch ausgeführt?!? Ist aber nichts weiter passiert, außer dass die Symbole auf dem Desktop wieder sichtbar waren (weiß abr auch nicht, ob das wirklich davon kam)...

Wenn ich unhide öffne, kommt nur das schwarze Fenster und dann passiert nichts mehr?!?

Und: Wie bekomme ich den Virus denn jetzt weg?!? Habe Angst, dass meine Daten die ganze Zeit geklaut werden, etc.?!?

Also immerhin wurden ja 12 Funde auffindig gemacht?!?

cosinus

12.05.2012 20:21

Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

hier steht das Log

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die http://billy-oneal.com/Canned%20Spee.../customFix.png Textbox von OTL - wenn OTL auf deutsch ist wird sie mit http://larusso.trojaner-board.de/Images/otlfix.jpg beschriftet

Code:

netsvcs

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.exe

/md5start

wininit.exe

userinit.exe

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

ws2ifsl.sys

sceclt.dll

ntelogon.dll

winlogon.exe

logevent.dll

user32.DLL

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

/md5stop

%systemroot%\system32\drivers\*.sys /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf http://billy-oneal.com/Canned%20Spee.../OTL/btnOK.png.
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Jami87

13.05.2012 10:01

So, hier die OTL in mehreren Teilen - in einem hat es leider nicht rein gepasst...

Code:

OTL logfile created on: 13.05.2012 09:57:32 - Run 4

OTL by OldTimer - Version 3.2.42.3     Folder = c:\Users\Jamie-Anthony\Downloads

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6002.18005)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,00 Gb Total Physical Memory | 0,57 Gb Available Physical Memory | 28,47% Memory free

4,23 Gb Paging File | 2,48 Gb Available in Paging File | 58,61% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 176,24 Gb Total Space | 18,41 Gb Free Space | 10,44% Space Free | Partition Type: NTFS

 

Computer Name: TEDDYBÄR | User Name: Jamie-Anthony | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Windows\Installer\MSI207E.tmp (Microsoft Corporation)

PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

PRC - C:\program files\avira\antivir desktop\ipmGui.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

PRC - c:\Users\Jamie-Anthony\Downloads\OTL.exe (OldTimer Tools)

PRC - C:\Windows\SoftwareDistribution\Download\Install\Silverlight.exe (Microsoft Corporation)

PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

PRC - c:\85d803f3aac8145630d2d3933ef1\install.exe (Microsoft Corporation)

PRC - C:\Program Files\Microsoft Silverlight\4.1.10329.0\coregen.exe (Microsoft Corporation)

PRC - C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)

PRC - C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe ()

PRC - C:\Program Files\Ask.com\Updater\Updater.exe (Ask)

PRC - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (Freemake)

PRC - C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)

PRC - C:\Program Files\Lexmark S300-S400 Series\ezprint.exe ()

PRC - C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe ()

PRC - C:\Windows\System32\lxeacoms.exe ( )

PRC - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe (DisplayLink Corp.)

PRC - C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe (DisplayLink Corp.)

PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)

PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)

PRC - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)

PRC - C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)

PRC - C:\Program Files\Sony\VCM Manager Setting\VcmMgrNotification.exe (Sony Corporation)

PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)

PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe (Broadcom Corporation.)

PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

PRC - C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe (Sony Corporation)

PRC - C:\Windows\System32\stacsv.exe (SigmaTel, Inc.)

PRC - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)

PRC - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe ()

PRC - C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)

PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)

 

 
 ========== Modules (No Company Name) ==========

 

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\09b9cd1c630210237b5b46d9943e1946\System.Windows.Forms.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\61759b9905aed9a87347d04b5fad046b\System.Drawing.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d9f0f1dc8cbdb81f1ba122d77a6ab710\System.Xml.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c50133cb67d7c013fa31e1ffb942060b\System.ni.dll ()

MOD - C:\Program Files\Sony\Sony PC Companion\PhoneUpdate.dll ()

MOD - C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe ()

MOD - C:\Program Files\Sony\Sony PC Companion\MExplorer.dll ()

MOD - C:\Program Files\Sony\Sony PC Companion\sqlite3.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll ()

MOD - C:\Program Files\Sony\Sony PC Companion\Report.dll ()

MOD - C:\Program Files\Sony\Sony PC Companion\TMonitorAPI.dll ()

MOD - C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll ()

MOD - C:\Windows\assembly\GAC\Interop.SHDocVw\1.1.0.0__4b827ebe229d539f\Interop.SHDocVw.dll ()

MOD - C:\Windows\assembly\GAC_32\Asz.Citavi.IEPicker\1.0.0.0__f59eabe05cc67589\Asz.Citavi.IEPicker.dll ()

MOD - C:\Program Files\Lexmark S300-S400 Series\ezprint.exe ()

MOD - C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe ()

MOD - C:\Program Files\Sony\Sony PC Companion\VObject.dll ()

MOD - C:\Program Files\Lexmark S300-S400 Series\lxeaDRS.dll ()

MOD - C:\Program Files\Lexmark S300-S400 Series\lxeascw.dll ()

MOD - C:\Program Files\Lexmark S300-S400 Series\EPOEMDll.dll ()

MOD - C:\Program Files\Lexmark S300-S400 Series\epstring.dll ()

MOD - C:\Program Files\Lexmark S300-S400 Series\EPWizRes.dll ()

MOD - C:\Windows\System32\spool\drivers\w32x86\3\lxeadatr.dll ()

MOD - C:\Windows\System32\LXEAsmr.dll ()

MOD - C:\Program Files\Lexmark S300-S400 Series\iptk.dll ()

MOD - C:\Program Files\Lexmark S300-S400 Series\Epwizard.DLL ()

MOD - C:\Program Files\Lexmark S300-S400 Series\customui.dll ()

MOD - C:\Program Files\Lexmark S300-S400 Series\Epfunct.DLL ()

MOD - C:\Program Files\Lexmark S300-S400 Series\Eputil.DLL ()

MOD - C:\Program Files\Lexmark S300-S400 Series\Imagutil.DLL ()

MOD - C:\Program Files\Lexmark S300-S400 Series\lxeacaps.dll ()

MOD - C:\Program Files\Lexmark S300-S400 Series\lxeaptp.dll ()

MOD - C:\Windows\System32\LXEAsm.dll ()

MOD - C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll ()

MOD - C:\Windows\System32\btwhidcs.dll ()

MOD - C:\Program Files\LitexMedia\All To WMA Converter\WMAShellExt.dll ()

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - (CLTNetCnService) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon File not found

SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirWebService) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)

SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

SRV - (Sony PC Companion) -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe (Avanquest Software)

SRV - (Freemake Improver) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (Freemake)

SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)

SRV - (lxea_device) -- C:\Windows\System32\lxeacoms.exe ( )

SRV - (lxeaCATSCustConnectService) -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxeaserv.exe ()

SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)

SRV - (OMSI download service) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()

SRV - (DisplayLinkService) -- C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe (DisplayLink Corp.)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)

SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)

SRV - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe (Sony Corporation)

SRV - (VzFw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)

SRV - (VzCdbSvc) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)

SRV - (VAIO Event Service) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)

SRV - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)

SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)

SRV - (Vcsw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-UCLS-UPnP) VAIO Media Content Collection (UPnP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-UCLS-HTTP) VAIO Media Content Collection (HTTP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)

SRV - (STacSV) -- C:\Windows\System32\stacsv.exe (SigmaTel, Inc.)

SRV - (EPSON_PM_RPCV4_01) EPSON V3 Service4(01) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)

SRV - (VAIOMediaPlatform-UCLS-AppServer) -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe (Sony Corporation)

SRV - (AdobeActiveFileMonitor5.0) -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe ()

SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)

SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)

SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe ()

SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)

SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found

DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found

DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found

DRV - (dsltestSp5) -- System32\Drivers\dsltestSp5.sys File not found

DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found

DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)

DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)

DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)

DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)

DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)

DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)

DRV - (NBVol) -- C:\Windows\System32\drivers\NBVol.sys (Nero AG)

DRV - (NBVolUp) -- C:\Windows\System32\drivers\NBVolUp.sys (Nero AG)

DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)

DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)

DRV - (LVUVC) Logitech Webcam 200(UVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)

DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)

DRV - (lvpopflt) -- C:\Windows\System32\drivers\lvpopflt.sys (Logitech Inc.)

DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()

DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)

DRV - (s0017mdm) -- C:\Windows\System32\drivers\s0017mdm.sys (MCCI Corporation)

DRV - (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM) -- C:\Windows\System32\drivers\s0017unic.sys (MCCI Corporation)

DRV - (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s0017mgmt.sys (MCCI Corporation)

DRV - (s0017obex) -- C:\Windows\System32\drivers\s0017obex.sys (MCCI Corporation)

DRV - (s0017bus) Sony Ericsson Device 0017 driver (WDM) -- C:\Windows\System32\drivers\s0017bus.sys (MCCI Corporation)

DRV - (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS) -- C:\Windows\System32\drivers\s0017nd5.sys (MCCI Corporation)

DRV - (s0017mdfl) -- C:\Windows\System32\drivers\s0017mdfl.sys (MCCI Corporation)

DRV - (dlkmd) -- C:\Windows\System32\drivers\dlkmd.sys (DisplayLink Corp.)

DRV - (dlkmdldr) -- C:\Windows\System32\drivers\dlkmdldr.sys (DisplayLink Corp.)

DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)

DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)

DRV - (s3017unic) Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM) -- C:\Windows\System32\drivers\s3017unic.sys (MCCI Corporation)

DRV - (s3017obex) -- C:\Windows\System32\drivers\s3017obex.sys (MCCI Corporation)

DRV - (s3017mgmt) Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s3017mgmt.sys (MCCI Corporation)

DRV - (s3017nd5) Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS) -- C:\Windows\System32\drivers\s3017nd5.sys (MCCI Corporation)

DRV - (s3017mdm) -- C:\Windows\System32\drivers\s3017mdm.sys (MCCI Corporation)

DRV - (s3017mdfl) -- C:\Windows\System32\drivers\s3017mdfl.sys (MCCI Corporation)

DRV - (s3017bus) Sony Ericsson Device 3017 driver (WDM) -- C:\Windows\System32\drivers\s3017bus.sys (MCCI Corporation)

DRV - (StkTMini) -- C:\Windows\System32\drivers\StkTMini.sys (Syntek)

DRV - (NETw4v32) Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)

DRV - (R5U870FLx86) -- C:\Windows\System32\drivers\R5U870FLx86.sys (Ricoh)

DRV - (R5U870FUx86) -- C:\Windows\System32\drivers\R5U870FUx86.sys (Ricoh)

DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation)

DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (SigmaTel, Inc.)

DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)

DRV - (ti21sony) -- C:\Windows\System32\drivers\ti21sony.sys (Texas Instruments)

DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)

DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo)

DRV - (s116unic) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM) -- C:\Windows\System32\drivers\s116unic.sys (MCCI Corporation)

DRV - (s116obex) -- C:\Windows\System32\drivers\s116obex.sys (MCCI Corporation)

DRV - (s116nd5) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS) -- C:\Windows\System32\drivers\s116nd5.sys (MCCI Corporation)

DRV - (s116mgmt) Sony Ericsson Device 116  USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s116mgmt.sys (MCCI Corporation)

DRV - (s116mdm) -- C:\Windows\System32\drivers\s116mdm.sys (MCCI Corporation)

DRV - (s116mdfl) -- C:\Windows\System32\drivers\s116mdfl.sys (MCCI Corporation)

DRV - (s116bus) Sony Ericsson Device 116 driver (WDM) -- C:\Windows\System32\drivers\s116bus.sys (MCCI Corporation)

DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)

DRV - (SNC) -- C:\Windows\System32\drivers\SonyNC.sys (Sony Corporation)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.t-online.de/service/redir/ie7_start.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 

IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}

IE - HKLM\..\SearchScopes\{1EDB291C-67AC-4F9C-AB66-6087DFC21209}: "URL" = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=wiki-tab&tpc=internet&ptl=std&classification=wiki-tab_internet_std&q={searchTerms}&br=ie7-toi

IE - HKLM\..\SearchScopes\{4813470F-6B8C-4FEA-949B-526F953262C0}: "URL" = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=interactivemesuche-21&index=blended&linkCode=ur2&camp=1638&creative=6742

IE - HKLM\..\SearchScopes\{C74610DB-2CCB-49CF-BB8D-650C6B4CD09F}: "URL" = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie7-toi

IE - HKLM\..\SearchScopes\{C93EA644-5BF8-49CB-B277-2602FD0C0433}: "URL" = hxxp://adfarm.mediaplex.com/ad/ck/707-1403-18840-0?mpro=hxxp://search.ebay.de/search/search.dll?shortcut=4&query={searchTerms}

IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=100478&tt=290412_4_vs&babsrc=HP_ss&mntrId=ccc35b19000000000000544249676659

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\URLSearchHook:  - No CLSID value found

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=gppc&s={searchTerms}&f=4

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=100478&tt=290412_4_vs&babsrc=SP_ss&mntrId=ccc35b19000000000000544249676659

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\SearchScopes\{497F9A79-F8AC-4AD2-A6DE-F256F1C069B4}: "URL" = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=interactivemesuche-21&index=blended&linkCode=ur2&camp=1638&creative=6742

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7SNYK_de&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\SearchScopes\{6BCD3B4B-C7F8-4DDA-A150-729CD60BFDEB}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=867034&p={searchTerms}

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://127.0.0.1:4664/search&s=6zOq04dR1_74GZkqAM7_3CckmCc?q={searchTerms}

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\SearchScopes\{71AE5633-4538-41C7-A7D0-BD06E47EE8CA}: "URL" = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=wiki-tab&tpc=internet&ptl=std&classification=wiki-tab_internet_std&q={searchTerms}&br=ie7-toi

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\SearchScopes\{86F5405D-4F8B-4B91-B415-6ECA80FB025B}: "URL" = hxxp://adfarm.mediaplex.com/ad/ck/707-1403-18840-0?mpro=hxxp://search.ebay.de/search/search.dll?shortcut=4&query={searchTerms}

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\SearchScopes\{ADA26A4F-2C52-489F-B91A-06A7BAB3F2C9}: "URL" = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie7-toi

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\SearchScopes\{E0B4A2C7-7699-432C-B096-C9B9367FA553}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"

FF - prefs.js..browser.search.defaultthis.engineName: "Softonic-de Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.1&q="

FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"

FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"

FF - prefs.js..browser.startup.homepage: "hxxp://search.babylon.com/?affID=100478&tt=290412_4_vs&babsrc=HP_ss&mntrId=ccc35b19000000000000544249676659"

FF - prefs.js..extensions.enabledItems: {8AA36F4F-6DC7-4c06-77AF-5035170634FE}:2009.7.1

FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1

FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.6

FF - prefs.js..extensions.enabledItems: {6b9c3e37-fcbd-4834-a71a-fa45c106a001}:2.7.2.0

FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.2.20100119091315

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: {D250ED92-1791-42C4-B441-E90BF89B9BEF}:1.9.1

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?affID=100478&tt=290412_4_vs&babsrc=KW_ss&mntrId=ccc35b19000000000000544249676659&q="

FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"

FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q="

 

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012.01.05 12:50:13 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.05.04 07:38:47 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.30 08:31:42 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{D250ED92-1791-42C4-B441-E90BF89B9BEF}: C:\Users\Jamie-Anthony\AppData\Local\{D250ED92-1791-42C4-B441-E90BF89B9BEF} [2011.04.02 09:21:37 | 000,000,000 | -H-D | M]

 

[2008.08.31 13:51:25 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Jamie-Anthony\AppData\Roaming\mozilla\Extensions

[2012.05.07 20:49:30 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Jamie-Anthony\AppData\Roaming\mozilla\Firefox\Profiles\mdoh89q4.default\extensions

[2010.07.14 21:45:31 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jamie-Anthony\AppData\Roaming\mozilla\Firefox\Profiles\mdoh89q4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2012.05.07 20:49:30 | 000,000,000 | ---D | M] (Babylon Toolbar by Visicom) -- C:\Users\Jamie-Anthony\AppData\Roaming\mozilla\Firefox\Profiles\mdoh89q4.default\extensions\{51dd3535-abea-484a-b1cf-06ab7b092c0c}

[2012.05.07 09:56:41 | 000,000,000 | -H-D | M] (ST-de Community Toolbar) -- C:\Users\Jamie-Anthony\AppData\Roaming\mozilla\Firefox\Profiles\mdoh89q4.default\extensions\{6b9c3e37-fcbd-4834-a71a-fa45c106a001}

[2011.05.15 20:51:35 | 000,000,000 | -H-D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Jamie-Anthony\AppData\Roaming\mozilla\Firefox\Profiles\mdoh89q4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2012.03.29 20:17:26 | 000,000,000 | -H-D | M] (DownloadHelper) -- C:\Users\Jamie-Anthony\AppData\Roaming\mozilla\Firefox\Profiles\mdoh89q4.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2011.05.16 06:59:53 | 000,000,000 | -H-D | M] (Conduit Engine) -- C:\Users\Jamie-Anthony\AppData\Roaming\mozilla\Firefox\Profiles\mdoh89q4.default\extensions\engine@conduit.com

[2012.04.26 06:33:37 | 000,000,000 | -H-D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Users\Jamie-Anthony\AppData\Roaming\mozilla\Firefox\Profiles\mdoh89q4.default\extensions\toolbar@ask.com

[2009.05.19 11:28:48 | 000,000,884 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\conduit.xml

[2012.05.05 14:38:05 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-1.xml

[2010.07.22 20:40:18 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-10.xml

[2010.07.24 21:28:38 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-11.xml

[2010.09.10 08:22:34 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-12.xml

[2010.09.17 07:58:49 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-13.xml

[2010.10.23 14:32:15 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-14.xml

[2010.10.29 20:43:47 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-15.xml

[2010.12.13 19:23:34 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-16.xml

[2011.03.03 14:58:47 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-17.xml

[2011.03.08 13:13:00 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-18.xml

[2011.03.24 22:46:27 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-19.xml

[2009.08.24 10:44:09 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-2.xml

[2011.05.01 18:35:49 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-20.xml

[2011.05.15 11:19:15 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-21.xml

[2011.07.13 08:56:31 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-22.xml

[2011.07.21 20:31:34 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-23.xml

[2011.08.25 07:49:25 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-24.xml

[2011.09.01 18:55:37 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-25.xml

[2011.09.11 13:32:43 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-26.xml

[2011.10.12 16:23:44 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-27.xml

[2011.11.10 17:10:52 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-28.xml

[2011.12.10 16:43:43 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-29.xml

[2009.09.21 11:09:12 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-3.xml

[2011.12.10 18:58:07 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-30.xml

[2011.12.30 11:17:18 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-31.xml

[2012.02.15 20:47:42 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-32.xml

[2009.10.31 08:31:55 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-4.xml

[2009.12.17 22:29:16 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-5.xml

[2010.01.06 18:40:33 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-6.xml

[2010.03.13 09:21:21 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-7.xml

[2010.04.05 19:25:15 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-8.xml

[2010.04.06 19:37:21 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-9.xml

[2010.05.12 18:40:06 | 000,001,042 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin.xml

[2010.01.22 00:07:01 | 000,003,915 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\sweetim.xml

[2012.02.15 20:39:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

[2009.06.09 20:17:31 | 000,000,000 | ---D | M] (Dealio Toolbar Plugin) -- C:\Program Files\mozilla firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}

[2009.07.22 13:09:14 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

[2010.01.19 17:40:30 | 000,000,000 | ---D | M] ("Citavi Picker") -- C:\Program Files\mozilla firefox\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}

[2011.04.02 09:21:37 | 000,000,000 | -H-D | M] (XULRunner) -- C:\USERS\JAMIE-ANTHONY\APPDATA\LOCAL\{D250ED92-1791-42C4-B441-E90BF89B9BEF}

[2012.05.04 07:38:47 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2011.11.10 06:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2012.02.15 20:39:01 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012.05.07 20:48:22 | 000,002,354 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml

[2012.02.15 20:39:01 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2012.02.15 20:39:01 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml

[2011.07.21 20:27:10 | 000,002,047 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml

[2011.05.15 20:52:37 | 000,002,051 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrchstonicde.xml

[2012.02.15 20:39:01 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml

[2012.02.15 20:39:01 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml

[2012.02.15 20:39:01 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

 
 ========== Chrome  ==========

 

CHR - default_search_provider: facemoods (Enabled)

CHR - default_search_provider: search_url = hxxp://start.facemoods.com/?a=stonicde&s={searchTerms}&f=4

CHR - default_search_provider: suggest_url = 

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\pdf.dll

CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\gears.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\gcswf32.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Microsoft Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll

CHR - plugin: QuickTime Plug-in 7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll

CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll

CHR - plugin: Picasa (Enabled) = C:\Program Files\Picasa2\npPicasa2.dll

CHR - plugin: Picasa (Enabled) = C:\Program Files\Picasa2\npPicasa3.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: Facemoods = C:\Users\Jamie-Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\

 

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: ::1             localhost

O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll (Spigot, Inc.)

O2 - BHO: (Babylon Toolbar by Visicom) - {51dd3535-abea-484a-b1cf-06ab7b092c0c} - C:\Program Files\babylon01\babylon01X.dll ()

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)

O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll (Your Company Name)

O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()

O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)

O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll (Spigot, Inc.)

O3 - HKLM\..\Toolbar: (Babylon Toolbar by Visicom) - {51dd3535-abea-484a-b1cf-06ab7b092c0c} - C:\Program Files\babylon01\babylon01X.dll ()

O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)

O3 - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.

O3 - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.

O3 - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark S300-S400 Series\ezprint.exe ()

O4 - HKLM..\Run: [lxeamon.exe] C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe ()

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)

O4 - HKLM..\Run: [UVS10 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe (Ulead Systems, Inc.)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-21-3850073437-3280287025-709413035-1000..\Run: [ALBATTTOOL] C:\Program Files\AkkuLine.de\AkkuLine Batterie-Tool\AL-Batterie-Tool.exe File not found

O4 - HKU\S-1-5-21-3850073437-3280287025-709413035-1000..\Run: [EPSON Stylus DX8400 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE (SEIKO EPSON CORPORATION)

O4 - HKU\S-1-5-21-3850073437-3280287025-709413035-1000..\Run: [Sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)

O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk =  File not found

O4 - Startup: C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

O7 - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: &Citavi Picker... - C:\Program Files\Internet Explorer\PLUGINS\Citavi Picker\ShowContextMenu.html ()

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: Free YouTube Download - C:\Users\Jamie-Anthony\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe File not found

O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe File not found

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O13 - gopher Prefix: missing

O15 - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..Trusted Domains: intervideo.com ([]http in Trusted sites)

O15 - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..Trusted Domains: intervideo.com ([www] * in Trusted sites)

O15 - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..Trusted Domains: localhost ([]http in Local intranet)

O15 - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..Trusted Ranges: GD ([http] in Local intranet)

O16 - DPF: {00000161-9980-0010-8000-00AA00389B71} hxxp://codecs.microsoft.com/codecs/i386/msaud.cab (Reg Error: Key error.)

O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/D/0/D/D0DD87DA-994F-4334-8B55-AF2E4D98ED0C/wmv9dmo.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0E356E30-94D2-4B82-AD4A-32260CB60786}: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F709309A-CB43-4219-9489-BAB633F2CC47}: DhcpNameServer = 192.168.2.1

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL (Google)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - VESWinlogon.dll (Sony Corporation)

O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Dock.jpg

O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Dock.jpg

O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{c2d7a3e4-616f-11df-b59d-001a80249e6f}\Shell - "" = AutoRun

O33 - MountPoints2\{c2d7a3e4-616f-11df-b59d-001a80249e6f}\Shell\AutoRun\command - "" = G:\DPFMate.exe

O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Autorun\Autorun.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

NetSvcs: FastUserSwitchingCompatibility -  File not found

NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)

NetSvcs: Nla -  File not found

NetSvcs: Ntmssvc -  File not found

NetSvcs: NWCWorkstation -  File not found

NetSvcs: Nwsapagent -  File not found

NetSvcs: SRService -  File not found

NetSvcs: WmdmPmSp -  File not found

NetSvcs: LogonHours -  File not found

NetSvcs: PCAudit -  File not found

NetSvcs: helpsvc -  File not found

NetSvcs: uploadmgr -  File not found

 

MsConfig - StartUpFolder: C:^Users^Jamie-Anthony^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -  - File not found

MsConfig - StartUpFolder: C:^Users^Jamie-Anthony^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Picture Motion Browser Medien-Prüfung.lnk -  - File not found

MsConfig - StartUpReg: Acrobat Assistant 8.0 - hkey= - key= -  File not found

MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= -  File not found

MsConfig - StartUpReg: Apoint - hkey= - key= - C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)

MsConfig - StartUpReg: Google Desktop Search - hkey= - key= - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)

MsConfig - StartUpReg: googletalk - hkey= - key= - C:\Program Files\Google\Google Talk\googletalk.exe (Google)

MsConfig - StartUpReg: ICQ - hkey= - key= -  File not found

MsConfig - StartUpReg: ISBMgr.exe - hkey= - key= - C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)

MsConfig - StartUpReg: ISTray - hkey= - key= -  File not found

MsConfig - StartUpReg: LogitechQuickCamRibbon - hkey= - key= - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()

MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)

MsConfig - StartUpReg: SpybotSD TeaTimer - hkey= - key= -  File not found

MsConfig - StartUpReg: SweetIM - hkey= - key= - C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)

MsConfig - StartUpReg: TrayServer - hkey= - key= - C:\Program Files\MAGIX\Video_deluxe_2008_e-version\TrayServer.exe (MAGIX AG)

MsConfig - State: "services" - 2

MsConfig - State: "startup" - 2

Jami87

13.05.2012 10:03

Code:

 

SafeBootMin: AppMgmt - Service

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: NTDS -  File not found

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet: AppMgmt - Service

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger -  File not found

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: NTDS -  File not found

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SafeBootNet: WudfPf - Driver

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\Microsoft

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework

ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\Microsoft

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CACE1E62-59B0-4F7F-87D4-DD335EBBC8F5} - T-Online Toolbar 2.0

ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - 

ActiveX: >{F1FD268A-521D-46F0-B304-8E2794E6ADD3} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

 

Drivers32: aux - wdmaud.drv (Microsoft Corporation)

Drivers32: aux1 - wdmaud.drv (Microsoft Corporation)

Drivers32: aux2 - wdmaud.drv (Microsoft Corporation)

Drivers32: aux3 - wdmaud.drv (Microsoft Corporation)

Drivers32: aux4 - wdmaud.drv (Microsoft Corporation)

Drivers32: aux5 - wdmaud.drv (Microsoft Corporation)

Drivers32: midi - wdmaud.drv (Microsoft Corporation)

Drivers32: midi1 - wdmaud.drv (Microsoft Corporation)

Drivers32: midi2 - wdmaud.drv (Microsoft Corporation)

Drivers32: midi3 - wdmaud.drv (Microsoft Corporation)

Drivers32: midi4 - wdmaud.drv (Microsoft Corporation)

Drivers32: midi5 - wdmaud.drv (Microsoft Corporation)

Drivers32: midi6 - wdmaud.drv (Microsoft Corporation)

Drivers32: midi7 - wdmaud.drv (Microsoft Corporation)

Drivers32: midi8 - wdmaud.drv (Microsoft Corporation)

Drivers32: midi9 - wdmaud.drv (Microsoft Corporation)

Drivers32: midimapper - midimap.dll (Microsoft Corporation)

Drivers32: mixer - wdmaud.drv (Microsoft Corporation)

Drivers32: mixer1 - wdmaud.drv (Microsoft Corporation)

Drivers32: mixer2 - wdmaud.drv (Microsoft Corporation)

Drivers32: mixer3 - wdmaud.drv (Microsoft Corporation)

Drivers32: mixer4 - wdmaud.drv (Microsoft Corporation)

Drivers32: mixer5 - wdmaud.drv (Microsoft Corporation)

Drivers32: mixer6 - wdmaud.drv (Microsoft Corporation)

Drivers32: mixer7 - wdmaud.drv (Microsoft Corporation)

Drivers32: mixer8 - wdmaud.drv (Microsoft Corporation)

Drivers32: mixer9 - wdmaud.drv (Microsoft Corporation)

Drivers32: msacm.dvacm - C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm (Ulead Systems, Inc.)

Drivers32: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)

Drivers32: msacm.l3acm - l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.MPEGacm - C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm (Ulead Systems, Inc.)

Drivers32: msacm.msadpcm - msadp32.acm (Microsoft Corporation)

Drivers32: msacm.msaudio1 - msaud32.acm (Microsoft Corporation)

Drivers32: msacm.msg711 - msg711.acm (Microsoft Corporation)

Drivers32: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)

Drivers32: msacm.siren - sirenacm.dll (Microsoft Corporation)

Drivers32: msacm.ulmp3acm - C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm (Ulead systems)

Drivers32: MSVideo - vfwwdm32.dll (Microsoft Corporation)

Drivers32: MSVideo8 - VfWWDM32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - iccvid.dll (Radius Inc.)

Drivers32: vidc.DIVX - DivX.dll (DivX, Inc.)

Drivers32: VIDC.dvsd - C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation)

Drivers32: VIDC.FFDS - ff_vfw.dll ()

Drivers32: VIDC.I420 - MSh263.drv File not found

Drivers32: VIDC.IYUV - iyuv_32.dll (Microsoft Corporation)

Drivers32: vidc.mrle - msrle32.dll (Microsoft Corporation)

Drivers32: vidc.msvc - msvidc32.dll (Microsoft Corporation)

Drivers32: VIDC.UYVY - msyuv.dll (Microsoft Corporation)

Drivers32: VIDC.YUY2 - msyuv.dll (Microsoft Corporation)

Drivers32: vidc.yv12 - DivX.dll (DivX, Inc.)

Drivers32: VIDC.YVU9 - tsbyuv.dll (Microsoft Corporation)

Drivers32: VIDC.YVYU - msyuv.dll (Microsoft Corporation)

Drivers32: wave - wdmaud.drv (Microsoft Corporation)

Drivers32: wave1 - wdmaud.drv (Microsoft Corporation)

Drivers32: wave2 - wdmaud.drv (Microsoft Corporation)

Drivers32: wave3 - wdmaud.drv (Microsoft Corporation)

Drivers32: wave4 - wdmaud.drv (Microsoft Corporation)

Drivers32: wave5 - wdmaud.drv (Microsoft Corporation)

Drivers32: wave6 - wdmaud.drv (Microsoft Corporation)

Drivers32: wave7 - wdmaud.drv (Microsoft Corporation)

Drivers32: wave8 - wdmaud.drv (Microsoft Corporation)

Drivers32: wave9 - wdmaud.drv (Microsoft Corporation)

Drivers32: wavemapper - msacm32.drv (Microsoft Corporation)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.05.13 10:06:11 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2012.05.08 20:50:50 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2012.05.08 20:47:29 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2012.05.07 22:36:18 | 000,000,000 | ---D | C] -- C:\_OTL

[2012.05.07 21:04:29 | 000,000,000 | ---D | C] -- C:\Users\Jamie-Anthony\AppData\Roaming\Malwarebytes

[2012.05.07 20:58:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012.05.07 20:58:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012.05.07 20:58:33 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2012.05.07 20:58:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2012.05.07 20:49:10 | 000,000,000 | ---D | C] -- C:\Program Files\babylon01

[2012.05.07 20:48:31 | 000,000,000 | ---D | C] -- C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uncompressor

[2012.05.07 20:48:30 | 000,000,000 | ---D | C] -- C:\Program Files\Uncompressor

[2012.05.07 20:47:46 | 000,000,000 | ---D | C] -- C:\Users\Jamie-Anthony\AppData\Local\Babylon

[2012.05.07 20:47:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon

[2012.05.07 20:47:45 | 000,000,000 | ---D | C] -- C:\Users\Jamie-Anthony\AppData\Roaming\Babylon

[2012.05.04 07:39:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla

[2012.05.04 07:39:00 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service

[2012.05.01 19:26:51 | 000,000,000 | ---D | C] -- C:\Users\Jamie-Anthony\AppData\Local\AskToolbar

[2012.04.26 06:33:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

[2012.04.26 06:33:44 | 000,000,000 | -H-D | C] -- C:\Users\Jamie-Anthony\AppData\Roaming\Avira

[2012.04.26 06:33:21 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com

[2012.04.26 06:31:43 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys

[2012.04.26 06:31:43 | 000,083,392 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys

[2012.04.26 06:31:43 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys

[2012.04.26 06:31:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira

[2012.04.26 06:31:37 | 000,000,000 | ---D | C] -- C:\Program Files\Avira

[2012.04.18 07:51:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in

[2010.08.24 19:59:21 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpeFEE7.dll

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[16 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[16 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.05.13 10:12:20 | 000,638,802 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2012.05.13 10:12:20 | 000,604,378 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2012.05.13 10:12:20 | 000,130,722 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2012.05.13 10:12:20 | 000,107,814 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2012.05.13 09:50:37 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.05.13 09:38:15 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.05.13 09:38:07 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2012.05.13 09:38:07 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2012.05.13 09:38:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.05.13 09:36:51 | 2143,784,960 | -HS- | M] () -- C:\hiberfil.sys

[2012.05.11 19:15:24 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat

[2012.05.11 18:13:05 | 001,148,598 | ---- | M] () -- C:\Users\Jamie-Anthony\Documents\Diversität.pdf

[2012.05.11 17:54:17 | 000,002,631 | -H-- | M] () -- C:\Users\Jamie-Anthony\Desktop\Microsoft Office Word 2007.lnk

[2012.05.10 16:17:51 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job

[2012.05.09 18:28:27 | 000,000,680 | ---- | M] () -- C:\Users\Jamie-Anthony\AppData\Local\d3d9caps.dat

[2012.05.08 20:48:14 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2012.05.08 12:04:15 | 000,137,928 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys

[2012.05.08 12:04:15 | 000,083,392 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys

[2012.05.08 05:48:08 | 303,917,277 | ---- | M] () -- C:\Windows\MEMORY.DMP

[2012.05.07 20:58:35 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.05.07 20:48:31 | 000,000,854 | ---- | M] () -- C:\Users\Jamie-Anthony\Desktop\Uncompressor.lnk

[2012.05.07 18:53:53 | 000,000,000 | ---- | M] () -- C:\Users\Jamie-Anthony\defogger_reenable

[2012.05.07 17:41:42 | 000,001,748 | -H-- | M] () -- C:\Users\Jamie-Anthony\Desktop\Mozilla Firefox.lnk

[2012.05.07 17:40:58 | 000,252,545 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\nvModes.001

[2012.05.07 15:17:09 | 000,227,840 | ---- | M] () -- C:\Users\Jamie-Anthony\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012.05.07 09:56:13 | 000,252,545 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\nvModes.dat

[2012.05.02 09:19:02 | 000,002,673 | -H-- | M] () -- C:\Users\Jamie-Anthony\Desktop\Microsoft Office PowerPoint 2007.lnk

[2012.04.18 16:14:16 | 000,372,013 | -H-- | M] () -- C:\Users\Jamie-Anthony\Documents\Mechthild.pdf

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[16 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[16 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.05.11 18:13:03 | 001,148,598 | ---- | C] () -- C:\Users\Jamie-Anthony\Documents\Diversität.pdf

[2012.05.07 20:58:35 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.05.07 20:48:31 | 000,000,854 | ---- | C] () -- C:\Users\Jamie-Anthony\Desktop\Uncompressor.lnk

[2012.05.07 18:53:53 | 000,000,000 | ---- | C] () -- C:\Users\Jamie-Anthony\defogger_reenable

[2012.05.07 17:41:42 | 000,001,748 | -H-- | C] () -- C:\Users\Jamie-Anthony\Desktop\Mozilla Firefox.lnk

[2012.05.07 17:26:37 | 2143,784,960 | -HS- | C] () -- C:\hiberfil.sys

[2012.04.18 16:14:16 | 000,372,013 | -H-- | C] () -- C:\Users\Jamie-Anthony\Documents\Mechthild.pdf

[2012.04.01 00:22:47 | 000,004,962 | ---- | C] () -- C:\ProgramData\etgxespc.rpo

[2012.04.01 00:22:47 | 000,004,884 | ---- | C] () -- C:\ProgramData\homrfjdr.aqx

[2011.07.16 18:42:49 | 000,227,840 | ---- | C] () -- C:\Users\Jamie-Anthony\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011.07.07 08:51:31 | 000,000,000 | -H-- | C] () -- C:\Users\Jamie-Anthony\AppData\Local\{64525025-8827-4190-A310-38F60339D8C0}

[2011.06.30 12:07:36 | 000,000,680 | ---- | C] () -- C:\Users\Jamie-Anthony\AppData\Local\d3d9caps.dat

[2011.01.02 18:32:05 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxeavs.dll

[2011.01.02 18:32:03 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\lxeacoin.dll

[2011.01.02 18:31:51 | 000,086,016 | ---- | C] () -- C:\Windows\System32\lxeagcfg.dll

[2011.01.02 18:31:49 | 000,110,592 | ---- | C] () -- C:\Windows\System32\lxeacuir.dll

[2011.01.02 18:31:48 | 000,294,912 | ---- | C] () -- C:\Windows\System32\lxeacui.dll

[2011.01.02 18:28:24 | 000,000,044 | -H-- | C] () -- C:\Windows\System32\lxearwrd.ini

[2011.01.02 18:28:06 | 000,331,776 | ---- | C] () -- C:\Windows\System32\LXEAinst.dll

[2011.01.02 18:28:05 | 000,847,872 | ---- | C] ( ) -- C:\Windows\System32\lxeausb1.dll

[2011.01.02 18:28:05 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxeainpa.dll

[2011.01.02 18:28:05 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\LXEAhcp.dll

[2011.01.02 18:28:05 | 000,344,064 | ---- | C] ( ) -- C:\Windows\System32\lxeaiesc.dll

[2011.01.02 18:28:04 | 001,048,576 | ---- | C] ( ) -- C:\Windows\System32\lxeaserv.dll

[2011.01.02 18:28:02 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxeapmui.dll

[2011.01.02 18:28:01 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\lxealmpm.dll

[2011.01.02 18:28:01 | 000,262,144 | ---- | C] () -- C:\Windows\System32\lxeainsb.dll

[2011.01.02 18:28:01 | 000,057,344 | ---- | C] () -- C:\Windows\System32\lxeajswr.dll

[2011.01.02 18:28:00 | 000,688,128 | ---- | C] ( ) -- C:\Windows\System32\lxeahbn3.dll

[2011.01.02 18:28:00 | 000,324,264 | ---- | C] ( ) -- C:\Windows\System32\lxeaih.exe

[2011.01.02 18:28:00 | 000,323,584 | ---- | C] () -- C:\Windows\System32\lxeains.dll

[2011.01.02 18:28:00 | 000,114,688 | ---- | C] () -- C:\Windows\System32\lxeainsr.dll

[2011.01.02 18:27:59 | 000,253,952 | ---- | C] () -- C:\Windows\System32\lxeacu.dll

[2011.01.02 18:27:59 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxeagrd.dll

[2011.01.02 18:27:59 | 000,090,112 | ---- | C] () -- C:\Windows\System32\lxeacub.dll

[2011.01.02 18:27:59 | 000,036,864 | ---- | C] () -- C:\Windows\System32\lxeacur.dll

[2011.01.02 18:27:58 | 000,802,816 | ---- | C] ( ) -- C:\Windows\System32\lxeacomc.dll

[2011.01.02 18:27:58 | 000,598,696 | ---- | C] ( ) -- C:\Windows\System32\lxeacoms.exe

[2011.01.02 18:27:58 | 000,373,416 | ---- | C] ( ) -- C:\Windows\System32\lxeacfg.exe

[2011.01.02 18:27:58 | 000,372,736 | ---- | C] ( ) -- C:\Windows\System32\lxeacomm.dll

[2011.01.02 18:27:08 | 000,299,008 | ---- | C] () -- C:\Windows\System32\LXEAsm.dll

[2011.01.02 18:27:08 | 000,024,064 | ---- | C] () -- C:\Windows\System32\LXEAsmr.dll

[2010.06.15 20:16:17 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll

 
 ========== LOP Check ==========

 

[2011.12.16 14:28:50 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Academic Software Zurich

[2010.06.15 20:30:55 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\AnvSoft

[2012.05.07 20:47:45 | 000,000,000 | ---D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Babylon

[2008.06.08 13:39:20 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Cuttermaran

[2009.10.02 14:34:05 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\DeepBurner

[2012.01.03 21:45:51 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\DVDVideoSoft

[2011.05.15 20:51:33 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\DVDVideoSoftIEHelpers

[2008.02.11 19:15:12 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\EPSON

[2010.06.15 20:16:27 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\FreeAudioPack

[2010.06.15 20:18:01 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\FreeCDRipper

[2008.08.22 21:47:26 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant

[2010.08.07 09:27:58 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\ICQ

[2008.04.20 23:00:47 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\InterVideo

[2011.02.05 13:31:18 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\it.clementoni.SapPrimeParoleDE.290A939A40FB4C06653AD1460C6BEBD4C065087B.1

[2011.06.17 20:13:21 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\LaunchPad

[2010.01.02 11:34:12 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Leadertech

[2008.06.09 13:05:14 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\MAGIX

[2012.04.01 00:23:10 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Need4Video

[2010.11.20 08:14:29 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\OpenOffice.org

[2008.02.16 16:08:51 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Opera

[2009.10.02 08:49:27 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Pegasys Inc

[2011.10.12 19:02:17 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\RavensburgerTipToi

[2009.06.04 20:31:17 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Sony

[2008.02.26 22:35:30 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\T-Online

[2008.02.08 20:47:15 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\temp

[2008.02.16 14:10:07 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Template

[2011.05.25 16:22:44 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Ulead Systems

[2010.06.15 20:34:39 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Uniblue

[2012.05.11 19:15:25 | 000,032,514 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 
 < %ALLUSERSPROFILE%\Application Data\*. >

 
 < %ALLUSERSPROFILE%\Application Data\*.exe /s >

 
 < %APPDATA%\*. >

[2011.12.16 14:28:50 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Academic Software Zurich

[2010.09.10 11:50:55 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Adobe

[2010.06.15 20:30:55 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\AnvSoft

[2012.04.26 06:33:44 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Avira

[2012.05.07 20:47:45 | 000,000,000 | ---D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Babylon

[2008.06.08 13:39:20 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Cuttermaran

[2009.10.02 14:34:05 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\DeepBurner

[2008.02.10 12:58:36 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\DivX

[2012.04.01 15:30:07 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\dvdcss

[2012.01.03 21:45:51 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\DVDVideoSoft

[2011.05.15 20:51:33 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\DVDVideoSoftIEHelpers

[2008.02.11 19:15:12 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\EPSON

[2010.06.15 20:16:27 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\FreeAudioPack

[2010.06.15 20:18:01 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\FreeCDRipper

[2008.02.24 19:10:57 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Google

[2008.08.22 21:47:26 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant

[2010.08.07 09:27:58 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\ICQ

[2007.07.20 15:00:04 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Identities

[2007.08.10 13:53:23 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\InstallShield

[2008.04.20 23:00:47 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\InterVideo

[2011.02.05 13:31:18 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\it.clementoni.SapPrimeParoleDE.290A939A40FB4C06653AD1460C6BEBD4C065087B.1

[2011.06.17 20:13:21 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\LaunchPad

[2010.01.02 11:34:12 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Leadertech

[2007.07.20 17:31:39 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Macromedia

[2008.06.09 13:05:14 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\MAGIX

[2012.05.07 21:04:29 | 000,000,000 | ---D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Malwarebytes

[2006.11.02 14:37:34 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Media Center Programs

[2011.12.18 13:43:49 | 000,000,000 | --SD | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft

[2008.08.31 13:51:25 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla

[2012.04.01 00:23:10 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Need4Video

[2010.11.20 08:14:29 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\OpenOffice.org

[2008.02.16 16:08:51 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Opera

[2009.10.02 08:49:27 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Pegasys Inc

[2011.10.12 19:02:17 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\RavensburgerTipToi

[2008.05.02 20:06:46 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Roxio

[2011.01.14 22:12:13 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Skype

[2011.01.14 21:12:16 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\skypePM

[2009.06.04 20:31:17 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Sony

[2009.06.04 22:25:42 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Sony Corporation

[2008.02.25 18:20:57 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Symantec

[2008.02.26 22:35:30 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\T-Online

[2008.02.08 20:47:15 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\temp

[2008.02.16 14:10:07 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Template

[2011.05.25 16:22:44 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Ulead Systems

[2010.06.15 20:34:39 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Uniblue

[2011.02.01 15:52:43 | 000,000,000 | -H-D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\vlc

 
 < %APPDATA%\*.exe /s >

[2007.01.01 23:22:02 | 003,739,648 | -H-- | M] (Google) -- C:\Users\Jamie-Anthony\AppData\Roaming\Google\Google Talk\googletalk.exe

[2008.02.24 19:11:03 | 000,079,367 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Google\Google Talk\uninstall.exe

[2009.05.08 21:22:05 | 000,028,672 | -H-- | M] (Elektrobit Automotive GmbH) -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\1675E721-3B46-44BF-95D0-E728D662D998\AutoRunCE.exe

[2009.05.08 21:22:07 | 000,057,856 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\1675E721-3B46-44BF-95D0-E728D662D998\1\module.exe

[2009.05.08 21:22:14 | 000,028,672 | -H-- | M] (Elektrobit Automotive GmbH) -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\445946F7-51D3-4347-B681-370657140002\AutoRunCE.exe

[2009.05.08 21:22:16 | 000,057,856 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\445946F7-51D3-4347-B681-370657140002\1\module.exe

[2009.05.08 21:20:47 | 000,028,672 | -H-- | M] (Elektrobit Automotive GmbH) -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\4B15BDE1-3A77-4063-A296-34D462338FFF\AutoRunCE.exe

[2009.05.08 21:21:00 | 000,057,856 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\4B15BDE1-3A77-4063-A296-34D462338FFF\1\module.exe

[2009.05.08 21:21:40 | 000,028,672 | -H-- | M] (Elektrobit Automotive GmbH) -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\4C2FEFBA-6383-45FB-89AF-273D92FB3F85\AutoRunCE.exe

[2009.05.08 21:21:44 | 000,057,856 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\4C2FEFBA-6383-45FB-89AF-273D92FB3F85\1\module.exe

[2009.05.08 21:21:55 | 000,028,672 | -H-- | M] (Elektrobit Automotive GmbH) -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\519E8FE4-0FCE-45E6-B2B4-F0FC2CD562D1\AutoRunCE.exe

[2009.05.08 21:21:58 | 000,057,856 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\519E8FE4-0FCE-45E6-B2B4-F0FC2CD562D1\1\module.exe

[2009.05.08 21:22:02 | 000,028,672 | -H-- | M] (Elektrobit Automotive GmbH) -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\5B951398-8563-4AED-8F69-D781081B9940\AutoRunCE.exe

[2009.05.08 21:22:04 | 000,057,856 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\5B951398-8563-4AED-8F69-D781081B9940\1\module.exe

[2009.05.08 21:21:28 | 000,028,672 | -H-- | M] (Elektrobit Automotive GmbH) -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\76ABC327-6702-4E21-ADDB-E278E468F2F7\AutoRunCE.exe

[2009.05.08 21:21:31 | 000,057,856 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\76ABC327-6702-4E21-ADDB-E278E468F2F7\1\module.exe

[2009.05.08 21:21:52 | 000,028,672 | -H-- | M] (Elektrobit Automotive GmbH) -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\8D191AF8-79EC-4372-91C8-F80C60F786D1\AutoRunCE.exe

[2009.05.08 21:21:54 | 000,057,856 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\8D191AF8-79EC-4372-91C8-F80C60F786D1\1\module.exe

[2009.05.08 21:21:49 | 000,028,672 | -H-- | M] (Elektrobit Automotive GmbH) -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\90C63287-5C0E-4139-A12C-AF150E4EEB44\AutoRunCE.exe

[2009.05.08 21:21:51 | 000,057,856 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\90C63287-5C0E-4139-A12C-AF150E4EEB44\1\module.exe

[2009.05.08 21:21:18 | 000,028,672 | -H-- | M] (Elektrobit Automotive GmbH) -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\9937E393-19B4-4535-9452-2B85F9FA5FFD\AutoRunCE.exe

[2009.05.08 21:21:21 | 000,057,856 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\9937E393-19B4-4535-9452-2B85F9FA5FFD\1\module.exe

[2009.05.08 21:21:46 | 000,028,672 | -H-- | M] (Elektrobit Automotive GmbH) -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\9BDDFA4D-A91A-45FE-A1A0-D6066BD01551\AutoRunCE.exe

[2009.05.08 21:21:47 | 000,057,856 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\9BDDFA4D-A91A-45FE-A1A0-D6066BD01551\1\module.exe

[2009.05.08 21:22:11 | 000,028,672 | -H-- | M] (Elektrobit Automotive GmbH) -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\9F4E9777-D0FC-4699-967F-3411D3CB55A9\AutoRunCE.exe

[2009.05.08 21:22:13 | 000,057,856 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\9F4E9777-D0FC-4699-967F-3411D3CB55A9\1\module.exe

[2009.05.08 21:21:59 | 000,028,672 | -H-- | M] (Elektrobit Automotive GmbH) -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\B12043A4-1398-446D-9220-C30E57DBB399\AutoRunCE.exe

[2009.05.08 21:22:00 | 000,057,856 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\B12043A4-1398-446D-9220-C30E57DBB399\1\module.exe

[2009.05.08 21:21:02 | 000,028,672 | -H-- | M] (Elektrobit Automotive GmbH) -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\BCCCC94C-3ED6-41F6-81B6-D7F7AD769FDC\AutoRunCE.exe

[2009.05.08 21:21:04 | 000,057,856 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\BCCCC94C-3ED6-41F6-81B6-D7F7AD769FDC\1\module.exe

[2009.05.08 21:21:23 | 000,028,672 | -H-- | M] (Elektrobit Automotive GmbH) -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\E47752B6-4AC2-4AC8-841B-68B8DF784CEE\AutoRunCE.exe

[2009.05.08 21:21:26 | 000,057,856 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\E47752B6-4AC2-4AC8-841B-68B8DF784CEE\1\module.exe

[2009.05.08 21:46:10 | 000,028,672 | -H-- | M] (Elektrobit Automotive GmbH) -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\E7C17A34-BFA3-4B43-A04D-A4DD9D1B6B68\AutoRunCE.exe

[2009.05.08 21:46:14 | 000,057,856 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\E7C17A34-BFA3-4B43-A04D-A4DD9D1B6B68\1\module.exe

[2009.05.08 21:22:08 | 000,028,672 | -H-- | M] (Elektrobit Automotive GmbH) -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\ED55893A-BC84-42B7-A01A-935AA6FC6D85\AutoRunCE.exe

[2009.05.08 21:22:10 | 000,057,856 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\ED55893A-BC84-42B7-A01A-935AA6FC6D85\1\module.exe

[2009.05.08 21:21:33 | 000,028,672 | -H-- | M] (Elektrobit Automotive GmbH) -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\F284F578-98F8-4C98-BFD0-1A4A49CC1097\AutoRunCE.exe

[2009.05.08 21:21:37 | 000,057,856 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\GoPal Assistant\Library\F284F578-98F8-4C98-BFD0-1A4A49CC1097\1\module.exe

[2012.02.11 13:24:34 | 000,053,632 | -H-- | M] (Adobe Systems Inc.) -- C:\Users\Jamie-Anthony\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe

 
 < %SYSTEMDRIVE%\*.exe >

[2007.11.07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

 
 < MD5 for: AGP440.SYS  >

[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys

[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys

[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys

[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys

[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys

[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

 
 < MD5 for: ATAPI.SYS  >

[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys

[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys

[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys

[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys

[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys

[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

[2008.02.21 04:10:16 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys

[2008.02.21 04:10:16 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys

[2008.02.21 04:10:16 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

 
 < MD5 for: CNGAUDIT.DLL  >

[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll

[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

 
 < MD5 for: IASTOR.SYS  >

[2007.03.01 02:03:07 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\Drivers\SATA Driver (Intel) (Non-RAID) 7.0A - 7.0.0.1020\iastor.sys

[2007.03.01 02:03:07 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\System32\drivers\iaStor.sys

[2007.03.01 02:03:07 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_1cb29a96\iaStor.sys

 
 < MD5 for: IASTORV.SYS  >

[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys

[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys

[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys

[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

 
 < MD5 for: NETLOGON.DLL  >

[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll

[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll

[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll

[2008.01.19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

 
 < MD5 for: NVSTOR.SYS  >

[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys

[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys

[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys

[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

 
 < MD5 for: SCECLI.DLL  >

[2008.01.19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll

[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll

[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll

[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2007.07.20 15:18:21 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=63B4F59D7C89B1BF5277F1FFEFD491CD -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll

[2007.07.20 15:18:21 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=9D9F061EDA75425FC67F0365E3467C86 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll

[2008.01.19 09:36:46 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll

[2006.11.02 11:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll

[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll

[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe

[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

 
 < MD5 for: WININIT.EXE  >

[2008.01.19 09:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe

[2008.01.19 09:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe

[2006.11.02 11:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe

[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe

[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe

[2008.01.19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2006.11.02 10:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys

[2008.01.19 07:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys

[2008.01.19 07:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV

[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV

[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV

[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV

[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

 
 < %systemroot%\*. /mp /s >

 
 < %systemroot%\system32\*.dll /lockedfiles >

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 518 bytes -> C:\Users\Jamie-Anthony\Documents\mailhpt.eml:OECustomProperty

@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2

@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:A8ADE5D8
 

< End of report >

cosinus

13.05.2012 15:51

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

:OTL

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.t-online.de/service/redir/ie7_start.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 

IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}

IE - HKLM\..\SearchScopes\{1EDB291C-67AC-4F9C-AB66-6087DFC21209}: "URL" = http://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=wiki-tab&tpc=internet&ptl=std&classification=wiki-tab_internet_std&q={searchTerms}&br=ie7-toi

IE - HKLM\..\SearchScopes\{4813470F-6B8C-4FEA-949B-526F953262C0}: "URL" = http://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=interactivemesuche-21&index=blended&linkCode=ur2&camp=1638&creative=6742

IE - HKLM\..\SearchScopes\{C74610DB-2CCB-49CF-BB8D-650C6B4CD09F}: "URL" = http://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie7-toi

IE - HKLM\..\SearchScopes\{C93EA644-5BF8-49CB-B277-2602FD0C0433}: "URL" = http://adfarm.mediaplex.com/ad/ck/707-1403-18840-0?mpro=http://search.ebay.de/search/search.dll?shortcut=4&query={searchTerms}

IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=100478&tt=290412_4_vs&babsrc=HP_ss&mntrId=ccc35b19000000000000544249676659

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\URLSearchHook:  - No CLSID value found

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=gppc&s={searchTerms}&f=4

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=100478&tt=290412_4_vs&babsrc=SP_ss&mntrId=ccc35b19000000000000544249676659

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\SearchScopes\{497F9A79-F8AC-4AD2-A6DE-F256F1C069B4}: "URL" = http://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=interactivemesuche-21&index=blended&linkCode=ur2&camp=1638&creative=6742

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7SNYK_de&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\SearchScopes\{6BCD3B4B-C7F8-4DDA-A150-729CD60BFDEB}: "URL" = http://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=867034&p={searchTerms}

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=6zOq04dR1_74GZkqAM7_3CckmCc?q={searchTerms}

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\SearchScopes\{71AE5633-4538-41C7-A7D0-BD06E47EE8CA}: "URL" = http://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=wiki-tab&tpc=internet&ptl=std&classification=wiki-tab_internet_std&q={searchTerms}&br=ie7-toi

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\SearchScopes\{86F5405D-4F8B-4B91-B415-6ECA80FB025B}: "URL" = http://adfarm.mediaplex.com/ad/ck/707-1403-18840-0?mpro=http://search.ebay.de/search/search.dll?shortcut=4&query={searchTerms}

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\SearchScopes\{ADA26A4F-2C52-489F-B91A-06A7BAB3F2C9}: "URL" = http://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie7-toi

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\SearchScopes\{E0B4A2C7-7699-432C-B096-C9B9367FA553}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}

FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"

FF - prefs.js..browser.search.defaultthis.engineName: "Softonic-de Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.1&q="

FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"

FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"

FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?affID=100478&tt=290412_4_vs&babsrc=HP_ss&mntrId=ccc35b19000000000000544249676659"

FF - prefs.js..keyword.URL: "http://search.babylon.com/?affID=100478&tt=290412_4_vs&babsrc=KW_ss&mntrId=ccc35b19000000000000544249676659&q="

FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"

FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="

[2010.07.14 21:45:31 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jamie-Anthony\AppData\Roaming\mozilla\Firefox\Profiles\mdoh89q4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2012.05.07 20:49:30 | 000,000,000 | ---D | M] (Babylon Toolbar by Visicom) -- C:\Users\Jamie-Anthony\AppData\Roaming\mozilla\Firefox\Profiles\mdoh89q4.default\extensions\{51dd3535-abea-484a-b1cf-06ab7b092c0c}

[2012.05.07 09:56:41 | 000,000,000 | -H-D | M] (ST-de Community Toolbar) -- C:\Users\Jamie-Anthony\AppData\Roaming\mozilla\Firefox\Profiles\mdoh89q4.default\extensions\{6b9c3e37-fcbd-4834-a71a-fa45c106a001}

[2011.05.15 20:51:35 | 000,000,000 | -H-D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Jamie-Anthony\AppData\Roaming\mozilla\Firefox\Profiles\mdoh89q4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2011.05.16 06:59:53 | 000,000,000 | -H-D | M] (Conduit Engine) -- C:\Users\Jamie-Anthony\AppData\Roaming\mozilla\Firefox\Profiles\mdoh89q4.default\extensions\engine@conduit.com

[2012.04.26 06:33:37 | 000,000,000 | -H-D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Users\Jamie-Anthony\AppData\Roaming\mozilla\Firefox\Profiles\mdoh89q4.default\extensions\toolbar@ask.com

[2009.05.19 11:28:48 | 000,000,884 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\conduit.xml

[2012.05.05 14:38:05 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-1.xml

[2010.07.22 20:40:18 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-10.xml

[2010.07.24 21:28:38 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-11.xml

[2010.09.10 08:22:34 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-12.xml

[2010.09.17 07:58:49 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-13.xml

[2010.10.23 14:32:15 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-14.xml

[2010.10.29 20:43:47 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-15.xml

[2010.12.13 19:23:34 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-16.xml

[2011.03.03 14:58:47 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-17.xml

[2011.03.08 13:13:00 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-18.xml

[2011.03.24 22:46:27 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-19.xml

[2009.08.24 10:44:09 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-2.xml

[2011.05.01 18:35:49 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-20.xml

[2011.05.15 11:19:15 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-21.xml

[2011.07.13 08:56:31 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-22.xml

[2011.07.21 20:31:34 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-23.xml

[2011.08.25 07:49:25 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-24.xml

[2011.09.01 18:55:37 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-25.xml

[2011.09.11 13:32:43 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-26.xml

[2011.10.12 16:23:44 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-27.xml

[2011.11.10 17:10:52 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-28.xml

[2011.12.10 16:43:43 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-29.xml

[2009.09.21 11:09:12 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-3.xml

[2011.12.10 18:58:07 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-30.xml

[2011.12.30 11:17:18 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-31.xml

[2012.02.15 20:47:42 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-32.xml

[2009.10.31 08:31:55 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-4.xml

[2009.12.17 22:29:16 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-5.xml

[2010.01.06 18:40:33 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-6.xml

[2010.03.13 09:21:21 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-7.xml

[2010.04.05 19:25:15 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-8.xml

[2010.04.06 19:37:21 | 000,000,950 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-9.xml

[2010.05.12 18:40:06 | 000,001,042 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin.xml

[2010.01.22 00:07:01 | 000,003,915 | -H-- | M] () -- C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\sweetim.xml

[2009.06.09 20:17:31 | 000,000,000 | ---D | M] (Dealio Toolbar Plugin) -- C:\Program Files\mozilla firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}

[2009.07.22 13:09:14 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

[2012.05.07 20:48:22 | 000,002,354 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml

[2012.02.15 20:39:01 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2011.07.21 20:27:10 | 000,002,047 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml

[2011.05.15 20:52:37 | 000,002,051 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrchstonicde.xml

O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll (Spigot, Inc.)

O2 - BHO: (Babylon Toolbar by Visicom) - {51dd3535-abea-484a-b1cf-06ab7b092c0c} - C:\Program Files\babylon01\babylon01X.dll ()

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)

O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll (Spigot, Inc.)

O3 - HKLM\..\Toolbar: (Babylon Toolbar by Visicom) - {51dd3535-abea-484a-b1cf-06ab7b092c0c} - C:\Program Files\babylon01\babylon01X.dll ()

O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)

O3 - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.

O3 - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.

O3 - HKU\S-1-5-21-3850073437-3280287025-709413035-1000\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)

O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe File not found

O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe File not found

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{c2d7a3e4-616f-11df-b59d-001a80249e6f}\Shell - "" = AutoRun

O33 - MountPoints2\{c2d7a3e4-616f-11df-b59d-001a80249e6f}\Shell\AutoRun\command - "" = G:\DPFMate.exe

O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Autorun\Autorun.exe

[2012.05.07 20:49:10 | 000,000,000 | ---D | C] -- C:\Program Files\babylon01

[2012.05.01 19:26:51 | 000,000,000 | ---D | C] -- C:\Users\Jamie-Anthony\AppData\Local\AskToolbar

[2012.04.26 06:33:21 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com

[2012.04.01 00:22:47 | 000,004,962 | ---- | C] () -- C:\ProgramData\etgxespc.rpo

[2012.04.01 00:22:47 | 000,004,884 | ---- | C] () -- C:\ProgramData\homrfjdr.aqx

[2012.05.07 20:47:45 | 000,000,000 | ---D | M] -- C:\Users\Jamie-Anthony\AppData\Roaming\Babylon

@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2

@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:A8ADE5D8

:Commands

[purity]

[emptytemp]

[emptyflash]

[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Jami87

13.05.2012 19:42

Also ich habe es jetzt 2 Mal ausprobiert, und einmal kamen zwei Fehlermeldungen, dass ein Fehler aufgetreten ist und der PC ist abgestürzt und beim zweiten Mal ist es wieder hängen geblieben, sodass ich den PC neu starten musste...
Mache ich was falsch? Muss ich irgendwas anderes anklicken?

cosinus

14.05.2012 09:01

Wiederhol den Fix im abgesicherten Modus bitte

Jami87

14.05.2012 09:12

Hi,

also der Fix hat jetzt im etwa 5. Versuch - warum auch immer - funktioniert, aber nun sind alle meine Dateien weg?!? Oder kann sie zumindest nicht mehr finden?!? Auch Fotos, Bilder, Videos, etc. :-( Und vor allem das Powerpointprogramm... Das benötige ich aber unbedingt - habe dafür viel Geld bezahlt... Kann ich das irgendwie wiederholen? Und warum ist das jetzt alles weg? Sollte das alles gelöscht werden?

Ansonsten ist die Ansicht auf dem Desktop unverändert...

Die Log-Datei:

Code:

All processes killed

========== OTL ==========

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!

HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1EDB291C-67AC-4F9C-AB66-6087DFC21209}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1EDB291C-67AC-4F9C-AB66-6087DFC21209}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4813470F-6B8C-4FEA-949B-526F953262C0}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4813470F-6B8C-4FEA-949B-526F953262C0}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C74610DB-2CCB-49CF-BB8D-650C6B4CD09F}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C74610DB-2CCB-49CF-BB8D-650C6B4CD09F}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C93EA644-5BF8-49CB-B277-2602FD0C0433}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C93EA644-5BF8-49CB-B277-2602FD0C0433}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.

HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!

HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!

HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchDefaultBranded| /E : value set successfully!

HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!

HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\StartPageCache| /E : value set successfully!

Registry value HKEY_USERS\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.

HKEY_USERS\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_USERS\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D7562AE-8EF6-416d-A838-AB665251703A}\ not found.

Registry key HKEY_USERS\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.

Registry key HKEY_USERS\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\SearchScopes\{497F9A79-F8AC-4AD2-A6DE-F256F1C069B4}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{497F9A79-F8AC-4AD2-A6DE-F256F1C069B4}\ not found.

Registry key HKEY_USERS\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.

Registry key HKEY_USERS\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.

Registry key HKEY_USERS\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6BCD3B4B-C7F8-4DDA-A150-729CD60BFDEB}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6BCD3B4B-C7F8-4DDA-A150-729CD60BFDEB}\ not found.

Registry key HKEY_USERS\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.

Registry key HKEY_USERS\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\SearchScopes\{71AE5633-4538-41C7-A7D0-BD06E47EE8CA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71AE5633-4538-41C7-A7D0-BD06E47EE8CA}\ not found.

Registry key HKEY_USERS\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\SearchScopes\{86F5405D-4F8B-4B91-B415-6ECA80FB025B}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{86F5405D-4F8B-4B91-B415-6ECA80FB025B}\ not found.

Registry key HKEY_USERS\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\SearchScopes\{ADA26A4F-2C52-489F-B91A-06A7BAB3F2C9}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ADA26A4F-2C52-489F-B91A-06A7BAB3F2C9}\ not found.

Registry key HKEY_USERS\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E0B4A2C7-7699-432C-B096-C9B9367FA553}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E0B4A2C7-7699-432C-B096-C9B9367FA553}\ not found.

Registry key HKEY_USERS\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.

Prefs.js: "Search the web (Babylon)" removed from browser.search.defaultenginename

Prefs.js: "Softonic-de Customized Web Search" removed from browser.search.defaultthis.engineName

Prefs.js: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.1&q=" removed from browser.search.defaulturl

Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1

Prefs.js: "Search the web (Babylon)" removed from browser.search.selectedEngine

Prefs.js: "hxxp://search.babylon.com/?affID=100478&tt=290412_4_vs&babsrc=HP_ss&mntrId=ccc35b19000000000000544249676659" removed from browser.startup.homepage

Prefs.js: "hxxp://search.babylon.com/?affID=100478&tt=290412_4_vs&babsrc=KW_ss&mntrId=ccc35b19000000000000544249676659&q=" removed from keyword.URL

Prefs.js: "localhost,127.0.0.1" removed from network.proxy.no_proxies_on

Prefs.js: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=" removed from sweetim.toolbar.previous.keyword.URL

Folder C:\Users\Jamie-Anthony\AppData\Roaming\mozilla\Firefox\Profiles\mdoh89q4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\ not found.

Folder C:\Users\Jamie-Anthony\AppData\Roaming\mozilla\Firefox\Profiles\mdoh89q4.default\extensions\{51dd3535-abea-484a-b1cf-06ab7b092c0c}\ not found.

Folder C:\Users\Jamie-Anthony\AppData\Roaming\mozilla\Firefox\Profiles\mdoh89q4.default\extensions\{6b9c3e37-fcbd-4834-a71a-fa45c106a001}\ not found.

Folder C:\Users\Jamie-Anthony\AppData\Roaming\mozilla\Firefox\Profiles\mdoh89q4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\ not found.

Folder C:\Users\Jamie-Anthony\AppData\Roaming\mozilla\Firefox\Profiles\mdoh89q4.default\extensions\engine@conduit.com\ not found.

Folder C:\Users\Jamie-Anthony\AppData\Roaming\mozilla\Firefox\Profiles\mdoh89q4.default\extensions\toolbar@ask.com\ not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\conduit.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-1.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-10.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-11.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-12.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-13.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-14.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-15.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-16.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-17.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-18.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-19.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-2.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-20.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-21.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-22.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-23.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-24.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-25.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-26.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-27.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-28.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-29.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-3.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-30.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-31.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-32.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-4.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-5.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-6.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-7.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-8.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin-9.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\icqplugin.xml not found.

File C:\Users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\searchplugins\sweetim.xml not found.

Folder C:\Program Files\mozilla firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\ not found.

Folder C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\ not found.

File C:\Program Files\mozilla firefox\searchplugins\babylon.xml not found.

File C:\Program Files\mozilla firefox\searchplugins\bing.xml not found.

File C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml not found.

File C:\Program Files\mozilla firefox\searchplugins\fcmdSrchstonicde.xml not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\ not found.

File C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51dd3535-abea-484a-b1cf-06ab7b092c0c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{51dd3535-abea-484a-b1cf-06ab7b092c0c}\ not found.

File C:\Program Files\babylon01\babylon01X.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.

File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\ not found.

File C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{51dd3535-abea-484a-b1cf-06ab7b092c0c} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{51dd3535-abea-484a-b1cf-06ab7b092c0c}\ not found.

File C:\Program Files\babylon01\babylon01X.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.

File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.

Registry value HKEY_USERS\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{472734EA-242A-422B-ADF8-83D1E48CC825} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472734EA-242A-422B-ADF8-83D1E48CC825}\ not found.

Registry value HKEY_USERS\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.

Registry value HKEY_USERS\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.

File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater not found.

File C:\Program Files\Ask.com\Updater\Updater.exe not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ not found.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!

File C:\autoexec.bat not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c2d7a3e4-616f-11df-b59d-001a80249e6f}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c2d7a3e4-616f-11df-b59d-001a80249e6f}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c2d7a3e4-616f-11df-b59d-001a80249e6f}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c2d7a3e4-616f-11df-b59d-001a80249e6f}\ not found.

File G:\DPFMate.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ not found.

File G:\Autorun\Autorun.exe not found.

Folder C:\Program Files\babylon01\ not found.

Folder C:\Users\Jamie-Anthony\AppData\Local\AskToolbar\ not found.

Folder C:\Program Files\Ask.com\ not found.

File C:\ProgramData\etgxespc.rpo not found.

File C:\ProgramData\homrfjdr.aqx not found.

Folder C:\Users\Jamie-Anthony\AppData\Roaming\Babylon\ not found.

Unable to delete ADS C:\ProgramData\TEMP:DFC5A2B2 .

Unable to delete ADS C:\ProgramData\TEMP:A8ADE5D8 .

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: Default User

 

User: Jamie-Anthony

->Temp folder emptied: 667851 bytes

->Temporary Internet Files folder emptied: 303851098 bytes

->Java cache emptied: 6726529 bytes

->FireFox cache emptied: 52940311 bytes

->Google Chrome cache emptied: 14586026 bytes

->Flash cache emptied: 177499 bytes

 

User: Public

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 5607 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 481153646 bytes

RecycleBin emptied: 1190912 bytes

 

Total Files Cleaned = 821,00 mb

 

 

[EMPTYFLASH]

 

User: All Users

 

User: Default

->Flash cache emptied: 0 bytes

 

User: Default User

 

User: Jamie-Anthony

->Flash cache emptied: 0 bytes

 

User: Public

 

Total Flash Files Cleaned = 0,00 mb

 

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

OTL by OldTimer - Version 3.2.42.3 log created on 05142012_093406
 

Files\Folders moved on Reboot...

File\Folder C:\Windows\temp\logishrd\LVPrcInj07.dll not found!
 

Registry entries deleted on Reboot...

LG...

cosinus

14.05.2012 09:38

Warum da alles angeblich weg sein soll kann ich nicht nachvollziehen!
Probier erstmal einen Neustart von Windows!

Jami87

14.05.2012 09:45

Also Windows habe ich schon neugestartet...

Wenn ich z.B. über das Emailprogramm Dateien aufrufe, die mir mal jmd. geschickt hat, die auch auf meinem Rechner gespeichert sind, dann bekomme ich es auf... Auch Fotos über das Programm, mit denen ich immer die Fotos verwalte... Allerdings sind unter "Eigene Dateien" keine Dateien mehr vorhanden?!?

Habe ich denn jetzt noch einen Virus auf dem PC oder wie ist der aktuelle Stand?!? Kannst du mir das sagen? Und wieso ist unter dem Startmenü immernoch nichts da?!?

Vielen Dank für deine Mühe aber auf jeden Fall...

LG...

cosinus

14.05.2012 10:38

Durch die Infektion wurde einiges bei dir am System umgegogen, ist doch klar
Wenn unhide nichts wieder anzigen kann, tja dann wirds schwierig - dann kannst du nicht mal eben so auf Knopfdruck das Startmenü wiederherstellen

Deine Fotos und anderen privaten Dateien sollte noch da sein, werden offensichtlich nur ausgeblendet
Probier das hier aus => http://www.trojaner-board.de/59624-a...-sichtbar.html
Dann werden alle Dateien eingeblendet auch versteckte und geschützte Dateien

Jami87

14.05.2012 11:26

Also ich habe mal jetzt das gemacht, was du mit dem Link empfohlen hast... Jetzt zeigt es alles wieder an außer das Startmenü und die Taskleiste...
Allerdings sind die Ordner und Dateien (Worddateien, etc.) hell gefärbt - hat das was zu sagen oder ist das einfach die Farbeinstellung?

Das Startmenü brauche ich ja nicht weiter bzw. kann ich in die Taskleiste die Symbole wieder manuell hinschieben... Aber ist das nicht ein Zeichen, dass da noch ein Virus auf dem System ist?
Oder ist jetzt wieder alles ok?!?

Kann/sollte ich jetzt ein richtiges Antivirenprogramm (mehr als das kostenlose Antivir) downloaden? Bringt das was?

Und hast du eine Idee, wie der Virus auf meinem PC gelandet ist, obwohl ich nichts weiter gemacht habe? Kann das mit dem Internet Explorer zusammenhängen (den ich kurz genutzt hatte, bevor die Fehlermeldungen kamen?)

cosinus

14.05.2012 11:31

Zitat:

Allerdings sind die Ordner und Dateien (Worddateien, etc.) hell gefärbt - hat das was zu sagen oder ist das einfach die Farbeinstellung?

Das liegt daran, dass deine Dateien das versteckt oder/oder system Attribut tragen! Die Attribute "Schreibgeschützt" und "System" von Ordnern können in Windows*Server*2003, Windows*XP, Windows*Vista oder Windows 7 nicht angezeigt oder geändert werden

Zitat:

Aber ist das nicht ein Zeichen, dass da noch ein Virus auf dem System ist?

Attribute sind keine Viren!

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten, Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

Jami87

14.05.2012 11:42

Oje, jetzt versteh ich gar nichts mehr...

Wieso war das mit den Attributen denn vorher nicht?

Und letztendlich bin ich doch erst dadurch, dass manche Ordner nicht mehr sichtbar waren, auf den Virus aufmerksam geworden... War es dann gar keiner und nur Zufall, dass ich darüber dann auf andere aufmerksam geworden bin?

Wie viele Viren waren denn auf meinem PC? Kannst du das einsehen?

Oje, oje... Ich setze mich heute Abend noch mal hin... Muss jetzt erstmal los... :-(

So, habe es noch schnell gemacht mit dem TDSS (das mit den Attributen versteh ich nicht :-(

Aber ich glaube es passt nicht rein - ich versuchs mal...

Code:

12:47:48.0396 4960        LVPr2Mon        (c57c48fb9ae3efb9848af594e3123a63) C:\Windows\system32\DRIVERS\LVPr2Mon.sys

12:47:48.0407 4960        LVPr2Mon - ok

12:47:48.0499 4960        LVPrcSrv        (5c7b88695ce461d8bda4fe0c0e57e71d) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

12:47:48.0513 4960        LVPrcSrv - ok

12:47:48.0548 4960        LVRS            (87ecce893d8aec5a9337b917742d339c) C:\Windows\system32\DRIVERS\lvrs.sys

12:47:48.0566 4960        LVRS - ok

12:47:49.0036 4960        LVUVC           (291f69b3dda0f033d2490c5ba5179f7c) C:\Windows\system32\DRIVERS\lvuvc.sys

12:47:49.0464 4960        LVUVC - ok

12:47:49.0703 4960        lxeaCATSCustConnectService (be074bad48be291fe0e8f518b10af455) C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxeaserv.exe

12:47:49.0715 4960        lxeaCATSCustConnectService - ok

12:47:49.0718 4960        lxea_device - ok

12:47:49.0766 4960        MBAMProtector   (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys

12:47:49.0782 4960        MBAMProtector - ok

12:47:49.0873 4960        MBAMService     (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

12:47:49.0958 4960        MBAMService - ok

12:47:50.0015 4960        Mcx2Svc         (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll

12:47:50.0030 4960        Mcx2Svc - ok

12:47:50.0061 4960        mdmxsdk         (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys

12:47:50.0072 4960        mdmxsdk - ok

12:47:50.0093 4960        megasas         (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys

12:47:50.0106 4960        megasas - ok

12:47:50.0125 4960        MMCSS           (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll

12:47:50.0153 4960        MMCSS - ok

12:47:50.0220 4960        Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

12:47:50.0252 4960        Modem - ok

12:47:50.0297 4960        monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

12:47:50.0328 4960        monitor - ok

12:47:50.0382 4960        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

12:47:50.0399 4960        mouclass - ok

12:47:50.0410 4960        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

12:47:50.0442 4960        mouhid - ok

12:47:50.0487 4960        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

12:47:50.0505 4960        MountMgr - ok

12:47:50.0556 4960        MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

12:47:50.0575 4960        MozillaMaintenance - ok

12:47:50.0602 4960        mpio            (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys

12:47:50.0625 4960        mpio - ok

12:47:50.0641 4960        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

12:47:50.0676 4960        mpsdrv - ok

12:47:50.0744 4960        MpsSvc          (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll

12:47:50.0788 4960        MpsSvc - ok

12:47:50.0813 4960        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

12:47:50.0833 4960        Mraid35x - ok

12:47:50.0874 4960        MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

12:47:50.0901 4960        MRxDAV - ok

12:47:50.0942 4960        mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys

12:47:50.0966 4960        mrxsmb - ok

12:47:51.0046 4960        mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys

12:47:51.0074 4960        mrxsmb10 - ok

12:47:51.0091 4960        mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

Code:

12:47:51.0116 4960        mrxsmb20 - ok

12:47:51.0142 4960        msahci          (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys

12:47:51.0163 4960        msahci - ok

12:47:51.0263 4960        MSCSPTISRV      (8e46a7bac823dd82d4fb2a34c3df4c1d) C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe

12:47:51.0268 4960        MSCSPTISRV ( UnsignedFile.Multi.Generic ) - warning

12:47:51.0268 4960        MSCSPTISRV - detected UnsignedFile.Multi.Generic (1)

12:47:51.0287 4960        msdsm           (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys

12:47:51.0301 4960        msdsm - ok

12:47:51.0361 4960        MSDTC           (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe

12:47:51.0390 4960        MSDTC - ok

12:47:51.0422 4960        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

12:47:51.0447 4960        Msfs - ok

12:47:51.0484 4960        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

12:47:51.0497 4960        msisadrv - ok

12:47:51.0561 4960        MSiSCSI         (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll

12:47:51.0590 4960        MSiSCSI - ok

12:47:51.0593 4960        msiserver - ok

12:47:51.0650 4960        MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

12:47:51.0676 4960        MSKSSRV - ok

12:47:51.0692 4960        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

12:47:51.0717 4960        MSPCLOCK - ok

12:47:51.0728 4960        MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

12:47:51.0754 4960        MSPQM - ok

12:47:51.0804 4960        MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

12:47:51.0822 4960        MsRPC - ok

12:47:51.0837 4960        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

12:47:51.0850 4960        mssmbios - ok

12:47:51.0861 4960        MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

12:47:51.0891 4960        MSTEE - ok

12:47:51.0907 4960        Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

12:47:51.0926 4960        Mup - ok

12:47:51.0991 4960        napagent        (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll

12:47:52.0042 4960        napagent - ok

12:47:52.0090 4960        NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

12:47:52.0112 4960        NativeWifiP - ok

12:47:52.0160 4960        NBVol           (0ae25530894a934c6ca600865c6e9d7c) C:\Windows\system32\DRIVERS\NBVol.sys

12:47:52.0179 4960        NBVol - ok

12:47:52.0205 4960        NBVolUp         (1ddcef3039c9d90af3529dee6699967d) C:\Windows\system32\DRIVERS\NBVolUp.sys

12:47:52.0229 4960        NBVolUp - ok

12:47:52.0288 4960        NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

12:47:52.0340 4960        NDIS - ok

12:47:52.0407 4960        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

12:47:52.0433 4960        NdisTapi - ok

12:47:52.0497 4960        Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

12:47:52.0531 4960        Ndisuio - ok

12:47:52.0557 4960        NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

12:47:52.0590 4960        NdisWan - ok

12:47:52.0656 4960        NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

12:47:52.0683 4960        NDProxy - ok

12:47:52.0709 4960        NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

12:47:52.0745 4960        NetBIOS - ok

12:47:52.0879 4960        netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

12:47:52.0914 4960        netbt - ok

12:47:52.0973 4960        Netlogon        (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe

12:47:52.0991 4960        Netlogon - ok

12:47:53.0070 4960        Netman          (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll

12:47:53.0101 4960        Netman - ok

12:47:53.0165 4960        netprofm        (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll

12:47:53.0195 4960        netprofm - ok

12:47:53.0272 4960        NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

12:47:53.0286 4960        NetTcpPortSharing - ok

12:47:54.0528 4960        NETw4v32        (6522dd40a5f67ced020bd81b856613fb) C:\Windows\system32\DRIVERS\NETw4v32.sys

12:47:54.0763 4960        NETw4v32 - ok

12:47:55.0765 4960        nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

12:47:55.0797 4960        nfrd960 - ok

12:47:56.0066 4960        NlaSvc          (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll

12:47:56.0137 4960        NlaSvc - ok

12:47:56.0242 4960        Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

12:47:56.0309 4960        Npfs - ok

12:47:56.0375 4960        nsi             (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll

12:47:56.0418 4960        nsi - ok

12:47:56.0497 4960        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

12:47:56.0537 4960        nsiproxy - ok

12:47:56.0882 4960        Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

12:47:57.0106 4960        Ntfs - ok

12:47:57.0189 4960        ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

12:47:57.0262 4960        ntrigdigi - ok

12:47:57.0309 4960        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

12:47:57.0374 4960        Null - ok

12:47:59.0463 4960        nvlddmkm        (61cc6e7237973caa4e384ce97fd7a7b9) C:\Windows\system32\DRIVERS\nvlddmkm.sys

12:47:59.0938 4960        nvlddmkm - ok

12:48:00.0066 4960        nvraid          (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys

12:48:00.0080 4960        nvraid - ok

12:48:00.0098 4960        nvstor          (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys

12:48:00.0110 4960        nvstor - ok

12:48:00.0134 4960        nv_agp          (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys

12:48:00.0148 4960        nv_agp - ok

12:48:00.0152 4960        NwlnkFlt - ok

12:48:00.0158 4960        NwlnkFwd - ok

12:48:00.0304 4960        odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

12:48:00.0325 4960        odserv - ok

12:48:00.0381 4960        ohci1394        (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys

12:48:00.0402 4960        ohci1394 - ok

12:48:00.0487 4960        OMSI download service (da345de3b450e9e1691e7b9956d8ffc3) C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe

12:48:00.0494 4960        OMSI download service ( UnsignedFile.Multi.Generic ) - warning

12:48:00.0495 4960        OMSI download service - detected UnsignedFile.Multi.Generic (1)

12:48:00.0524 4960        ose             (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

12:48:00.0542 4960        ose - ok

12:48:00.0625 4960        p2pimsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll

12:48:00.0778 4960        p2pimsvc - ok

12:48:00.0791 4960        p2psvc          (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll

12:48:00.0880 4960        p2psvc - ok

12:48:00.0964 4960        PACSPTISVR      (753a8f339f231d2b857e2ccd51a6e6ca) C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

12:48:00.0971 4960        PACSPTISVR ( UnsignedFile.Multi.Generic ) - warning

12:48:00.0971 4960        PACSPTISVR - detected UnsignedFile.Multi.Generic (1)

12:48:01.0050 4960        Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

12:48:01.0101 4960        Parport - ok

12:48:01.0139 4960        partmgr         (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys

12:48:01.0154 4960        partmgr - ok

12:48:01.0171 4960        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

12:48:01.0215 4960        Parvdm - ok

12:48:01.0270 4960        PcaSvc          (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll

12:48:01.0287 4960        PcaSvc - ok

12:48:01.0344 4960        pci             (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

12:48:01.0362 4960        pci - ok

12:48:01.0384 4960        pciide          (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys

12:48:01.0396 4960        pciide - ok

12:48:01.0448 4960        pcmcia          (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys

12:48:01.0466 4960        pcmcia - ok

12:48:01.0557 4960        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

12:48:01.0643 4960        PEAUTH - ok

12:48:01.0796 4960        pla             (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll

12:48:01.0900 4960        pla - ok

12:48:02.0094 4960        PlugPlay        (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll

12:48:02.0125 4960        PlugPlay - ok

12:48:02.0215 4960        PNRPAutoReg     (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll

12:48:02.0301 4960        PNRPAutoReg - ok

12:48:02.0310 4960        PNRPsvc         (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll

12:48:02.0409 4960        PNRPsvc - ok

12:48:02.0466 4960        PolicyAgent     (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll

12:48:02.0555 4960        PolicyAgent - ok

12:48:02.0678 4960        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

12:48:02.0721 4960        PptpMiniport - ok

12:48:02.0749 4960        Processor       (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys

12:48:02.0821 4960        Processor - ok

12:48:02.0874 4960        ProfSvc         (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll

12:48:02.0907 4960        ProfSvc - ok

12:48:02.0961 4960        ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe

12:48:02.0974 4960        ProtectedStorage - ok

12:48:03.0012 4960        PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

12:48:03.0033 4960        PSched - ok

12:48:03.0069 4960        PxHelp20        (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys

12:48:03.0083 4960        PxHelp20 - ok

12:48:03.0163 4960        ql2300          (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys

12:48:03.0253 4960        ql2300 - ok

12:48:03.0282 4960        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

12:48:03.0296 4960        ql40xx - ok

12:48:03.0369 4960        QWAVE           (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll

12:48:03.0390 4960        QWAVE - ok

12:48:03.0431 4960        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

12:48:03.0445 4960        QWAVEdrv - ok

12:48:03.0481 4960        R5U870FLx86     (9ac8ac6cd00100443ea6afd0a4ade8f7) C:\Windows\system32\Drivers\R5U870FLx86.sys

12:48:03.0514 4960        R5U870FLx86 - ok

12:48:03.0543 4960        R5U870FUx86     (1ae358affffd13bf6ec7dc72dccfac12) C:\Windows\system32\Drivers\R5U870FUx86.sys

12:48:03.0556 4960        R5U870FUx86 - ok

12:48:03.0640 4960        RapiMgr         (70dbdab246c18b78e2200d6401d038be) C:\Windows\WindowsMobile\rapimgr.dll

12:48:03.0675 4960        RapiMgr - ok

12:48:03.0731 4960        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

12:48:03.0763 4960        RasAcd - ok

12:48:03.0826 4960        RasAuto         (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll

12:48:03.0871 4960        RasAuto - ok

12:48:03.0931 4960        Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

12:48:03.0971 4960        Rasl2tp - ok

12:48:04.0038 4960        RasMan          (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll

12:48:04.0073 4960        RasMan - ok

12:48:04.0124 4960        RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

12:48:04.0151 4960        RasPppoe - ok

12:48:04.0198 4960        RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

12:48:04.0217 4960        RasSstp - ok

12:48:04.0278 4960        rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

12:48:04.0335 4960        rdbss - ok

12:48:04.0368 4960        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

12:48:04.0402 4960        RDPCDD - ok

12:48:04.0451 4960        rdpdr           (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys

12:48:04.0519 4960        rdpdr - ok

12:48:04.0548 4960        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

12:48:04.0580 4960        RDPENCDD - ok

12:48:04.0640 4960        RDPWD           (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys

12:48:04.0675 4960        RDPWD - ok

12:48:04.0708 4960        regi            (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys

12:48:04.0718 4960        regi - ok

12:48:04.0767 4960        RemoteAccess    (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll

12:48:04.0794 4960        RemoteAccess - ok

12:48:04.0837 4960        RemoteRegistry  (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll

12:48:04.0860 4960        RemoteRegistry - ok

12:48:04.0912 4960        RFCOMM          (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys

12:48:04.0947 4960        RFCOMM - ok

12:48:04.0973 4960        RpcLocator      (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe

12:48:04.0988 4960        RpcLocator - ok

12:48:05.0079 4960        RpcSs           (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll

12:48:05.0111 4960        RpcSs - ok

12:48:05.0164 4960        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

12:48:05.0197 4960        rspndr - ok

12:48:05.0265 4960        s0017bus        (594ff5620661d1386475406e78cb6f2f) C:\Windows\system32\DRIVERS\s0017bus.sys

12:48:05.0293 4960        s0017bus - ok

12:48:05.0318 4960        s0017mdfl       (7258f550419d543bc5c8e80c578a5d54) C:\Windows\system32\DRIVERS\s0017mdfl.sys

12:48:05.0334 4960        s0017mdfl - ok

12:48:05.0359 4960        s0017mdm        (1de4f6607feb17a15dbd4f1b139e6d2f) C:\Windows\system32\DRIVERS\s0017mdm.sys

12:48:05.0378 4960        s0017mdm - ok

12:48:05.0426 4960        s0017mgmt       (9814e6bacc06d2526cd52981c7eeedf0) C:\Windows\system32\DRIVERS\s0017mgmt.sys

12:48:05.0444 4960        s0017mgmt - ok

12:48:05.0484 4960        s0017nd5        (2c62cd58225973f26682cd4f783ddede) C:\Windows\system32\DRIVERS\s0017nd5.sys

12:48:05.0504 4960        s0017nd5 - ok

12:48:05.0521 4960        s0017obex       (f87c3422e84b2fb1b43e0a26247ad5a5) C:\Windows\system32\DRIVERS\s0017obex.sys

12:48:05.0544 4960        s0017obex - ok

12:48:05.0562 4960        s0017unic       (df5e7360a0afa5956bf75da683d0679f) C:\Windows\system32\DRIVERS\s0017unic.sys

12:48:05.0585 4960        s0017unic - ok

12:48:05.0692 4960        s116bus         (815445f4676cc96bc9aeec303c727e19) C:\Windows\system32\DRIVERS\s116bus.sys

12:48:05.0723 4960        s116bus - ok

12:48:05.0741 4960        s116mdfl        (333d1e0743e6de1779c3c418ac601c3a) C:\Windows\system32\DRIVERS\s116mdfl.sys

12:48:05.0762 4960        s116mdfl - ok

12:48:05.0786 4960        s116mdm         (50d6e5b021e9ec7553ab8a3553cc1b6b) C:\Windows\system32\DRIVERS\s116mdm.sys

12:48:05.0809 4960        s116mdm - ok

12:48:05.0826 4960        s116mgmt        (1589aa53e43f8d193a7d4d580d3ffa95) C:\Windows\system32\DRIVERS\s116mgmt.sys

12:48:05.0850 4960        s116mgmt - ok

12:48:05.0892 4960        s116nd5         (306f85733671fe507470f0273025e768) C:\Windows\system32\DRIVERS\s116nd5.sys

12:48:05.0913 4960        s116nd5 - ok

12:48:05.0934 4960        s116obex        (ec32601f04a5a5de89315d0f55e73d66) C:\Windows\system32\DRIVERS\s116obex.sys

12:48:05.0958 4960        s116obex - ok

12:48:05.0981 4960        s116unic        (32e3ecb4b2b5887426eaf241a8149cde) C:\Windows\system32\DRIVERS\s116unic.sys

12:48:06.0005 4960        s116unic - ok

12:48:06.0045 4960        s3017bus        (aa786ad3a2684d39630744787b00e6f4) C:\Windows\system32\DRIVERS\s3017bus.sys

12:48:06.0067 4960        s3017bus - ok

12:48:06.0092 4960        s3017mdfl       (cba4ca5bce44084e98ce420fd6692d3a) C:\Windows\system32\DRIVERS\s3017mdfl.sys

12:48:06.0112 4960        s3017mdfl - ok

12:48:06.0132 4960        s3017mdm        (68036eff647970d6c0399789c8707cad) C:\Windows\system32\DRIVERS\s3017mdm.sys

12:48:06.0155 4960        s3017mdm - ok

12:48:06.0179 4960        s3017mgmt       (3672e7f9349bd98fd3f5ac33e7b2b1a6) C:\Windows\system32\DRIVERS\s3017mgmt.sys

12:48:06.0202 4960        s3017mgmt - ok

12:48:06.0219 4960        s3017nd5        (b1133b37eb184aef81d56b4302dbae9c) C:\Windows\system32\DRIVERS\s3017nd5.sys

12:48:06.0240 4960        s3017nd5 - ok

12:48:06.0263 4960        s3017obex       (d81b1d504aa1426622e7ec09f25130a9) C:\Windows\system32\DRIVERS\s3017obex.sys

12:48:06.0286 4960        s3017obex - ok

12:48:06.0306 4960        s3017unic       (7b95c53ea8bb585013767eef2875c0a0) C:\Windows\system32\DRIVERS\s3017unic.sys

12:48:06.0338 4960        s3017unic - ok

12:48:06.0394 4960        SamSs           (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe

12:48:06.0418 4960        SamSs - ok

12:48:06.0450 4960        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

12:48:06.0473 4960        sbp2port - ok

12:48:06.0522 4960        SCardSvr        (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll

12:48:06.0559 4960        SCardSvr - ok

12:48:06.0639 4960        Schedule        (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll

12:48:06.0800 4960        Schedule - ok

12:48:06.0847 4960        SCPolicySvc     (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll

12:48:06.0885 4960        SCPolicySvc - ok

12:48:06.0944 4960        SDRSVC          (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll

12:48:07.0021 4960        SDRSVC - ok

12:48:07.0053 4960        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

12:48:07.0161 4960        secdrv - ok

12:48:07.0221 4960        seclogon        (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll

12:48:07.0247 4960        seclogon - ok

12:48:07.0285 4960        seehcri         (e5b56569a9f79b70314fede6c953641e) C:\Windows\system32\DRIVERS\seehcri.sys

12:48:07.0318 4960        seehcri - ok

12:48:07.0343 4960        SENS            (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll

12:48:07.0371 4960        SENS - ok

12:48:07.0431 4960        Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

12:48:07.0474 4960        Serenum - ok

12:48:07.0496 4960        Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

12:48:07.0539 4960        Serial - ok

12:48:07.0582 4960        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

12:48:07.0608 4960        sermouse - ok

12:48:07.0670 4960        SessionEnv      (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll

12:48:07.0699 4960        SessionEnv - ok

12:48:07.0716 4960        sffdisk         (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys

12:48:07.0760 4960        sffdisk - ok

12:48:07.0768 4960        sffp_mmc        (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys

12:48:07.0811 4960        sffp_mmc - ok

12:48:07.0827 4960        sffp_sd         (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys

12:48:07.0872 4960        sffp_sd - ok

12:48:07.0877 4960        sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\DRIVERS\sfloppy.sys

12:48:07.0919 4960        sfloppy - ok

12:48:07.0987 4960        SharedAccess    (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll

12:48:08.0032 4960        SharedAccess - ok

12:48:08.0085 4960        ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll

12:48:08.0118 4960        ShellHWDetection - ok

12:48:08.0130 4960        sisagp          (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys

12:48:08.0143 4960        sisagp - ok

12:48:08.0172 4960        SiSRaid2        (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys

12:48:08.0185 4960        SiSRaid2 - ok

12:48:08.0203 4960        SiSRaid4        (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys

12:48:08.0218 4960        SiSRaid4 - ok

12:48:08.0487 4960        slsvc           (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe

12:48:08.0841 4960        slsvc - ok

12:48:08.0984 4960        SLUINotify      (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll

12:48:09.0022 4960        SLUINotify - ok

12:48:09.0079 4960        Smb             (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

12:48:09.0114 4960        Smb - ok

12:48:09.0148 4960        SNC             (db31d8989b3450569c29780e7fa98c48) C:\Windows\system32\Drivers\SonyNC.sys

12:48:09.0184 4960        SNC - ok

12:48:09.0224 4960        SNMPTRAP        (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe

12:48:09.0238 4960        SNMPTRAP - ok

12:48:09.0405 4960        Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Program Files\Sony\Sony PC Companion\PCCService.exe

12:48:09.0418 4960        Sony PC Companion - ok

12:48:09.0471 4960        spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

12:48:09.0484 4960        spldr - ok

12:48:09.0518 4960        Spooler         (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe

12:48:09.0546 4960        Spooler - ok

12:48:09.0608 4960        SPTISRV         (e3e6c96b0ef4492c3c8fd0deef4e35a1) C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

12:48:09.0624 4960        SPTISRV ( UnsignedFile.Multi.Generic ) - warning

12:48:09.0624 4960        SPTISRV - detected UnsignedFile.Multi.Generic (1)

12:48:09.0694 4960        srv             (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys

12:48:09.0746 4960        srv - ok

12:48:09.0806 4960        srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys

12:48:09.0853 4960        srv2 - ok

12:48:09.0892 4960        srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys

12:48:09.0928 4960        srvnet - ok

12:48:10.0000 4960        SSDPSRV         (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll

12:48:10.0041 4960        SSDPSRV - ok

12:48:10.0081 4960        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys

12:48:10.0093 4960        ssmdrv - ok

12:48:10.0153 4960        SstpSvc         (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll

12:48:10.0175 4960        SstpSvc - ok

12:48:10.0205 4960        STacSV          (b218068eba6f46f102b4218bdb81be0b) C:\Windows\system32\stacsv.exe

12:48:10.0226 4960        STacSV - ok

12:48:10.0278 4960        STHDA           (167909a1c36aa3e8f2582962f0ccc748) C:\Windows\system32\drivers\stwrt.sys

12:48:10.0315 4960        STHDA - ok

12:48:10.0381 4960        stisvc          (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll

12:48:10.0430 4960        stisvc - ok

12:48:10.0576 4960        StkTMini        (0933717146e8054f133b5bdb874ef9fa) C:\Windows\system32\Drivers\StkTMini.sys

12:48:10.0640 4960        StkTMini ( UnsignedFile.Multi.Generic ) - warning

12:48:10.0640 4960        StkTMini - detected UnsignedFile.Multi.Generic (1)

12:48:10.0695 4960        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

12:48:10.0708 4960        swenum - ok

12:48:10.0763 4960        swprv           (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll

12:48:10.0840 4960        swprv - ok

12:48:10.0864 4960        Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

12:48:10.0877 4960        Symc8xx - ok

12:48:10.0894 4960        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

12:48:10.0907 4960        Sym_hi - ok

12:48:10.0915 4960        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

12:48:10.0928 4960        Sym_u3 - ok

12:48:11.0002 4960        SysMain         (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll

12:48:11.0084 4960        SysMain - ok

12:48:11.0146 4960        TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll

12:48:11.0168 4960        TabletInputService - ok

12:48:11.0226 4960        TapiSrv         (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll

12:48:11.0292 4960        TapiSrv - ok

12:48:11.0349 4960        TBS             (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll

12:48:11.0384 4960        TBS - ok

12:48:11.0493 4960        Tcpip           (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys

12:48:11.0556 4960        Tcpip - ok

12:48:11.0570 4960        Tcpip6          (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys

12:48:11.0652 4960        Tcpip6 - ok

12:48:11.0713 4960        tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys

12:48:11.0748 4960        tcpipreg - ok

12:48:11.0804 4960        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

12:48:11.0846 4960        TDPIPE - ok

12:48:11.0862 4960        TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

12:48:11.0904 4960        TDTCP - ok

12:48:11.0953 4960        tdx             (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

12:48:11.0988 4960        tdx - ok

12:48:12.0035 4960        TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

12:48:12.0059 4960        TermDD - ok

12:48:12.0127 4960        TermService     (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll

12:48:12.0171 4960        TermService - ok

12:48:12.0232 4960        Themes          (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll

12:48:12.0263 4960        Themes - ok

12:48:12.0316 4960        THREADORDER     (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll

12:48:12.0342 4960        THREADORDER - ok

12:48:12.0421 4960        ti21sony        (909cd987b54a8179c9aee874d754721a) C:\Windows\system32\drivers\ti21sony.sys

12:48:12.0496 4960        ti21sony - ok

12:48:12.0533 4960        TrkWks          (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll

12:48:12.0562 4960        TrkWks - ok

12:48:12.0632 4960        TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe

12:48:12.0652 4960        TrustedInstaller - ok

12:48:12.0706 4960        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

12:48:12.0733 4960        tssecsrv - ok

12:48:12.0745 4960        tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

12:48:12.0761 4960        tunmp - ok

12:48:12.0810 4960        tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

12:48:12.0827 4960        tunnel - ok

12:48:12.0857 4960        uagp35          (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys

12:48:12.0873 4960        uagp35 - ok

12:48:12.0904 4960        udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

12:48:12.0935 4960        udfs - ok

12:48:13.0011 4960        UI0Detect       (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe

12:48:13.0046 4960        UI0Detect - ok

12:48:13.0177 4960        UleadBurningHelper (f13da74969897359a88f2a739f54a250) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

12:48:13.0184 4960        UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning

12:48:13.0184 4960        UleadBurningHelper - detected UnsignedFile.Multi.Generic (1)

12:48:13.0210 4960        uliagpkx        (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys

12:48:13.0231 4960        uliagpkx - ok

12:48:13.0264 4960        uliahci         (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys

12:48:13.0283 4960        uliahci - ok

12:48:13.0301 4960        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

12:48:13.0315 4960        UlSata - ok

12:48:13.0328 4960        ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

12:48:13.0343 4960        ulsata2 - ok

12:48:13.0399 4960        umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

12:48:13.0425 4960        umbus - ok

12:48:13.0486 4960        upnphost        (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll

12:48:13.0520 4960        upnphost - ok

12:48:13.0571 4960        usbaudio        (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys

12:48:13.0592 4960        usbaudio - ok

12:48:13.0652 4960        usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

12:48:13.0673 4960        usbccgp - ok

12:48:13.0787 4960        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

12:48:13.0832 4960        usbcir - ok

12:48:13.0873 4960        usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

12:48:13.0895 4960        usbehci - ok

12:48:13.0943 4960        usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

12:48:13.0967 4960        usbhub - ok

12:48:14.0001 4960        usbohci         (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

12:48:14.0054 4960        usbohci - ok

12:48:14.0069 4960        usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

12:48:14.0101 4960        usbprint - ok

12:48:14.0155 4960        usbscan         (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys

12:48:14.0180 4960        usbscan - ok

12:48:14.0201 4960        USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

12:48:14.0227 4960        USBSTOR - ok

12:48:14.0283 4960        usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

12:48:14.0309 4960        usbuhci - ok

12:48:14.0332 4960        usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys

12:48:14.0366 4960        usbvideo - ok

12:48:14.0406 4960        UxSms           (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll

12:48:14.0434 4960        UxSms - ok

12:48:14.0557 4960        VAIO Entertainment TV Device Arbitration Service (afbcd738df9de3b6d71afc704e7f27fb) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

12:48:14.0564 4960        VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - warning

12:48:14.0564 4960        VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic (1)

12:48:14.0634 4960        VAIO Event Service (8a9f18adad471402236ca931553bf79b) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

12:48:14.0656 4960        VAIO Event Service - ok

12:48:14.0866 4960        VAIOMediaPlatform-IntegratedServer-AppServer (0a4cd617ed1f03c8b7310fc4871173a4) C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe

12:48:15.0112 4960        VAIOMediaPlatform-IntegratedServer-AppServer ( UnsignedFile.Multi.Generic ) - warning

12:48:15.0112 4960        VAIOMediaPlatform-IntegratedServer-AppServer - detected UnsignedFile.Multi.Generic (1)

12:48:15.0298 4960        VAIOMediaPlatform-IntegratedServer-HTTP (56e33aaa46cba8431e72486196afb3a1) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe

12:48:15.0342 4960        VAIOMediaPlatform-IntegratedServer-HTTP ( UnsignedFile.Multi.Generic ) - warning

12:48:15.0343 4960        VAIOMediaPlatform-IntegratedServer-HTTP - detected UnsignedFile.Multi.Generic (1)

12:48:15.0451 4960        VAIOMediaPlatform-IntegratedServer-UPnP (addf0e4e19bd2ff0a0b852d324fdc281) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

12:48:15.0600 4960        VAIOMediaPlatform-IntegratedServer-UPnP ( UnsignedFile.Multi.Generic ) - warning

12:48:15.0600 4960        VAIOMediaPlatform-IntegratedServer-UPnP - detected UnsignedFile.Multi.Generic (1)

12:48:15.0757 4960        VAIOMediaPlatform-UCLS-AppServer (52d4f568fe7d05ae5026b8717eeb59eb) C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe

12:48:15.0816 4960        VAIOMediaPlatform-UCLS-AppServer ( UnsignedFile.Multi.Generic ) - warning

12:48:15.0816 4960        VAIOMediaPlatform-UCLS-AppServer - detected UnsignedFile.Multi.Generic (1)

12:48:15.0882 4960        VAIOMediaPlatform-UCLS-HTTP (56e33aaa46cba8431e72486196afb3a1) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe

12:48:15.0916 4960        VAIOMediaPlatform-UCLS-HTTP ( UnsignedFile.Multi.Generic ) - warning

12:48:15.0916 4960        VAIOMediaPlatform-UCLS-HTTP - detected UnsignedFile.Multi.Generic (1)

12:48:16.0048 4960        VAIOMediaPlatform-UCLS-UPnP (addf0e4e19bd2ff0a0b852d324fdc281) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

12:48:16.0130 4960        VAIOMediaPlatform-UCLS-UPnP ( UnsignedFile.Multi.Generic ) - warning

12:48:16.0130 4960        VAIOMediaPlatform-UCLS-UPnP - detected UnsignedFile.Multi.Generic (1)

12:48:16.0221 4960        VcmIAlzMgr      (5d325b6add78a111be62a3842cf05345) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

12:48:16.0240 4960        VcmIAlzMgr - ok

12:48:16.0366 4960        VcmXmlIfHelper  (c4de5ba157fd83bbdaeb70ee27417e0e) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe

12:48:16.0378 4960        VcmXmlIfHelper - ok

12:48:16.0389 4960        Vcsw - ok

12:48:16.0550 4960        vds             (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe

12:48:16.0598 4960        vds - ok

12:48:16.0662 4960        vga             (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

12:48:16.0694 4960        vga - ok

12:48:16.0746 4960        VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

12:48:16.0781 4960        VgaSave - ok

12:48:16.0819 4960        viaagp          (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys

12:48:16.0839 4960        viaagp - ok

12:48:16.0854 4960        ViaC7           (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys

12:48:16.0902 4960        ViaC7 - ok

12:48:16.0921 4960        viaide          (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys

12:48:16.0933 4960        viaide - ok

12:48:16.0985 4960        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

12:48:16.0999 4960        volmgr - ok

12:48:17.0054 4960        volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

12:48:17.0075 4960        volmgrx - ok

12:48:17.0139 4960        volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

12:48:17.0159 4960        volsnap - ok

12:48:17.0199 4960        vsmraid         (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys

12:48:17.0213 4960        vsmraid - ok

12:48:17.0321 4960        VSS             (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe

12:48:17.0389 4960        VSS - ok

12:48:17.0524 4960        VzCdbSvc        (2e785f4f92c4c67cebb61dd55ed1f6a1) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

12:48:17.0533 4960        VzCdbSvc ( UnsignedFile.Multi.Generic ) - warning

12:48:17.0533 4960        VzCdbSvc - detected UnsignedFile.Multi.Generic (1)

12:48:17.0592 4960        VzFw            (2d876cad8c7ffb08179dff361ff851e6) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

12:48:17.0599 4960        VzFw ( UnsignedFile.Multi.Generic ) - warning

12:48:17.0599 4960        VzFw - detected UnsignedFile.Multi.Generic (1)

12:48:17.0737 4960        W32Time         (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll

12:48:17.0768 4960        W32Time - ok

12:48:17.0802 4960        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

12:48:17.0856 4960        WacomPen - ok

12:48:17.0910 4960        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

12:48:17.0936 4960        Wanarp - ok

12:48:17.0940 4960        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

12:48:17.0967 4960        Wanarpv6 - ok

12:48:18.0053 4960        WcesComm        (779f9c90d3fe9c70b6ffd8ef035f3e83) C:\Windows\WindowsMobile\wcescomm.dll

12:48:18.0149 4960        WcesComm - ok

12:48:18.0207 4960        wcncsvc         (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll

12:48:18.0244 4960        wcncsvc - ok

12:48:18.0269 4960        WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll

12:48:18.0306 4960        WcsPlugInService - ok

12:48:18.0322 4960        Wd              (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys

12:48:18.0342 4960        Wd - ok

12:48:18.0442 4960        Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

12:48:18.0498 4960        Wdf01000 - ok

12:48:18.0547 4960        WdiServiceHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll

12:48:18.0584 4960        WdiServiceHost - ok

12:48:18.0589 4960        WdiSystemHost   (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll

12:48:18.0618 4960        WdiSystemHost - ok

12:48:18.0664 4960        WebClient       (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll

12:48:18.0682 4960        WebClient - ok

12:48:18.0731 4960        Wecsvc          (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll

12:48:18.0754 4960        Wecsvc - ok

12:48:18.0810 4960        wercplsupport   (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll

12:48:18.0833 4960        wercplsupport - ok

12:48:18.0882 4960        WerSvc          (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll

12:48:18.0904 4960        WerSvc - ok

12:48:18.0942 4960        WimFltr         (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\Windows\system32\DRIVERS\wimfltr.sys

12:48:18.0957 4960        WimFltr - ok

12:48:19.0022 4960        winachsf        (5a77ac34a0ffb70ce8b35b524fede9ba) C:\Windows\system32\DRIVERS\HSX_CNXT.sys

12:48:19.0114 4960        winachsf - ok

12:48:19.0241 4960        WinDefend       (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll

12:48:19.0261 4960        WinDefend - ok

12:48:19.0267 4960        WinHttpAutoProxySvc - ok

12:48:19.0336 4960        Winmgmt         (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll

12:48:19.0365 4960        Winmgmt - ok

12:48:19.0476 4960        WinRM           (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll

12:48:19.0553 4960        WinRM - ok

12:48:19.0629 4960        winusb          (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\winusb.sys

12:48:19.0663 4960        winusb - ok

12:48:19.0740 4960        Wlansvc         (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll

12:48:19.0792 4960        Wlansvc - ok

12:48:19.0849 4960        WmiAcpi         (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys

12:48:19.0921 4960        WmiAcpi - ok

12:48:20.0006 4960        wmiApSrv        (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe

12:48:20.0043 4960        wmiApSrv - ok

12:48:20.0213 4960        WMPNetworkSvc   (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe

12:48:20.0277 4960        WMPNetworkSvc - ok

12:48:20.0317 4960        WPCSvc          (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll

12:48:20.0351 4960        WPCSvc - ok

12:48:20.0397 4960        WPDBusEnum      (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll

12:48:20.0464 4960        WPDBusEnum - ok

12:48:20.0523 4960        WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

12:48:20.0547 4960        WpdUsb - ok

12:48:20.0748 4960        WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

12:48:20.0789 4960        WPFFontCache_v0400 - ok

12:48:20.0848 4960        ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

12:48:20.0881 4960        ws2ifsl - ok

12:48:20.0920 4960        wscsvc          (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll

12:48:20.0938 4960        wscsvc - ok

12:48:20.0972 4960        WSDPrintDevice  (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys

12:48:20.0992 4960        WSDPrintDevice - ok

12:48:20.0996 4960        WSearch - ok

12:48:21.0170 4960        wuauserv        (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll

12:48:21.0300 4960        wuauserv - ok

12:48:21.0473 4960        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

12:48:21.0510 4960        WUDFRd - ok

12:48:21.0569 4960        wudfsvc         (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll

12:48:21.0609 4960        wudfsvc - ok

12:48:21.0639 4960        XAudio          (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys

12:48:21.0653 4960        XAudio - ok

12:48:21.0700 4960        XAudioService   (15a317674a08df26be65164d959e9203) C:\Windows\system32\DRIVERS\xaudio.exe

12:48:21.0790 4960        XAudioService - ok

12:48:21.0893 4960        yukonwlh        (7927e830ecde6db3682cc319bad26984) C:\Windows\system32\DRIVERS\yk60x86.sys

12:48:21.0939 4960        yukonwlh - ok

12:48:21.0999 4960        MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

12:48:22.0201 4960        \Device\Harddisk0\DR0 - ok

12:48:22.0204 4960        Boot (0x1200)   (3615683225c78d54b0482cf5c756d7e8) \Device\Harddisk0\DR0\Partition0

12:48:22.0205 4960        \Device\Harddisk0\DR0\Partition0 - ok

12:48:22.0206 4960        ============================================================

12:48:22.0206 4960        Scan finished

12:48:22.0206 4960        ============================================================

12:48:22.0214 6060        Detected object count: 18

12:48:22.0214 6060        Actual detected object count: 18

12:50:54.0811 6060        FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user

12:50:54.0811 6060        FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:50:54.0811 6060        Freemake Improver ( UnsignedFile.Multi.Generic ) - skipped by user

12:50:54.0811 6060        Freemake Improver ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:50:54.0815 6060        IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

12:50:54.0815 6060        IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:50:54.0818 6060        MSCSPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user

12:50:54.0818 6060        MSCSPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:50:54.0820 6060        OMSI download service ( UnsignedFile.Multi.Generic ) - skipped by user

12:50:54.0820 6060        OMSI download service ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:50:54.0823 6060        PACSPTISVR ( UnsignedFile.Multi.Generic ) - skipped by user

12:50:54.0823 6060        PACSPTISVR ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:50:54.0825 6060        SPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user

12:50:54.0826 6060        SPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:50:55.0310 6060        C:\Windows\system32\Drivers\StkTMini.sys - copied to quarantine

12:50:55.0311 6060        StkTMini ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

12:50:55.0456 6060        C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe - copied to quarantine

12:50:55.0456 6060        UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

12:50:55.0554 6060        C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe - copied to quarantine

12:50:55.0555 6060        VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

12:50:56.0128 6060        C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe - copied to quarantine

12:50:56.0130 6060        VAIOMediaPlatform-IntegratedServer-AppServer ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

12:50:56.0401 6060        C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe - copied to quarantine

12:50:56.0402 6060        VAIOMediaPlatform-IntegratedServer-HTTP ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

12:50:56.0628 6060        C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe - copied to quarantine

12:50:56.0630 6060        VAIOMediaPlatform-IntegratedServer-UPnP ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

12:50:56.0738 6060        C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe - copied to quarantine

12:50:56.0739 6060        VAIOMediaPlatform-UCLS-AppServer ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

12:50:56.0815 6060        C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe - copied to quarantine

12:50:56.0815 6060        VAIOMediaPlatform-UCLS-HTTP ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

12:50:57.0024 6060        C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe - copied to quarantine

12:50:57.0025 6060        VAIOMediaPlatform-UCLS-UPnP ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

12:50:57.0137 6060        C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe - copied to quarantine

12:50:57.0137 6060        VzCdbSvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

12:50:57.0224 6060        C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe - copied to quarantine

12:50:57.0225 6060        VzFw ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

12:51:01.0671 3684        ============================================================

12:51:01.0671 3684        Scan started

12:51:01.0672 3684        Mode: Manual; SigCheck; TDLFS; 

12:51:01.0672 3684        ============================================================

12:51:02.0121 3684        ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

12:51:02.0154 3684        ACPI - ok

12:51:02.0234 3684        AdobeActiveFileMonitor5.0 (63ab43534cbf5d7f3eb81dfdc8161490) C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe

12:51:02.0253 3684        AdobeActiveFileMonitor5.0 - ok

12:51:02.0313 3684        adp94xx         (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys

12:51:02.0354 3684        adp94xx - ok

12:51:02.0401 3684        adpahci         (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys

12:51:02.0431 3684        adpahci - ok

12:51:02.0519 3684        adpu160m        (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys

12:51:02.0542 3684        adpu160m - ok

12:51:02.0563 3684        adpu320         (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys

12:51:02.0588 3684        adpu320 - ok

12:51:02.0632 3684        AeLookupSvc     (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll

12:51:02.0666 3684        AeLookupSvc - ok

12:51:02.0758 3684        AFD             (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys

12:51:02.0813 3684        AFD - ok

12:51:02.0845 3684        agp440          (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys

12:51:02.0866 3684        agp440 - ok

12:51:02.0896 3684        aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

12:51:02.0917 3684        aic78xx - ok

12:51:02.0968 3684        ALG             (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe

12:51:03.0011 3684        ALG - ok

12:51:03.0025 3684        aliide          (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys

12:51:03.0046 3684        aliide - ok

12:51:03.0060 3684        amdagp          (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys

12:51:03.0083 3684        amdagp - ok

12:51:03.0102 3684        amdide          (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys

12:51:03.0122 3684        amdide - ok

12:51:03.0138 3684        AmdK7           (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys

12:51:03.0214 3684        AmdK7 - ok

12:51:03.0227 3684        AmdK8           (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys

12:51:03.0301 3684        AmdK8 - ok

12:51:03.0429 3684        AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files\Avira\AntiVir Desktop\sched.exe

Jami87

14.05.2012 11:58

Code:

12:51:03.0450 3684        AntiVirSchedulerService - ok

12:51:03.0502 3684        AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files\Avira\AntiVir Desktop\avguard.exe

12:51:03.0522 3684        AntiVirService - ok

12:51:03.0589 3684        AntiVirWebService (676894fa57b671fec5c3f05f8929e03b) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE

12:51:03.0649 3684        AntiVirWebService - ok

12:51:03.0715 3684        ApfiltrService  (18bff317bdb10c64a35e1ca85f1ec051) C:\Windows\system32\DRIVERS\Apfiltr.sys

12:51:03.0767 3684        ApfiltrService - ok

12:51:03.0813 3684        Appinfo         (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll

12:51:03.0844 3684        Appinfo - ok

12:51:03.0874 3684        arc             (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys

12:51:03.0896 3684        arc - ok

12:51:03.0918 3684        arcsas          (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys

12:51:03.0941 3684        arcsas - ok

12:51:04.0010 3684        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

12:51:04.0052 3684        AsyncMac - ok

12:51:04.0088 3684        atapi           (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

12:51:04.0101 3684        atapi - ok

12:51:04.0156 3684        AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll

12:51:04.0180 3684        AudioEndpointBuilder - ok

12:51:04.0185 3684        Audiosrv        (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll

12:51:04.0227 3684        Audiosrv - ok

12:51:04.0262 3684        avgntflt        (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys

12:51:04.0274 3684        avgntflt - ok

12:51:04.0319 3684        avipbb          (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys

12:51:04.0338 3684        avipbb - ok

12:51:04.0361 3684        avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys

12:51:04.0374 3684        avkmgr - ok

12:51:04.0420 3684        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

12:51:04.0462 3684        Beep - ok

12:51:04.0532 3684        BFE             (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll

12:51:04.0563 3684        BFE - ok

12:51:04.0658 3684        BITS            (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll

12:51:04.0730 3684        BITS - ok

12:51:04.0734 3684        blbdrive - ok

12:51:04.0792 3684        bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys

12:51:04.0824 3684        bowser - ok

12:51:04.0860 3684        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

12:51:04.0881 3684        BrFiltLo - ok

12:51:04.0890 3684        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

12:51:04.0910 3684        BrFiltUp - ok

12:51:04.0971 3684        Browser         (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll

12:51:05.0004 3684        Browser - ok

12:51:05.0027 3684        Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

12:51:05.0085 3684        Brserid - ok

12:51:05.0108 3684        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

12:51:05.0163 3684        BrSerWdm - ok

12:51:05.0185 3684        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

12:51:05.0228 3684        BrUsbMdm - ok

12:51:05.0242 3684        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

12:51:05.0286 3684        BrUsbSer - ok

12:51:05.0320 3684        BthEnum         (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys

12:51:05.0350 3684        BthEnum - ok

12:51:05.0363 3684        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

12:51:05.0405 3684        BTHMODEM - ok

12:51:05.0457 3684        BthPan          (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys

12:51:05.0486 3684        BthPan - ok

12:51:05.0570 3684        BTHPORT         (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys

12:51:05.0613 3684        BTHPORT - ok

12:51:05.0669 3684        BthServ         (a4c8377fa4a994e07075107dbe2e3dce) C:\Windows\System32\bthserv.dll

12:51:05.0684 3684        BthServ - ok

12:51:05.0727 3684        BTHUSB          (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys

12:51:05.0741 3684        BTHUSB - ok

12:51:05.0767 3684        btwaudio        (6ca69fa57cf251e890105923ad215b99) C:\Windows\system32\drivers\btwaudio.sys

12:51:05.0779 3684        btwaudio - ok

12:51:05.0791 3684        btwavdt         (12b4a9afa82bfe5a7d8819bf7ae20601) C:\Windows\system32\drivers\btwavdt.sys

12:51:05.0804 3684        btwavdt - ok

12:51:05.0820 3684        btwl2cap        (d02f4d18aa4a38f781beefeb1892e144) C:\Windows\system32\DRIVERS\btwl2cap.sys

12:51:05.0830 3684        btwl2cap - ok

12:51:05.0841 3684        btwrchid        (d5e554f6c1a3baeb79daf9e1684f8102) C:\Windows\system32\DRIVERS\btwrchid.sys

12:51:05.0851 3684        btwrchid - ok

12:51:05.0901 3684        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

12:51:05.0934 3684        cdfs - ok

12:51:05.0982 3684        cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

12:51:06.0008 3684        cdrom - ok

12:51:06.0046 3684        CertPropSvc     (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll

12:51:06.0071 3684        CertPropSvc - ok

12:51:06.0092 3684        circlass        (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys

12:51:06.0159 3684        circlass - ok

12:51:06.0193 3684        CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

12:51:06.0218 3684        CLFS - ok

12:51:06.0295 3684        clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

12:51:06.0315 3684        clr_optimization_v2.0.50727_32 - ok

12:51:06.0408 3684        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

12:51:06.0429 3684        clr_optimization_v4.0.30319_32 - ok

12:51:06.0495 3684        CLTNetCnService - ok

12:51:06.0556 3684        CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

12:51:06.0610 3684        CmBatt - ok

12:51:06.0639 3684        cmdide          (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys

12:51:06.0669 3684        cmdide - ok

12:51:06.0677 3684        Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

12:51:06.0690 3684        Compbatt - ok

12:51:06.0693 3684        COMSysApp - ok

12:51:06.0700 3684        crcdisk         (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys

12:51:06.0712 3684        crcdisk - ok

12:51:06.0725 3684        Crusoe          (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys

12:51:06.0768 3684        Crusoe - ok

12:51:06.0815 3684        CryptSvc        (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll

12:51:06.0838 3684        CryptSvc - ok

12:51:06.0891 3684        DcomLaunch      (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll

12:51:06.0921 3684        DcomLaunch - ok

12:51:06.0968 3684        DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys

12:51:07.0003 3684        DfsC - ok

12:51:07.0183 3684        DFSR            (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe

12:51:07.0352 3684        DFSR - ok

12:51:07.0459 3684        Dhcp            (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll

12:51:07.0499 3684        Dhcp - ok

12:51:07.0558 3684        disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

12:51:07.0576 3684        disk - ok

12:51:07.0671 3684        DisplayLinkService (540091eb8287998236a802d1edc9b239) C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe

12:51:07.0705 3684        DisplayLinkService - ok

12:51:07.0764 3684        dlkmd           (a4949370238c55aef82317af36d8b939) C:\Windows\system32\drivers\dlkmd.sys

12:51:07.0787 3684        dlkmd - ok

12:51:07.0815 3684        dlkmdldr        (c8e26d7e2b8e354982d5e37e2c05fdba) C:\Windows\system32\drivers\dlkmdldr.sys

12:51:07.0831 3684        dlkmdldr - ok

12:51:07.0866 3684        DMICall         (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys

12:51:07.0881 3684        DMICall - ok

12:51:07.0933 3684        Dnscache        (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll

12:51:07.0974 3684        Dnscache - ok

12:51:08.0027 3684        dot3svc         (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll

12:51:08.0065 3684        dot3svc - ok

12:51:08.0122 3684        DPS             (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll

12:51:08.0168 3684        DPS - ok

12:51:08.0223 3684        drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

12:51:08.0256 3684        drmkaud - ok

12:51:08.0261 3684        dsltestSp5 - ok

12:51:08.0377 3684        DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys

12:51:08.0479 3684        DXGKrnl - ok

12:51:08.0546 3684        E1G60           (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys

12:51:08.0620 3684        E1G60 - ok

12:51:08.0661 3684        EapHost         (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll

12:51:08.0695 3684        EapHost - ok

12:51:08.0742 3684        Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

12:51:08.0768 3684        Ecache - ok

12:51:08.0863 3684        ehRecvr         (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe

12:51:08.0894 3684        ehRecvr - ok

12:51:08.0925 3684        ehSched         (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe

12:51:08.0949 3684        ehSched - ok

12:51:08.0958 3684        ehstart         (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll

12:51:08.0978 3684        ehstart - ok

12:51:09.0015 3684        elxstor         (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys

12:51:09.0034 3684        elxstor - ok

12:51:09.0102 3684        EMDMgmt         (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll

12:51:09.0142 3684        EMDMgmt - ok

12:51:09.0255 3684        EPSON_PM_RPCV4_01 (8fe6ab59cab8f2c038fea9522a5eeba7) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE

12:51:09.0275 3684        EPSON_PM_RPCV4_01 - ok

12:51:09.0341 3684        EventSystem     (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll

12:51:09.0367 3684        EventSystem - ok

12:51:09.0474 3684        exfat           (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

12:51:09.0491 3684        exfat - ok

12:51:09.0545 3684        fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

12:51:09.0572 3684        fastfat - ok

12:51:09.0597 3684        fdc             (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys

12:51:09.0656 3684        fdc - ok

12:51:09.0714 3684        fdPHost         (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll

12:51:09.0747 3684        fdPHost - ok

12:51:09.0777 3684        FDResPub        (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll

12:51:09.0839 3684        FDResPub - ok

12:51:09.0903 3684        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

12:51:09.0923 3684        FileInfo - ok

12:51:09.0981 3684        Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

12:51:10.0019 3684        Filetrace - ok

12:51:10.0256 3684        FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe

12:51:10.0366 3684        FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning

12:51:10.0366 3684        FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)

12:51:10.0492 3684        flpydisk        (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys

12:51:10.0537 3684        flpydisk - ok

12:51:10.0589 3684        FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

12:51:10.0609 3684        FltMgr - ok

12:51:10.0699 3684        FontCache       (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll

12:51:10.0777 3684        FontCache - ok

12:51:10.0849 3684        FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

12:51:10.0864 3684        FontCache3.0.0.0 - ok

12:51:10.0962 3684        Freemake Improver (37c2ff67a2565286f1c1c1072be74678) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

12:51:10.0969 3684        Freemake Improver ( UnsignedFile.Multi.Generic ) - warning

12:51:10.0969 3684        Freemake Improver - detected UnsignedFile.Multi.Generic (1)

12:51:11.0030 3684        Fs_Rec          (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys

12:51:11.0066 3684        Fs_Rec - ok

12:51:11.0107 3684        gagp30kx        (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys

12:51:11.0128 3684        gagp30kx - ok

12:51:11.0171 3684        GEARAspiWDM     (f877c945233039914dbe63b76f9a1065) C:\Windows\system32\Drivers\GEARAspiWDM.sys

12:51:11.0187 3684        GEARAspiWDM - ok

12:51:11.0219 3684        ggflt           (007aea2e06e7cef7372e40c277163959) C:\Windows\system32\DRIVERS\ggflt.sys

12:51:11.0235 3684        ggflt - ok

12:51:11.0247 3684        ggsemc          (c73de35960ca75c5ab4ae636b127c64e) C:\Windows\system32\DRIVERS\ggsemc.sys

12:51:11.0264 3684        ggsemc - ok

12:51:11.0356 3684        GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

12:51:11.0373 3684        GoogleDesktopManager-051210-111108 - ok

12:51:11.0446 3684        gpsvc           (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll

12:51:11.0515 3684        gpsvc - ok

12:51:11.0561 3684        gupdate1ca0ac0f00c0a80 (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe

12:51:11.0579 3684        gupdate1ca0ac0f00c0a80 - ok

12:51:11.0584 3684        gupdatem        (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe

12:51:11.0601 3684        gupdatem - ok

12:51:11.0643 3684        gusvc           (408ddd80eede47175f6844817b90213e) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

12:51:11.0662 3684        gusvc - ok

12:51:11.0719 3684        HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

12:51:11.0797 3684        HdAudAddService - ok

12:51:11.0871 3684        HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

12:51:11.0970 3684        HDAudBus - ok

12:51:12.0008 3684        HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

12:51:12.0082 3684        HidBth - ok

12:51:12.0095 3684        HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

12:51:12.0167 3684        HidIr - ok

12:51:12.0208 3684        hidserv         (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll

12:51:12.0225 3684        hidserv - ok

12:51:12.0261 3684        HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

12:51:12.0280 3684        HidUsb - ok

12:51:12.0334 3684        hkmsvc          (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll

12:51:12.0361 3684        hkmsvc - ok

12:51:12.0383 3684        HpCISSs         (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys

12:51:12.0395 3684        HpCISSs - ok

12:51:12.0441 3684        HSFHWAZL        (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS

12:51:12.0472 3684        HSFHWAZL - ok

12:51:12.0554 3684        HSF_DPV         (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys

12:51:12.0607 3684        HSF_DPV - ok

12:51:12.0661 3684        HSXHWAZL        (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys

12:51:12.0677 3684        HSXHWAZL - ok

12:51:12.0738 3684        HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

12:51:12.0806 3684        HTTP - ok

12:51:12.0838 3684        i2omp           (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys

12:51:12.0850 3684        i2omp - ok

12:51:12.0903 3684        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

12:51:12.0929 3684        i8042prt - ok

12:51:12.0981 3684        iaStor          (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\Windows\system32\DRIVERS\iaStor.sys

12:51:13.0002 3684        iaStor - ok

12:51:13.0040 3684        iaStorV         (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys

12:51:13.0061 3684        iaStorV - ok

12:51:13.0147 3684        IDriverT        (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

12:51:13.0153 3684        IDriverT ( UnsignedFile.Multi.Generic ) - warning

12:51:13.0153 3684        IDriverT - detected UnsignedFile.Multi.Generic (1)

12:51:13.0289 3684        idsvc           (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

12:51:13.0395 3684        idsvc - ok

12:51:13.0532 3684        iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

12:51:13.0552 3684        iirsp - ok

12:51:13.0627 3684        IKEEXT          (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll

12:51:13.0694 3684        IKEEXT - ok

12:51:13.0748 3684        intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

12:51:13.0781 3684        intelide - ok

12:51:13.0844 3684        intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

12:51:13.0908 3684        intelppm - ok

12:51:13.0985 3684        IPBusEnum       (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll

12:51:14.0055 3684        IPBusEnum - ok

12:51:14.0106 3684        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

12:51:14.0131 3684        IpFilterDriver - ok

12:51:14.0201 3684        iphlpsvc        (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll

12:51:14.0217 3684        iphlpsvc - ok

12:51:14.0221 3684        IpInIp - ok

12:51:14.0240 3684        IPMIDRV         (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys

12:51:14.0284 3684        IPMIDRV - ok

12:51:14.0342 3684        IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

12:51:14.0369 3684        IPNAT - ok

12:51:14.0413 3684        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

12:51:14.0439 3684        IRENUM - ok

12:51:14.0470 3684        isapnp          (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys

12:51:14.0483 3684        isapnp - ok

12:51:14.0524 3684        iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

12:51:14.0541 3684        iScsiPrt - ok

12:51:14.0553 3684        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

12:51:14.0565 3684        iteatapi - ok

12:51:14.0582 3684        iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

12:51:14.0594 3684        iteraid - ok

12:51:14.0644 3684        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

12:51:14.0658 3684        kbdclass - ok

12:51:14.0700 3684        kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys

12:51:14.0721 3684        kbdhid - ok

12:51:14.0772 3684        KeyIso          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe

12:51:14.0815 3684        KeyIso - ok

12:51:14.0872 3684        KSecDD          (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys

12:51:14.0914 3684        KSecDD - ok

12:51:14.0995 3684        KtmRm           (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll

12:51:15.0050 3684        KtmRm - ok

12:51:15.0082 3684        LanmanServer    (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll

12:51:15.0115 3684        LanmanServer - ok

12:51:15.0170 3684        LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll

12:51:15.0199 3684        LanmanWorkstation - ok

12:51:15.0263 3684        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

12:51:15.0301 3684        lltdio - ok

12:51:15.0361 3684        lltdsvc         (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll

12:51:15.0406 3684        lltdsvc - ok

12:51:15.0436 3684        lmhosts         (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll

12:51:15.0487 3684        lmhosts - ok

12:51:15.0533 3684        LSI_FC          (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys

12:51:15.0553 3684        LSI_FC - ok

12:51:15.0575 3684        LSI_SAS         (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys

12:51:15.0594 3684        LSI_SAS - ok

12:51:15.0620 3684        LSI_SCSI        (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys

12:51:15.0638 3684        LSI_SCSI - ok

12:51:15.0699 3684        luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

12:51:15.0735 3684        luafv - ok

12:51:15.0802 3684        lvpopflt        (01f0e010acb61472163e9d02d3ff531a) C:\Windows\system32\DRIVERS\lvpopflt.sys

12:51:15.0820 3684        lvpopflt - ok

12:51:15.0865 3684        LVPr2Mon        (c57c48fb9ae3efb9848af594e3123a63) C:\Windows\system32\DRIVERS\LVPr2Mon.sys

12:51:15.0875 3684        LVPr2Mon - ok

12:51:15.0944 3684        LVPrcSrv        (5c7b88695ce461d8bda4fe0c0e57e71d) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

12:51:15.0963 3684        LVPrcSrv - ok

12:51:16.0006 3684        LVRS            (87ecce893d8aec5a9337b917742d339c) C:\Windows\system32\DRIVERS\lvrs.sys

12:51:16.0029 3684        LVRS - ok

12:51:16.0500 3684        LVUVC           (291f69b3dda0f033d2490c5ba5179f7c) C:\Windows\system32\DRIVERS\lvuvc.sys

12:51:16.0922 3684        LVUVC - ok

12:51:17.0105 3684        lxeaCATSCustConnectService (be074bad48be291fe0e8f518b10af455) C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxeaserv.exe

12:51:17.0117 3684        lxeaCATSCustConnectService - ok

12:51:17.0125 3684        lxea_device - ok

12:51:17.0168 3684        MBAMProtector   (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys

12:51:17.0178 3684        MBAMProtector - ok

12:51:17.0275 3684        MBAMService     (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

12:51:17.0374 3684        MBAMService - ok

12:51:17.0427 3684        Mcx2Svc         (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll

12:51:17.0442 3684        Mcx2Svc - ok

12:51:17.0474 3684        mdmxsdk         (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys

12:51:17.0485 3684        mdmxsdk - ok

12:51:17.0506 3684        megasas         (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys

12:51:17.0520 3684        megasas - ok

12:51:17.0582 3684        MMCSS           (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll

12:51:17.0609 3684        MMCSS - ok

12:51:17.0666 3684        Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

12:51:17.0696 3684        Modem - ok

12:51:17.0743 3684        monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

12:51:17.0775 3684        monitor - ok

12:51:17.0828 3684        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

12:51:17.0845 3684        mouclass - ok

12:51:17.0856 3684        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

12:51:17.0888 3684        mouhid - ok

12:51:17.0933 3684        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

12:51:17.0950 3684        MountMgr - ok

12:51:18.0003 3684        MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

12:51:18.0024 3684        MozillaMaintenance - ok

12:51:18.0048 3684        mpio            (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys

12:51:18.0070 3684        mpio - ok

12:51:18.0086 3684        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

12:51:18.0108 3684        mpsdrv - ok

12:51:18.0178 3684        MpsSvc          (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll

12:51:18.0205 3684        MpsSvc - ok

12:51:18.0236 3684        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

12:51:18.0248 3684        Mraid35x - ok

12:51:18.0286 3684        MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

12:51:18.0303 3684        MRxDAV - ok

12:51:18.0343 3684        mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys

12:51:18.0374 3684        mrxsmb - ok

12:51:18.0447 3684        mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys

12:51:18.0464 3684        mrxsmb10 - ok

12:51:18.0481 3684        mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

12:51:18.0497 3684        mrxsmb20 - ok

12:51:18.0510 3684        msahci          (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys

12:51:18.0522 3684        msahci - ok

12:51:18.0687 3684        MSCSPTISRV      (8e46a7bac823dd82d4fb2a34c3df4c1d) C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe

12:51:18.0692 3684        MSCSPTISRV ( UnsignedFile.Multi.Generic ) - warning

12:51:18.0692 3684        MSCSPTISRV - detected UnsignedFile.Multi.Generic (1)

12:51:18.0710 3684        msdsm           (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys

12:51:18.0724 3684        msdsm - ok

12:51:18.0785 3684        MSDTC           (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe

12:51:18.0821 3684        MSDTC - ok

12:51:18.0856 3684        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

12:51:18.0888 3684        Msfs - ok

12:51:18.0930 3684        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

12:51:18.0947 3684        msisadrv - ok

12:51:19.0010 3684        MSiSCSI         (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll

12:51:19.0045 3684        MSiSCSI - ok

12:51:19.0050 3684        msiserver - ok

12:51:19.0118 3684        MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

12:51:19.0160 3684        MSKSSRV - ok

12:51:19.0171 3684        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

12:51:19.0212 3684        MSPCLOCK - ok

12:51:19.0230 3684        MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

12:51:19.0272 3684        MSPQM - ok

12:51:19.0328 3684        MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

12:51:19.0345 3684        MsRPC - ok

12:51:19.0382 3684        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

12:51:19.0395 3684        mssmbios - ok

12:51:19.0407 3684        MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

12:51:19.0431 3684        MSTEE - ok

12:51:19.0453 3684        Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

12:51:19.0467 3684        Mup - ok

12:51:19.0537 3684        napagent        (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll

12:51:19.0561 3684        napagent - ok

12:51:19.0614 3684        NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

12:51:19.0632 3684        NativeWifiP - ok

12:51:19.0668 3684        NBVol           (0ae25530894a934c6ca600865c6e9d7c) C:\Windows\system32\DRIVERS\NBVol.sys

12:51:19.0679 3684        NBVol - ok

12:51:19.0718 3684        NBVolUp         (1ddcef3039c9d90af3529dee6699967d) C:\Windows\system32\DRIVERS\NBVolUp.sys

12:51:19.0728 3684        NBVolUp - ok

12:51:19.0778 3684        NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

12:51:19.0823 3684        NDIS - ok

12:51:19.0885 3684        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

12:51:19.0906 3684        NdisTapi - ok

12:51:19.0932 3684        Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

12:51:19.0958 3684        Ndisuio - ok

12:51:19.0992 3684        NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

12:51:20.0015 3684        NdisWan - ok

12:51:20.0076 3684        NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

12:51:20.0097 3684        NDProxy - ok

12:51:20.0109 3684        NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

12:51:20.0136 3684        NetBIOS - ok

12:51:20.0192 3684        netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

12:51:20.0221 3684        netbt - ok

12:51:20.0284 3684        Netlogon        (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe

12:51:20.0301 3684        Netlogon - ok

12:51:20.0363 3684        Netman          (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll

12:51:20.0403 3684        Netman - ok

12:51:20.0466 3684        netprofm        (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll

12:51:20.0517 3684        netprofm - ok

12:51:20.0596 3684        NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

12:51:20.0618 3684        NetTcpPortSharing - ok

12:51:20.0813 3684        NETw4v32        (6522dd40a5f67ced020bd81b856613fb) C:\Windows\system32\DRIVERS\NETw4v32.sys

12:51:21.0018 3684        NETw4v32 - ok

12:51:21.0174 3684        nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

12:51:21.0189 3684        nfrd960 - ok

12:51:21.0253 3684        NlaSvc          (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll

12:51:21.0296 3684        NlaSvc - ok

12:51:21.0349 3684        Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

12:51:21.0376 3684        Npfs - ok

12:51:21.0410 3684        nsi             (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll

12:51:21.0447 3684        nsi - ok

12:51:21.0485 3684        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

12:51:21.0521 3684        nsiproxy - ok

12:51:21.0641 3684        Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

12:51:21.0823 3684        Ntfs - ok

12:51:21.0869 3684        ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

12:51:21.0919 3684        ntrigdigi - ok

12:51:21.0965 3684        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

12:51:21.0991 3684        Null - ok

12:51:22.0601 3684        nvlddmkm        (61cc6e7237973caa4e384ce97fd7a7b9) C:\Windows\system32\DRIVERS\nvlddmkm.sys

12:51:23.0201 3684        nvlddmkm - ok

12:51:23.0323 3684        nvraid          (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys

12:51:23.0345 3684        nvraid - ok

12:51:23.0377 3684        nvstor          (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys

12:51:23.0397 3684        nvstor - ok

12:51:23.0424 3684        nv_agp          (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys

12:51:23.0448 3684        nv_agp - ok

12:51:23.0454 3684        NwlnkFlt - ok

12:51:23.0462 3684        NwlnkFwd - ok

12:51:23.0597 3684        odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

12:51:23.0628 3684        odserv - ok

12:51:23.0671 3684        ohci1394        (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys

12:51:23.0705 3684        ohci1394 - ok

12:51:23.0789 3684        OMSI download service (da345de3b450e9e1691e7b9956d8ffc3) C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe

12:51:23.0797 3684        OMSI download service ( UnsignedFile.Multi.Generic ) - warning

12:51:23.0797 3684        OMSI download service - detected UnsignedFile.Multi.Generic (1)

12:51:23.0837 3684        ose             (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

12:51:23.0858 3684        ose - ok

12:51:23.0950 3684        p2pimsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll

12:51:24.0054 3684        p2pimsvc - ok

12:51:24.0064 3684        p2psvc          (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll

12:51:24.0190 3684        p2psvc - ok

12:51:24.0287 3684        PACSPTISVR      (753a8f339f231d2b857e2ccd51a6e6ca) C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

12:51:24.0298 3684        PACSPTISVR ( UnsignedFile.Multi.Generic ) - warning

12:51:24.0298 3684        PACSPTISVR - detected UnsignedFile.Multi.Generic (1)

12:51:24.0352 3684        Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

12:51:24.0463 3684        Parport - ok

12:51:24.0540 3684        partmgr         (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys

12:51:24.0554 3684        partmgr - ok

12:51:24.0572 3684        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

12:51:24.0614 3684        Parvdm - ok

12:51:24.0671 3684        PcaSvc          (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll

12:51:24.0687 3684        PcaSvc - ok

12:51:24.0746 3684        pci             (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

12:51:24.0763 3684        pci - ok

12:51:24.0774 3684        pciide          (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys

12:51:24.0786 3684        pciide - ok

12:51:24.0838 3684        pcmcia          (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys

12:51:24.0855 3684        pcmcia - ok

12:51:24.0922 3684        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

12:51:25.0013 3684        PEAUTH - ok

12:51:25.0169 3684        pla             (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll

12:51:25.0284 3684        pla - ok

12:51:25.0429 3684        PlugPlay        (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll

12:51:25.0452 3684        PlugPlay - ok

12:51:25.0535 3684        PNRPAutoReg     (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll

12:51:25.0596 3684        PNRPAutoReg - ok

12:51:25.0603 3684        PNRPsvc         (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll

12:51:25.0630 3684        PNRPsvc - ok

12:51:25.0687 3684        PolicyAgent     (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll

12:51:25.0771 3684        PolicyAgent - ok

12:51:25.0867 3684        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

12:51:25.0900 3684        PptpMiniport - ok

12:51:25.0950 3684        Processor       (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys

12:51:26.0005 3684        Processor - ok

12:51:26.0053 3684        ProfSvc         (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll

12:51:26.0088 3684        ProfSvc - ok

12:51:26.0140 3684        ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe

12:51:26.0163 3684        ProtectedStorage - ok

12:51:26.0202 3684        PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

12:51:26.0238 3684        PSched - ok

12:51:26.0270 3684        PxHelp20        (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys

12:51:26.0287 3684        PxHelp20 - ok

12:51:26.0366 3684        ql2300          (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys

12:51:26.0467 3684        ql2300 - ok

12:51:26.0506 3684        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

12:51:26.0529 3684        ql40xx - ok

12:51:26.0605 3684        QWAVE           (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll

12:51:26.0665 3684        QWAVE - ok

12:51:26.0710 3684        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

12:51:26.0732 3684        QWAVEdrv - ok

12:51:26.0760 3684        R5U870FLx86     (9ac8ac6cd00100443ea6afd0a4ade8f7) C:\Windows\system32\Drivers\R5U870FLx86.sys

12:51:26.0797 3684        R5U870FLx86 - ok

12:51:26.0822 3684        R5U870FUx86     (1ae358affffd13bf6ec7dc72dccfac12) C:\Windows\system32\Drivers\R5U870FUx86.sys

12:51:26.0841 3684        R5U870FUx86 - ok

12:51:26.0930 3684        RapiMgr         (70dbdab246c18b78e2200d6401d038be) C:\Windows\WindowsMobile\rapimgr.dll

12:51:26.0994 3684        RapiMgr - ok

12:51:27.0065 3684        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

12:51:27.0106 3684        RasAcd - ok

12:51:27.0159 3684        RasAuto         (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll

12:51:27.0204 3684        RasAuto - ok

12:51:27.0266 3684        Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

12:51:27.0311 3684        Rasl2tp - ok

12:51:27.0371 3684        RasMan          (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll

12:51:27.0401 3684        RasMan - ok

12:51:27.0448 3684        RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

12:51:27.0474 3684        RasPppoe - ok

12:51:27.0519 3684        RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

12:51:27.0558 3684        RasSstp - ok

12:51:27.0625 3684        rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

12:51:27.0661 3684        rdbss - ok

12:51:27.0678 3684        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

12:51:27.0710 3684        RDPCDD - ok

12:51:27.0763 3684        rdpdr           (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys

12:51:27.0812 3684        rdpdr - ok

12:51:27.0833 3684        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

12:51:27.0859 3684        RDPENCDD - ok

12:51:27.0920 3684        RDPWD           (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys

12:51:27.0954 3684        RDPWD - ok

12:51:27.0987 3684        regi            (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys

12:51:27.0996 3684        regi - ok

12:51:28.0046 3684        RemoteAccess    (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll

12:51:28.0075 3684        RemoteAccess - ok

12:51:28.0116 3684        RemoteRegistry  (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll

12:51:28.0140 3684        RemoteRegistry - ok

12:51:28.0192 3684        RFCOMM          (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys

12:51:28.0220 3684        RFCOMM - ok

12:51:28.0241 3684        RpcLocator      (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe

12:51:28.0258 3684        RpcLocator - ok

12:51:28.0338 3684        RpcSs           (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll

12:51:28.0391 3684        RpcSs - ok

12:51:28.0443 3684        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

12:51:28.0477 3684        rspndr - ok

12:51:28.0521 3684        s0017bus        (594ff5620661d1386475406e78cb6f2f) C:\Windows\system32\DRIVERS\s0017bus.sys

12:51:28.0536 3684        s0017bus - ok

12:51:28.0552 3684        s0017mdfl       (7258f550419d543bc5c8e80c578a5d54) C:\Windows\system32\DRIVERS\s0017mdfl.sys

12:51:28.0565 3684        s0017mdfl - ok

12:51:28.0582 3684        s0017mdm        (1de4f6607feb17a15dbd4f1b139e6d2f) C:\Windows\system32\DRIVERS\s0017mdm.sys

12:51:28.0598 3684        s0017mdm - ok

12:51:28.0616 3684        s0017mgmt       (9814e6bacc06d2526cd52981c7eeedf0) C:\Windows\system32\DRIVERS\s0017mgmt.sys

12:51:28.0631 3684        s0017mgmt - ok

12:51:28.0673 3684        s0017nd5        (2c62cd58225973f26682cd4f783ddede) C:\Windows\system32\DRIVERS\s0017nd5.sys

12:51:28.0686 3684        s0017nd5 - ok

12:51:28.0711 3684        s0017obex       (f87c3422e84b2fb1b43e0a26247ad5a5) C:\Windows\system32\DRIVERS\s0017obex.sys

12:51:28.0726 3684        s0017obex - ok

12:51:28.0754 3684        s0017unic       (df5e7360a0afa5956bf75da683d0679f) C:\Windows\system32\DRIVERS\s0017unic.sys

12:51:28.0769 3684        s0017unic - ok

12:51:28.0818 3684        s116bus         (815445f4676cc96bc9aeec303c727e19) C:\Windows\system32\DRIVERS\s116bus.sys

12:51:28.0832 3684        s116bus - ok

12:51:28.0853 3684        s116mdfl        (333d1e0743e6de1779c3c418ac601c3a) C:\Windows\system32\DRIVERS\s116mdfl.sys

12:51:28.0866 3684        s116mdfl - ok

12:51:28.0886 3684        s116mdm         (50d6e5b021e9ec7553ab8a3553cc1b6b) C:\Windows\system32\DRIVERS\s116mdm.sys

12:51:28.0902 3684        s116mdm - ok

12:51:28.0927 3684        s116mgmt        (1589aa53e43f8d193a7d4d580d3ffa95) C:\Windows\system32\DRIVERS\s116mgmt.sys

12:51:28.0942 3684        s116mgmt - ok

12:51:28.0982 3684        s116nd5         (306f85733671fe507470f0273025e768) C:\Windows\system32\DRIVERS\s116nd5.sys

12:51:29.0000 3684        s116nd5 - ok

12:51:29.0024 3684        s116obex        (ec32601f04a5a5de89315d0f55e73d66) C:\Windows\system32\DRIVERS\s116obex.sys

12:51:29.0044 3684        s116obex - ok

12:51:29.0060 3684        s116unic        (32e3ecb4b2b5887426eaf241a8149cde) C:\Windows\system32\DRIVERS\s116unic.sys

12:51:29.0080 3684        s116unic - ok

12:51:29.0124 3684        s3017bus        (aa786ad3a2684d39630744787b00e6f4) C:\Windows\system32\DRIVERS\s3017bus.sys

12:51:29.0142 3684        s3017bus - ok

12:51:29.0159 3684        s3017mdfl       (cba4ca5bce44084e98ce420fd6692d3a) C:\Windows\system32\DRIVERS\s3017mdfl.sys

12:51:29.0176 3684        s3017mdfl - ok

12:51:29.0199 3684        s3017mdm        (68036eff647970d6c0399789c8707cad) C:\Windows\system32\DRIVERS\s3017mdm.sys

12:51:29.0220 3684        s3017mdm - ok

12:51:29.0246 3684        s3017mgmt       (3672e7f9349bd98fd3f5ac33e7b2b1a6) C:\Windows\system32\DRIVERS\s3017mgmt.sys

12:51:29.0299 3684        s3017mgmt - ok

12:51:29.0320 3684        s3017nd5        (b1133b37eb184aef81d56b4302dbae9c) C:\Windows\system32\DRIVERS\s3017nd5.sys

12:51:29.0332 3684        s3017nd5 - ok

12:51:29.0352 3684        s3017obex       (d81b1d504aa1426622e7ec09f25130a9) C:\Windows\system32\DRIVERS\s3017obex.sys

12:51:29.0366 3684        s3017obex - ok

12:51:29.0395 3684        s3017unic       (7b95c53ea8bb585013767eef2875c0a0) C:\Windows\system32\DRIVERS\s3017unic.sys

12:51:29.0408 3684        s3017unic - ok

12:51:29.0462 3684        SamSs           (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe

12:51:29.0477 3684        SamSs - ok

12:51:29.0506 3684        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

12:51:29.0519 3684        sbp2port - ok

12:51:29.0567 3684        SCardSvr        (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll

12:51:29.0591 3684        SCardSvr - ok

12:51:29.0660 3684        Schedule        (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll

12:51:29.0795 3684        Schedule - ok

12:51:29.0814 3684        SCPolicySvc     (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll

12:51:29.0834 3684        SCPolicySvc - ok

12:51:29.0888 3684        SDRSVC          (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll

12:51:29.0952 3684        SDRSVC - ok

12:51:29.0976 3684        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

12:51:30.0031 3684        secdrv - ok

12:51:30.0088 3684        seclogon        (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll

12:51:30.0122 3684        seclogon - ok

12:51:30.0153 3684        seehcri         (e5b56569a9f79b70314fede6c953641e) C:\Windows\system32\DRIVERS\seehcri.sys

12:51:30.0187 3684        seehcri - ok

12:51:30.0226 3684        SENS            (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll

12:51:30.0261 3684        SENS - ok

12:51:30.0277 3684        Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

12:51:30.0331 3684        Serenum - ok

12:51:30.0352 3684        Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

12:51:30.0408 3684        Serial - ok

12:51:30.0450 3684        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

12:51:30.0482 3684        sermouse - ok

12:51:30.0538 3684        SessionEnv      (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll

12:51:30.0574 3684        SessionEnv - ok

12:51:30.0595 3684        sffdisk         (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys

12:51:30.0649 3684        sffdisk - ok

12:51:30.0658 3684        sffp_mmc        (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys

12:51:30.0712 3684        sffp_mmc - ok

12:51:30.0728 3684        sffp_sd         (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys

12:51:30.0782 3684        sffp_sd - ok

12:51:30.0788 3684        sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\DRIVERS\sfloppy.sys

12:51:30.0842 3684        sfloppy - ok

12:51:30.0911 3684        SharedAccess    (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll

12:51:30.0950 3684        SharedAccess - ok

12:51:31.0009 3684        ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll

12:51:31.0034 3684        ShellHWDetection - ok

12:51:31.0053 3684        sisagp          (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys

12:51:31.0069 3684        sisagp - ok

12:51:31.0107 3684        SiSRaid2        (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys

12:51:31.0122 3684        SiSRaid2 - ok

12:51:31.0138 3684        SiSRaid4        (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys

12:51:31.0155 3684        SiSRaid4 - ok

12:51:31.0430 3684        slsvc           (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe

12:51:31.0726 3684        slsvc - ok

12:51:31.0874 3684        SLUINotify      (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll

12:51:31.0911 3684        SLUINotify - ok

12:51:31.0969 3684        Smb             (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

12:51:32.0004 3684        Smb - ok

12:51:32.0038 3684        SNC             (db31d8989b3450569c29780e7fa98c48) C:\Windows\system32\Drivers\SonyNC.sys

12:51:32.0078 3684        SNC - ok

12:51:32.0125 3684        SNMPTRAP        (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe

12:51:32.0149 3684        SNMPTRAP - ok

12:51:32.0352 3684        Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Program Files\Sony\Sony PC Companion\PCCService.exe

12:51:32.0387 3684        Sony PC Companion - ok

12:51:32.0439 3684        spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

12:51:32.0473 3684        spldr - ok

12:51:32.0520 3684        Spooler         (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe

12:51:32.0574 3684        Spooler - ok

12:51:32.0644 3684        SPTISRV         (e3e6c96b0ef4492c3c8fd0deef4e35a1) C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

12:51:32.0655 3684        SPTISRV ( UnsignedFile.Multi.Generic ) - warning

12:51:32.0655 3684        SPTISRV - detected UnsignedFile.Multi.Generic (1)

12:51:32.0727 3684        srv             (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys

12:51:32.0818 3684        srv - ok

12:51:32.0888 3684        srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys

12:51:32.0943 3684        srv2 - ok

12:51:32.0981 3684        srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys

12:51:33.0004 3684        srvnet - ok

12:51:33.0064 3684        SSDPSRV         (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll

12:51:33.0111 3684        SSDPSRV - ok

12:51:33.0147 3684        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys

12:51:33.0173 3684        ssmdrv - ok

12:51:33.0243 3684        SstpSvc         (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll

12:51:33.0269 3684        SstpSvc - ok

12:51:33.0305 3684        STacSV          (b218068eba6f46f102b4218bdb81be0b) C:\Windows\system32\stacsv.exe

12:51:33.0330 3684        STacSV - ok

12:51:33.0377 3684        STHDA           (167909a1c36aa3e8f2582962f0ccc748) C:\Windows\system32\drivers\stwrt.sys

12:51:33.0416 3684        STHDA - ok

12:51:33.0485 3684        stisvc          (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll

12:51:33.0527 3684        stisvc - ok

12:51:33.0588 3684        StkTMini        (0933717146e8054f133b5bdb874ef9fa) C:\Windows\system32\Drivers\StkTMini.sys

12:51:33.0661 3684        StkTMini ( UnsignedFile.Multi.Generic ) - warning

12:51:33.0661 3684        StkTMini - detected UnsignedFile.Multi.Generic (1)

12:51:33.0718 3684        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

12:51:33.0731 3684        swenum - ok

12:51:33.0786 3684        swprv           (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll

12:51:33.0830 3684        swprv - ok

12:51:33.0854 3684        Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

12:51:33.0867 3684        Symc8xx - ok

12:51:33.0884 3684        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

12:51:33.0897 3684        Sym_hi - ok

12:51:33.0916 3684        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

12:51:33.0929 3684        Sym_u3 - ok

12:51:34.0003 3684        SysMain         (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll

12:51:34.0052 3684        SysMain - ok

12:51:34.0091 3684        TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll

12:51:34.0114 3684        TabletInputService - ok

12:51:34.0172 3684        TapiSrv         (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll

12:51:34.0205 3684        TapiSrv - ok

12:51:34.0261 3684        TBS             (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll

12:51:34.0297 3684        TBS - ok

12:51:34.0395 3684        Tcpip           (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys

12:51:34.0469 3684        Tcpip - ok

12:51:34.0511 3684        Tcpip6          (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys

12:51:34.0637 3684        Tcpip6 - ok

12:51:34.0726 3684        tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys

12:51:34.0774 3684        tcpipreg - ok

12:51:34.0828 3684        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

12:51:34.0889 3684        TDPIPE - ok

12:51:34.0952 3684        TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

12:51:35.0016 3684        TDTCP - ok

12:51:35.0065 3684        tdx             (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

12:51:35.0119 3684        tdx - ok

12:51:35.0170 3684        TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

12:51:35.0206 3684        TermDD - ok

12:51:35.0289 3684        TermService     (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll

12:51:35.0362 3684        TermService - ok

12:51:35.0434 3684        Themes          (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll

12:51:35.0478 3684        Themes - ok

12:51:35.0539 3684        THREADORDER     (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll

12:51:35.0607 3684        THREADORDER - ok

12:51:35.0708 3684        ti21sony        (909cd987b54a8179c9aee874d754721a) C:\Windows\system32\drivers\ti21sony.sys

12:51:35.0830 3684        ti21sony - ok

12:51:35.0869 3684        TrkWks          (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll

12:51:35.0940 3684        TrkWks - ok

12:51:36.0011 3684        TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe

12:51:36.0060 3684        TrustedInstaller - ok

12:51:36.0129 3684        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

12:51:36.0193 3684        tssecsrv - ok

12:51:36.0246 3684        tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

12:51:36.0301 3684        tunmp - ok

12:51:36.0367 3684        tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

12:51:36.0417 3684        tunnel - ok

12:51:36.0448 3684        uagp35          (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys

12:51:36.0478 3684        uagp35 - ok

12:51:36.0504 3684        udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

12:51:36.0531 3684        udfs - ok

12:51:36.0590 3684        UI0Detect       (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe

12:51:36.0617 3684        UI0Detect - ok

12:51:36.0745 3684        UleadBurningHelper (f13da74969897359a88f2a739f54a250) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

12:51:36.0749 3684        UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning

12:51:36.0749 3684        UleadBurningHelper - detected UnsignedFile.Multi.Generic (1)

12:51:36.0766 3684        uliagpkx        (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys

12:51:36.0779 3684        uliagpkx - ok

12:51:36.0809 3684        uliahci         (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys

12:51:36.0826 3684        uliahci - ok

12:51:36.0847 3684        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

12:51:36.0861 3684        UlSata - ok

12:51:36.0873 3684        ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

12:51:36.0888 3684        ulsata2 - ok

12:51:36.0944 3684        umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

12:51:36.0970 3684        umbus - ok

12:51:37.0031 3684        upnphost        (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll

12:51:37.0065 3684        upnphost - ok

12:51:37.0116 3684        usbaudio        (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys

12:51:37.0138 3684        usbaudio - ok

12:51:37.0197 3684        usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

12:51:37.0224 3684        usbccgp - ok

12:51:37.0263 3684        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

12:51:37.0318 3684        usbcir - ok

12:51:37.0363 3684        usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

12:51:37.0389 3684        usbehci - ok

12:51:37.0444 3684        usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

12:51:37.0474 3684        usbhub - ok

12:51:37.0491 3684        usbohci         (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

12:51:37.0545 3684        usbohci - ok

12:51:37.0559 3684        usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

12:51:37.0588 3684        usbprint - ok

12:51:37.0633 3684        usbscan         (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys

12:51:37.0654 3684        usbscan - ok

12:51:37.0669 3684        USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

12:51:37.0690 3684        USBSTOR - ok

12:51:37.0740 3684        usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

12:51:37.0760 3684        usbuhci - ok

12:51:37.0822 3684        usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys

12:51:37.0849 3684        usbvideo - ok

12:51:37.0885 3684        UxSms           (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll

12:51:37.0907 3684        UxSms - ok

12:51:38.0025 3684        VAIO Entertainment TV Device Arbitration Service (afbcd738df9de3b6d71afc704e7f27fb) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

12:51:38.0030 3684        VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - warning

12:51:38.0030 3684        VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic (1)

12:51:38.0101 3684        VAIO Event Service (8a9f18adad471402236ca931553bf79b) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

12:51:38.0115 3684        VAIO Event Service - ok

12:51:38.0312 3684        VAIOMediaPlatform-IntegratedServer-AppServer (0a4cd617ed1f03c8b7310fc4871173a4) C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe

12:51:38.0557 3684        VAIOMediaPlatform-IntegratedServer-AppServer ( UnsignedFile.Multi.Generic ) - warning

12:51:38.0557 3684        VAIOMediaPlatform-IntegratedServer-AppServer - detected UnsignedFile.Multi.Generic (1)

12:51:38.0710 3684        VAIOMediaPlatform-IntegratedServer-HTTP (56e33aaa46cba8431e72486196afb3a1) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe

12:51:38.0749 3684        VAIOMediaPlatform-IntegratedServer-HTTP ( UnsignedFile.Multi.Generic ) - warning

12:51:38.0749 3684        VAIOMediaPlatform-IntegratedServer-HTTP - detected UnsignedFile.Multi.Generic (1)

12:51:38.0862 3684        VAIOMediaPlatform-IntegratedServer-UPnP (addf0e4e19bd2ff0a0b852d324fdc281) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

12:51:39.0166 3684        VAIOMediaPlatform-IntegratedServer-UPnP ( UnsignedFile.Multi.Generic ) - warning

12:51:39.0166 3684        VAIOMediaPlatform-IntegratedServer-UPnP - detected UnsignedFile.Multi.Generic (1)

12:51:39.0279 3684        VAIOMediaPlatform-UCLS-AppServer (52d4f568fe7d05ae5026b8717eeb59eb) C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe

12:51:39.0331 3684        VAIOMediaPlatform-UCLS-AppServer ( UnsignedFile.Multi.Generic ) - warning

12:51:39.0331 3684        VAIOMediaPlatform-UCLS-AppServer - detected UnsignedFile.Multi.Generic (1)

12:51:39.0379 3684        VAIOMediaPlatform-UCLS-HTTP (56e33aaa46cba8431e72486196afb3a1) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe

12:51:39.0446 3684        VAIOMediaPlatform-UCLS-HTTP ( UnsignedFile.Multi.Generic ) - warning

12:51:39.0446 3684        VAIOMediaPlatform-UCLS-HTTP - detected UnsignedFile.Multi.Generic (1)

12:51:39.0546 3684        VAIOMediaPlatform-UCLS-UPnP (addf0e4e19bd2ff0a0b852d324fdc281) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

12:51:39.0613 3684        VAIOMediaPlatform-UCLS-UPnP ( UnsignedFile.Multi.Generic ) - warning

12:51:39.0613 3684        VAIOMediaPlatform-UCLS-UPnP - detected UnsignedFile.Multi.Generic (1)

12:51:39.0675 3684        VcmIAlzMgr      (5d325b6add78a111be62a3842cf05345) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

12:51:39.0693 3684        VcmIAlzMgr - ok

12:51:39.0789 3684        VcmXmlIfHelper  (c4de5ba157fd83bbdaeb70ee27417e0e) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe

12:51:39.0800 3684        VcmXmlIfHelper - ok

12:51:39.0812 3684        Vcsw - ok

12:51:39.0974 3684        vds             (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe

12:51:40.0021 3684        vds - ok

12:51:40.0096 3684        vga             (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

12:51:40.0129 3684        vga - ok

12:51:40.0180 3684        VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

12:51:40.0223 3684        VgaSave - ok

12:51:40.0264 3684        viaagp          (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys

12:51:40.0285 3684        viaagp - ok

12:51:40.0310 3684        ViaC7           (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys

12:51:40.0384 3684        ViaC7 - ok

12:51:40.0411 3684        viaide          (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys

12:51:40.0431 3684        viaide - ok

12:51:40.0531 3684        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

12:51:40.0554 3684        volmgr - ok

12:51:40.0611 3684        volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

12:51:40.0659 3684        volmgrx - ok

12:51:40.0718 3684        volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

12:51:40.0756 3684        volsnap - ok

12:51:40.0800 3684        vsmraid         (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys

12:51:40.0823 3684        vsmraid - ok

12:51:41.0007 3684        VSS             (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe

12:51:41.0126 3684        VSS - ok

12:51:41.0262 3684        VzCdbSvc        (2e785f4f92c4c67cebb61dd55ed1f6a1) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

12:51:41.0291 3684        VzCdbSvc ( UnsignedFile.Multi.Generic ) - warning

12:51:41.0291 3684        VzCdbSvc - detected UnsignedFile.Multi.Generic (1)

12:51:41.0339 3684        VzFw            (2d876cad8c7ffb08179dff361ff851e6) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

12:51:41.0355 3684        VzFw ( UnsignedFile.Multi.Generic ) - warning

12:51:41.0355 3684        VzFw - detected UnsignedFile.Multi.Generic (1)

12:51:41.0531 3684        W32Time         (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll

12:51:41.0593 3684        W32Time - ok

12:51:41.0637 3684        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

12:51:41.0748 3684        WacomPen - ok

12:51:41.0811 3684        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

12:51:41.0834 3684        Wanarp - ok

12:51:41.0840 3684        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

12:51:41.0862 3684        Wanarpv6 - ok

12:51:41.0955 3684        WcesComm        (779f9c90d3fe9c70b6ffd8ef035f3e83) C:\Windows\WindowsMobile\wcescomm.dll

12:51:42.0024 3684        WcesComm - ok

12:51:42.0074 3684        wcncsvc         (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll

12:51:42.0109 3684        wcncsvc - ok

12:51:42.0159 3684        WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll

12:51:42.0182 3684        WcsPlugInService - ok

12:51:42.0201 3684        Wd              (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys

12:51:42.0214 3684        Wd - ok

12:51:42.0308 3684        Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

12:51:42.0353 3684        Wdf01000 - ok

12:51:42.0414 3684        WdiServiceHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll

12:51:42.0444 3684        WdiServiceHost - ok

12:51:42.0447 3684        WdiSystemHost   (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll

12:51:42.0479 3684        WdiSystemHost - ok

12:51:42.0533 3684        WebClient       (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll

12:51:42.0558 3684        WebClient - ok

12:51:42.0611 3684        Wecsvc          (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll

12:51:42.0648 3684        Wecsvc - ok

12:51:42.0700 3684        wercplsupport   (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll

12:51:42.0730 3684        wercplsupport - ok

12:51:42.0818 3684        WerSvc          (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll

12:51:42.0857 3684        WerSvc - ok

12:51:42.0899 3684        WimFltr         (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\Windows\system32\DRIVERS\wimfltr.sys

12:51:42.0924 3684        WimFltr - ok

12:51:42.0994 3684        winachsf        (5a77ac34a0ffb70ce8b35b524fede9ba) C:\Windows\system32\DRIVERS\HSX_CNXT.sys

12:51:43.0074 3684        winachsf - ok

12:51:43.0188 3684        WinDefend       (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll

12:51:43.0218 3684        WinDefend - ok

12:51:43.0227 3684        WinHttpAutoProxySvc - ok

12:51:43.0328 3684        Winmgmt         (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll

12:51:43.0385 3684        Winmgmt - ok

12:51:43.0530 3684        WinRM           (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll

12:51:43.0643 3684        WinRM - ok

12:51:43.0719 3684        winusb          (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\winusb.sys

12:51:43.0759 3684        winusb - ok

12:51:43.0843 3684        Wlansvc         (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll

12:51:43.0918 3684        Wlansvc - ok

12:51:43.0950 3684        WmiAcpi         (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys

12:51:44.0024 3684        WmiAcpi - ok

12:51:44.0106 3684        wmiApSrv        (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe

12:51:44.0129 3684        wmiApSrv - ok

12:51:44.0293 3684        WMPNetworkSvc   (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe

12:51:44.0376 3684        WMPNetworkSvc - ok

12:51:44.0409 3684        WPCSvc          (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll

12:51:44.0472 3684        WPCSvc - ok

12:51:44.0519 3684        WPDBusEnum      (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll

12:51:44.0550 3684        WPDBusEnum - ok

12:51:44.0615 3684        WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

12:51:44.0637 3684        WpdUsb - ok

12:51:44.0848 3684        WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

12:51:44.0914 3684        WPFFontCache_v0400 - ok

12:51:44.0961 3684        ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

12:51:45.0003 3684        ws2ifsl - ok

12:51:45.0055 3684        wscsvc          (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll

12:51:45.0082 3684        wscsvc - ok

12:51:45.0129 3684        WSDPrintDevice  (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys

12:51:45.0152 3684        WSDPrintDevice - ok

12:51:45.0157 3684        WSearch - ok

12:51:45.0360 3684        wuauserv        (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll

12:51:45.0520 3684        wuauserv - ok

12:51:45.0706 3684        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

12:51:45.0739 3684        WUDFRd - ok

12:51:45.0803 3684        wudfsvc         (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll

12:51:45.0839 3684        wudfsvc - ok

12:51:45.0862 3684        XAudio          (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys

12:51:45.0876 3684        XAudio - ok

12:51:45.0922 3684        XAudioService   (15a317674a08df26be65164d959e9203) C:\Windows\system32\DRIVERS\xaudio.exe

12:51:45.0957 3684        XAudioService - ok

12:51:46.0017 3684        yukonwlh        (7927e830ecde6db3682cc319bad26984) C:\Windows\system32\DRIVERS\yk60x86.sys

12:51:46.0060 3684        yukonwlh - ok

12:51:46.0100 3684        MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

12:51:46.0292 3684        \Device\Harddisk0\DR0 - ok

12:51:46.0295 3684        Boot (0x1200)   (3615683225c78d54b0482cf5c756d7e8) \Device\Harddisk0\DR0\Partition0

12:51:46.0297 3684        \Device\Harddisk0\DR0\Partition0 - ok

12:51:46.0298 3684        ============================================================

12:51:46.0298 3684        Scan finished

12:51:46.0298 3684        ============================================================

Jami87

14.05.2012 11:59

Code:

12:51:46.0311 4564        Detected object count: 18

12:51:46.0311 4564        Actual detected object count: 18

12:51:52.0023 4564        FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user

12:51:52.0024 4564        FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:51:52.0028 4564        Freemake Improver ( UnsignedFile.Multi.Generic ) - skipped by user

12:51:52.0028 4564        Freemake Improver ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:51:52.0032 4564        IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

12:51:52.0032 4564        IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:51:52.0037 4564        MSCSPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user

12:51:52.0038 4564        MSCSPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:51:52.0042 4564        OMSI download service ( UnsignedFile.Multi.Generic ) - skipped by user

12:51:52.0042 4564        OMSI download service ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:51:52.0046 4564        PACSPTISVR ( UnsignedFile.Multi.Generic ) - skipped by user

12:51:52.0046 4564        PACSPTISVR ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:51:52.0050 4564        SPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user

12:51:52.0050 4564        SPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:51:52.0056 4564        StkTMini ( UnsignedFile.Multi.Generic ) - skipped by user

12:51:52.0056 4564        StkTMini ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:51:52.0060 4564        UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user

12:51:52.0060 4564        UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:51:52.0065 4564        VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - skipped by user

12:51:52.0065 4564        VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:51:52.0071 4564        VAIOMediaPlatform-IntegratedServer-AppServer ( UnsignedFile.Multi.Generic ) - skipped by user

12:51:52.0071 4564        VAIOMediaPlatform-IntegratedServer-AppServer ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:51:52.0076 4564        VAIOMediaPlatform-IntegratedServer-HTTP ( UnsignedFile.Multi.Generic ) - skipped by user

12:51:52.0076 4564        VAIOMediaPlatform-IntegratedServer-HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:51:52.0079 4564        VAIOMediaPlatform-IntegratedServer-UPnP ( UnsignedFile.Multi.Generic ) - skipped by user

12:51:52.0079 4564        VAIOMediaPlatform-IntegratedServer-UPnP ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:51:52.0081 4564        VAIOMediaPlatform-UCLS-AppServer ( UnsignedFile.Multi.Generic ) - skipped by user

12:51:52.0081 4564        VAIOMediaPlatform-UCLS-AppServer ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:51:52.0083 4564        VAIOMediaPlatform-UCLS-HTTP ( UnsignedFile.Multi.Generic ) - skipped by user

12:51:52.0083 4564        VAIOMediaPlatform-UCLS-HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:51:52.0085 4564        VAIOMediaPlatform-UCLS-UPnP ( UnsignedFile.Multi.Generic ) - skipped by user

12:51:52.0085 4564        VAIOMediaPlatform-UCLS-UPnP ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:51:52.0088 4564        VzCdbSvc ( UnsignedFile.Multi.Generic ) - skipped by user

12:51:52.0088 4564        VzCdbSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:51:52.0090 4564        VzFw ( UnsignedFile.Multi.Generic ) - skipped by user

12:51:52.0090 4564        VzFw ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:52:12.0110 5856        ============================================================

12:52:12.0110 5856        Scan started

12:52:12.0110 5856        Mode: Manual; SigCheck; TDLFS; 

12:52:12.0110 5856        ============================================================

12:52:12.0335 5856        ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

12:52:12.0356 5856        ACPI - ok

12:52:12.0449 5856        AdobeActiveFileMonitor5.0 (63ab43534cbf5d7f3eb81dfdc8161490) C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe

12:52:12.0461 5856        AdobeActiveFileMonitor5.0 - ok

12:52:12.0593 5856        adp94xx         (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys

12:52:12.0627 5856        adp94xx - ok

12:52:12.0661 5856        adpahci         (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys

12:52:12.0680 5856        adpahci - ok

12:52:12.0706 5856        adpu160m        (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys

12:52:12.0720 5856        adpu160m - ok

12:52:12.0745 5856        adpu320         (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys

12:52:12.0761 5856        adpu320 - ok

12:52:12.0792 5856        AeLookupSvc     (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll

12:52:12.0814 5856        AeLookupSvc - ok

12:52:12.0873 5856        AFD             (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys

12:52:12.0914 5856        AFD - ok

12:52:12.0940 5856        agp440          (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys

12:52:12.0956 5856        agp440 - ok

12:52:12.0978 5856        aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

12:52:12.0995 5856        aic78xx - ok

12:52:13.0040 5856        ALG             (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe

12:52:13.0072 5856        ALG - ok

12:52:13.0086 5856        aliide          (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys

12:52:13.0101 5856        aliide - ok

12:52:13.0109 5856        amdagp          (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys

12:52:13.0126 5856        amdagp - ok

12:52:13.0140 5856        amdide          (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys

12:52:13.0156 5856        amdide - ok

12:52:13.0177 5856        AmdK7           (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys

12:52:13.0233 5856        AmdK7 - ok

12:52:13.0244 5856        AmdK8           (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys

12:52:13.0295 5856        AmdK8 - ok

12:52:13.0414 5856        AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files\Avira\AntiVir Desktop\sched.exe

12:52:13.0430 5856        AntiVirSchedulerService - ok

12:52:13.0476 5856        AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files\Avira\AntiVir Desktop\avguard.exe

12:52:13.0492 5856        AntiVirService - ok

12:52:13.0572 5856        AntiVirWebService (676894fa57b671fec5c3f05f8929e03b) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE

12:52:13.0596 5856        AntiVirWebService - ok

12:52:13.0654 5856        ApfiltrService  (18bff317bdb10c64a35e1ca85f1ec051) C:\Windows\system32\DRIVERS\Apfiltr.sys

12:52:13.0672 5856        ApfiltrService - ok

12:52:13.0729 5856        Appinfo         (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll

12:52:13.0756 5856        Appinfo - ok

12:52:13.0790 5856        arc             (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys

12:52:13.0807 5856        arc - ok

12:52:13.0844 5856        arcsas          (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys

12:52:13.0859 5856        arcsas - ok

12:52:13.0904 5856        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

12:52:13.0938 5856        AsyncMac - ok

12:52:13.0982 5856        atapi           (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

12:52:14.0001 5856        atapi - ok

12:52:14.0061 5856        AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll

12:52:14.0090 5856        AudioEndpointBuilder - ok

12:52:14.0099 5856        Audiosrv        (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll

12:52:14.0150 5856        Audiosrv - ok

12:52:14.0189 5856        avgntflt        (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys

12:52:14.0204 5856        avgntflt - ok

12:52:14.0258 5856        avipbb          (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys

12:52:14.0271 5856        avipbb - ok

12:52:14.0289 5856        avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys

12:52:14.0303 5856        avkmgr - ok

12:52:14.0348 5856        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

12:52:14.0375 5856        Beep - ok

12:52:14.0407 5856        BFE             (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll

12:52:14.0451 5856        BFE - ok

12:52:14.0532 5856        BITS            (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll

12:52:14.0665 5856        BITS - ok

12:52:14.0670 5856        blbdrive - ok

12:52:14.0731 5856        bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys

12:52:14.0749 5856        bowser - ok

12:52:14.0776 5856        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

12:52:14.0802 5856        BrFiltLo - ok

12:52:14.0817 5856        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

12:52:14.0843 5856        BrFiltUp - ok

12:52:14.0938 5856        Browser         (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll

12:52:14.0982 5856        Browser - ok

12:52:15.0021 5856        Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

12:52:15.0095 5856        Brserid - ok

12:52:15.0127 5856        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

12:52:15.0202 5856        BrSerWdm - ok

12:52:15.0222 5856        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

12:52:15.0294 5856        BrUsbMdm - ok

12:52:15.0314 5856        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

12:52:15.0390 5856        BrUsbSer - ok

12:52:15.0426 5856        BthEnum         (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys

12:52:15.0448 5856        BthEnum - ok

12:52:15.0469 5856        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

12:52:15.0541 5856        BTHMODEM - ok

12:52:15.0596 5856        BthPan          (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys

12:52:15.0641 5856        BthPan - ok

12:52:15.0739 5856        BTHPORT         (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys

12:52:15.0777 5856        BTHPORT - ok

12:52:15.0830 5856        BthServ         (a4c8377fa4a994e07075107dbe2e3dce) C:\Windows\System32\bthserv.dll

12:52:15.0844 5856        BthServ - ok

12:52:15.0888 5856        BTHUSB          (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys

12:52:15.0901 5856        BTHUSB - ok

12:52:15.0929 5856        btwaudio        (6ca69fa57cf251e890105923ad215b99) C:\Windows\system32\drivers\btwaudio.sys

12:52:15.0941 5856        btwaudio - ok

12:52:15.0963 5856        btwavdt         (12b4a9afa82bfe5a7d8819bf7ae20601) C:\Windows\system32\drivers\btwavdt.sys

12:52:15.0975 5856        btwavdt - ok

12:52:15.0992 5856        btwl2cap        (d02f4d18aa4a38f781beefeb1892e144) C:\Windows\system32\DRIVERS\btwl2cap.sys

12:52:16.0002 5856        btwl2cap - ok

12:52:16.0013 5856        btwrchid        (d5e554f6c1a3baeb79daf9e1684f8102) C:\Windows\system32\DRIVERS\btwrchid.sys

12:52:16.0022 5856        btwrchid - ok

12:52:16.0073 5856        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

12:52:16.0100 5856        cdfs - ok

12:52:16.0142 5856        cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

12:52:16.0164 5856        cdrom - ok

12:52:16.0206 5856        CertPropSvc     (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll

12:52:16.0227 5856        CertPropSvc - ok

12:52:16.0253 5856        circlass        (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys

12:52:16.0303 5856        circlass - ok

12:52:16.0333 5856        CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

12:52:16.0358 5856        CLFS - ok

12:52:16.0456 5856        clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

12:52:16.0471 5856        clr_optimization_v2.0.50727_32 - ok

12:52:16.0557 5856        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

12:52:16.0574 5856        clr_optimization_v4.0.30319_32 - ok

12:52:16.0645 5856        CLTNetCnService - ok

12:52:16.0705 5856        CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

12:52:16.0747 5856        CmBatt - ok

12:52:16.0777 5856        cmdide          (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys

12:52:16.0797 5856        cmdide - ok

12:52:16.0806 5856        Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

12:52:16.0828 5856        Compbatt - ok

12:52:16.0833 5856        COMSysApp - ok

12:52:16.0843 5856        crcdisk         (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys

12:52:16.0863 5856        crcdisk - ok

12:52:16.0876 5856        Crusoe          (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys

12:52:16.0921 5856        Crusoe - ok

12:52:16.0965 5856        CryptSvc        (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll

12:52:16.0987 5856        CryptSvc - ok

12:52:17.0063 5856        DcomLaunch      (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll

12:52:17.0093 5856        DcomLaunch - ok

12:52:17.0140 5856        DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys

12:52:17.0155 5856        DfsC - ok

12:52:17.0313 5856        DFSR            (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe

12:52:17.0446 5856        DFSR - ok

12:52:17.0587 5856        Dhcp            (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll

12:52:17.0617 5856        Dhcp - ok

12:52:17.0674 5856        disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

12:52:17.0692 5856        disk - ok

12:52:17.0787 5856        DisplayLinkService (540091eb8287998236a802d1edc9b239) C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe

12:52:17.0824 5856        DisplayLinkService - ok

12:52:17.0881 5856        dlkmd           (a4949370238c55aef82317af36d8b939) C:\Windows\system32\drivers\dlkmd.sys

12:52:17.0907 5856        dlkmd - ok

12:52:17.0932 5856        dlkmdldr        (c8e26d7e2b8e354982d5e37e2c05fdba) C:\Windows\system32\drivers\dlkmdldr.sys

12:52:17.0947 5856        dlkmdldr - ok

12:52:17.0982 5856        DMICall         (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys

12:52:17.0998 5856        DMICall - ok

12:52:18.0049 5856        Dnscache        (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll

12:52:18.0075 5856        Dnscache - ok

12:52:18.0121 5856        dot3svc         (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll

12:52:18.0163 5856        dot3svc - ok

12:52:18.0226 5856        DPS             (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll

12:52:18.0255 5856        DPS - ok

12:52:18.0306 5856        drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

12:52:18.0325 5856        drmkaud - ok

12:52:18.0329 5856        dsltestSp5 - ok

12:52:18.0412 5856        DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys

12:52:18.0454 5856        DXGKrnl - ok

12:52:18.0484 5856        E1G60           (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys

12:52:18.0528 5856        E1G60 - ok

12:52:18.0577 5856        EapHost         (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll

12:52:18.0598 5856        EapHost - ok

12:52:18.0646 5856        Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

12:52:18.0664 5856        Ecache - ok

12:52:18.0722 5856        ehRecvr         (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe

12:52:18.0742 5856        ehRecvr - ok

12:52:18.0774 5856        ehSched         (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe

12:52:18.0790 5856        ehSched - ok

12:52:18.0797 5856        ehstart         (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll

12:52:18.0809 5856        ehstart - ok

12:52:18.0854 5856        elxstor         (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys

12:52:18.0890 5856        elxstor - ok

12:52:18.0963 5856        EMDMgmt         (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll

12:52:19.0009 5856        EMDMgmt - ok

12:52:19.0082 5856        EPSON_PM_RPCV4_01 (8fe6ab59cab8f2c038fea9522a5eeba7) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE

12:52:19.0099 5856        EPSON_PM_RPCV4_01 - ok

12:52:19.0169 5856        EventSystem     (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll

12:52:19.0202 5856        EventSystem - ok

12:52:19.0269 5856        exfat           (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

12:52:19.0289 5856        exfat - ok

12:52:19.0328 5856        fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

12:52:19.0370 5856        fastfat - ok

12:52:19.0403 5856        fdc             (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys

12:52:19.0456 5856        fdc - ok

12:52:19.0498 5856        fdPHost         (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll

12:52:19.0529 5856        fdPHost - ok

12:52:19.0556 5856        FDResPub        (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll

12:52:19.0611 5856        FDResPub - ok

12:52:19.0664 5856        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

12:52:19.0683 5856        FileInfo - ok

12:52:19.0742 5856        Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

12:52:19.0783 5856        Filetrace - ok

12:52:20.0017 5856        FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe

12:52:20.0138 5856        FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning

12:52:20.0138 5856        FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)

12:52:20.0278 5856        flpydisk        (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys

12:52:20.0351 5856        flpydisk - ok

12:52:20.0417 5856        FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

12:52:20.0444 5856        FltMgr - ok

12:52:20.0540 5856        FontCache       (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll

12:52:20.0631 5856        FontCache - ok

12:52:20.0710 5856        FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

12:52:20.0729 5856        FontCache3.0.0.0 - ok

12:52:20.0834 5856        Freemake Improver (37c2ff67a2565286f1c1c1072be74678) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

12:52:20.0841 5856        Freemake Improver ( UnsignedFile.Multi.Generic ) - warning

12:52:20.0841 5856        Freemake Improver - detected UnsignedFile.Multi.Generic (1)

12:52:20.0913 5856        Fs_Rec          (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys

12:52:20.0934 5856        Fs_Rec - ok

12:52:20.0969 5856        gagp30kx        (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys

12:52:20.0990 5856        gagp30kx - ok

12:52:21.0031 5856        GEARAspiWDM     (f877c945233039914dbe63b76f9a1065) C:\Windows\system32\Drivers\GEARAspiWDM.sys

12:52:21.0048 5856        GEARAspiWDM - ok

12:52:21.0080 5856        ggflt           (007aea2e06e7cef7372e40c277163959) C:\Windows\system32\DRIVERS\ggflt.sys

12:52:21.0095 5856        ggflt - ok

12:52:21.0108 5856        ggsemc          (c73de35960ca75c5ab4ae636b127c64e) C:\Windows\system32\DRIVERS\ggsemc.sys

12:52:21.0124 5856        ggsemc - ok

12:52:21.0217 5856        GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

12:52:21.0234 5856        GoogleDesktopManager-051210-111108 - ok

12:52:21.0316 5856        gpsvc           (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll

12:52:21.0390 5856        gpsvc - ok

12:52:21.0422 5856        gupdate1ca0ac0f00c0a80 (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe

12:52:21.0440 5856        gupdate1ca0ac0f00c0a80 - ok

12:52:21.0445 5856        gupdatem        (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe

12:52:21.0464 5856        gupdatem - ok

12:52:21.0503 5856        gusvc           (408ddd80eede47175f6844817b90213e) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

12:52:21.0523 5856        gusvc - ok

12:52:21.0568 5856        HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

12:52:21.0646 5856        HdAudAddService - ok

12:52:21.0720 5856        HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

12:52:21.0840 5856        HDAudBus - ok

12:52:21.0880 5856        HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

12:52:21.0984 5856        HidBth - ok

12:52:22.0000 5856        HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

12:52:22.0043 5856        HidIr - ok

12:52:22.0080 5856        hidserv         (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll

12:52:22.0095 5856        hidserv - ok

12:52:22.0133 5856        HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

12:52:22.0152 5856        HidUsb - ok

12:52:22.0206 5856        hkmsvc          (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll

12:52:22.0233 5856        hkmsvc - ok

12:52:22.0255 5856        HpCISSs         (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys

12:52:22.0267 5856        HpCISSs - ok

12:52:22.0313 5856        HSFHWAZL        (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS

12:52:22.0343 5856        HSFHWAZL - ok

12:52:22.0430 5856        HSF_DPV         (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys

12:52:22.0491 5856        HSF_DPV - ok

12:52:22.0522 5856        HSXHWAZL        (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys

12:52:22.0538 5856        HSXHWAZL - ok

12:52:22.0610 5856        HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

12:52:22.0677 5856        HTTP - ok

12:52:22.0710 5856        i2omp           (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys

12:52:22.0725 5856        i2omp - ok

12:52:22.0786 5856        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

12:52:22.0813 5856        i8042prt - ok

12:52:22.0865 5856        iaStor          (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\Windows\system32\DRIVERS\iaStor.sys

12:52:22.0889 5856        iaStor - ok

12:52:22.0976 5856        iaStorV         (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys

12:52:22.0994 5856        iaStorV - ok

12:52:23.0084 5856        IDriverT        (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

12:52:23.0090 5856        IDriverT ( UnsignedFile.Multi.Generic ) - warning

12:52:23.0090 5856        IDriverT - detected UnsignedFile.Multi.Generic (1)

12:52:23.0223 5856        idsvc           (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

12:52:23.0279 5856        idsvc - ok

12:52:23.0404 5856        iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

12:52:23.0417 5856        iirsp - ok

12:52:23.0481 5856        IKEEXT          (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll

12:52:23.0509 5856        IKEEXT - ok

12:52:23.0574 5856        intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

12:52:23.0586 5856        intelide - ok

12:52:23.0649 5856        intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

12:52:23.0675 5856        intelppm - ok

12:52:23.0736 5856        IPBusEnum       (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll

12:52:23.0770 5856        IPBusEnum - ok

12:52:23.0823 5856        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

12:52:23.0855 5856        IpFilterDriver - ok

12:52:23.0917 5856        iphlpsvc        (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll

12:52:23.0937 5856        iphlpsvc - ok

12:52:23.0942 5856        IpInIp - ok

12:52:23.0967 5856        IPMIDRV         (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys

12:52:24.0037 5856        IPMIDRV - ok

12:52:24.0103 5856        IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

12:52:24.0148 5856        IPNAT - ok

12:52:24.0196 5856        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

12:52:24.0236 5856        IRENUM - ok

12:52:24.0274 5856        isapnp          (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys

12:52:24.0294 5856        isapnp - ok

12:52:24.0340 5856        iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

12:52:24.0369 5856        iScsiPrt - ok

12:52:24.0391 5856        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

12:52:24.0412 5856        iteatapi - ok

12:52:24.0432 5856        iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

12:52:24.0452 5856        iteraid - ok

12:52:24.0505 5856        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

12:52:24.0527 5856        kbdclass - ok

12:52:24.0572 5856        kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys

12:52:24.0604 5856        kbdhid - ok

12:52:24.0666 5856        KeyIso          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe

12:52:24.0690 5856        KeyIso - ok

12:52:24.0735 5856        KSecDD          (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys

12:52:24.0794 5856        KSecDD - ok

12:52:24.0879 5856        KtmRm           (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll

12:52:24.0947 5856        KtmRm - ok

12:52:24.0987 5856        LanmanServer    (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll

12:52:25.0017 5856        LanmanServer - ok

12:52:25.0063 5856        LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll

12:52:25.0092 5856        LanmanWorkstation - ok

12:52:25.0146 5856        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

12:52:25.0189 5856        lltdio - ok

12:52:25.0256 5856        lltdsvc         (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll

12:52:25.0306 5856        lltdsvc - ok

12:52:25.0342 5856        lmhosts         (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll

12:52:25.0417 5856        lmhosts - ok

12:52:25.0449 5856        LSI_FC          (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys

12:52:25.0472 5856        LSI_FC - ok

12:52:25.0491 5856        LSI_SAS         (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys

12:52:25.0507 5856        LSI_SAS - ok

12:52:25.0522 5856        LSI_SCSI        (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys

12:52:25.0536 5856        LSI_SCSI - ok

12:52:25.0594 5856        luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

12:52:25.0620 5856        luafv - ok

12:52:25.0661 5856        lvpopflt        (01f0e010acb61472163e9d02d3ff531a) C:\Windows\system32\DRIVERS\lvpopflt.sys

12:52:25.0674 5856        lvpopflt - ok

12:52:25.0713 5856        LVPr2Mon        (c57c48fb9ae3efb9848af594e3123a63) C:\Windows\system32\DRIVERS\LVPr2Mon.sys

12:52:25.0723 5856        LVPr2Mon - ok

12:52:25.0817 5856        LVPrcSrv        (5c7b88695ce461d8bda4fe0c0e57e71d) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

12:52:25.0830 5856        LVPrcSrv - ok

12:52:25.0866 5856        LVRS            (87ecce893d8aec5a9337b917742d339c) C:\Windows\system32\DRIVERS\lvrs.sys

12:52:25.0882 5856        LVRS - ok

12:52:26.0354 5856        LVUVC           (291f69b3dda0f033d2490c5ba5179f7c) C:\Windows\system32\DRIVERS\lvuvc.sys

12:52:26.0802 5856        LVUVC - ok

12:52:27.0033 5856        lxeaCATSCustConnectService (be074bad48be291fe0e8f518b10af455) C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxeaserv.exe

12:52:27.0051 5856        lxeaCATSCustConnectService - ok

12:52:27.0057 5856        lxea_device - ok

12:52:27.0107 5856        MBAMProtector   (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys

12:52:27.0133 5856        MBAMProtector - ok

12:52:27.0234 5856        MBAMService     (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

12:52:27.0317 5856        MBAMService - ok

12:52:27.0367 5856        Mcx2Svc         (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll

12:52:27.0404 5856        Mcx2Svc - ok

12:52:27.0435 5856        mdmxsdk         (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys

12:52:27.0461 5856        mdmxsdk - ok

12:52:27.0500 5856        megasas         (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys

12:52:27.0533 5856        megasas - ok

12:52:27.0610 5856        MMCSS           (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll

12:52:27.0680 5856        MMCSS - ok

12:52:27.0738 5856        Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

12:52:27.0803 5856        Modem - ok

12:52:27.0859 5856        monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

12:52:27.0925 5856        monitor - ok

12:52:27.0990 5856        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

12:52:28.0005 5856        mouclass - ok

12:52:28.0016 5856        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

12:52:28.0043 5856        mouhid - ok

12:52:28.0093 5856        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

12:52:28.0107 5856        MountMgr - ok

12:52:28.0141 5856        MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

12:52:28.0155 5856        MozillaMaintenance - ok

12:52:28.0175 5856        mpio            (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys

12:52:28.0189 5856        mpio - ok

12:52:28.0203 5856        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

12:52:28.0224 5856        mpsdrv - ok

12:52:28.0294 5856        MpsSvc          (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll

12:52:28.0321 5856        MpsSvc - ok

12:52:28.0352 5856        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

12:52:28.0365 5856        Mraid35x - ok

12:52:28.0402 5856        MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

12:52:28.0420 5856        MRxDAV - ok

12:52:28.0460 5856        mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys

12:52:28.0492 5856        mrxsmb - ok

12:52:28.0563 5856        mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys

12:52:28.0582 5856        mrxsmb10 - ok

12:52:28.0598 5856        mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

12:52:28.0613 5856        mrxsmb20 - ok

12:52:28.0626 5856        msahci          (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys

12:52:28.0640 5856        msahci - ok

12:52:28.0737 5856        MSCSPTISRV      (8e46a7bac823dd82d4fb2a34c3df4c1d) C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe

12:52:28.0745 5856        MSCSPTISRV ( UnsignedFile.Multi.Generic ) - warning

12:52:28.0745 5856        MSCSPTISRV - detected UnsignedFile.Multi.Generic (1)

12:52:28.0771 5856        msdsm           (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys

12:52:28.0785 5856        msdsm - ok

12:52:28.0846 5856        MSDTC           (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe

12:52:28.0874 5856        MSDTC - ok

12:52:28.0906 5856        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

12:52:28.0932 5856        Msfs - ok

12:52:28.0969 5856        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

12:52:28.0981 5856        msisadrv - ok

12:52:29.0045 5856        MSiSCSI         (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll

12:52:29.0073 5856        MSiSCSI - ok

12:52:29.0077 5856        msiserver - ok

12:52:29.0135 5856        MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

12:52:29.0162 5856        MSKSSRV - ok

12:52:29.0176 5856        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

12:52:29.0201 5856        MSPCLOCK - ok

12:52:29.0246 5856        MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

12:52:29.0271 5856        MSPQM - ok

12:52:29.0322 5856        MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

12:52:29.0340 5856        MsRPC - ok

12:52:29.0354 5856        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

12:52:29.0369 5856        mssmbios - ok

12:52:29.0379 5856        MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

12:52:29.0412 5856        MSTEE - ok

12:52:29.0437 5856        Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

12:52:29.0455 5856        Mup - ok

12:52:29.0520 5856        napagent        (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll

12:52:29.0551 5856        napagent - ok

12:52:29.0597 5856        NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

12:52:29.0615 5856        NativeWifiP - ok

12:52:29.0663 5856        NBVol           (0ae25530894a934c6ca600865c6e9d7c) C:\Windows\system32\DRIVERS\NBVol.sys

12:52:29.0674 5856        NBVol - ok

12:52:29.0690 5856        NBVolUp         (1ddcef3039c9d90af3529dee6699967d) C:\Windows\system32\DRIVERS\NBVolUp.sys

12:52:29.0700 5856        NBVolUp - ok

12:52:29.0751 5856        NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

12:52:29.0794 5856        NDIS - ok

12:52:29.0857 5856        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

12:52:29.0880 5856        NdisTapi - ok

12:52:29.0945 5856        Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

12:52:29.0971 5856        Ndisuio - ok

12:52:29.0985 5856        NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

12:52:30.0009 5856        NdisWan - ok

12:52:30.0069 5856        NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

12:52:30.0092 5856        NDProxy - ok

12:52:30.0148 5856        NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

12:52:30.0174 5856        NetBIOS - ok

12:52:30.0229 5856        netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

12:52:30.0253 5856        netbt - ok

12:52:30.0313 5856        Netlogon        (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe

12:52:30.0327 5856        Netlogon - ok

12:52:30.0390 5856        Netman          (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll

12:52:30.0424 5856        Netman - ok

12:52:30.0482 5856        netprofm        (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll

12:52:30.0514 5856        netprofm - ok

12:52:30.0590 5856        NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

12:52:30.0604 5856        NetTcpPortSharing - ok

12:52:30.0777 5856        NETw4v32        (6522dd40a5f67ced020bd81b856613fb) C:\Windows\system32\DRIVERS\NETw4v32.sys

12:52:30.0958 5856        NETw4v32 - ok

12:52:31.0201 5856        nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

12:52:31.0220 5856        nfrd960 - ok

12:52:31.0287 5856        NlaSvc          (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll

12:52:31.0327 5856        NlaSvc - ok

12:52:31.0376 5856        Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

12:52:31.0401 5856        Npfs - ok

12:52:31.0429 5856        nsi             (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll

12:52:31.0471 5856        nsi - ok

12:52:31.0513 5856        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

12:52:31.0549 5856        nsiproxy - ok

12:52:31.0661 5856        Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

12:52:31.0783 5856        Ntfs - ok

12:52:31.0841 5856        ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

12:52:31.0884 5856        ntrigdigi - ok

12:52:31.0904 5856        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

12:52:31.0930 5856        Null - ok

12:52:32.0558 5856        nvlddmkm        (61cc6e7237973caa4e384ce97fd7a7b9) C:\Windows\system32\DRIVERS\nvlddmkm.sys

12:52:33.0262 5856        nvlddmkm - ok

12:52:33.0384 5856        nvraid          (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys

12:52:33.0398 5856        nvraid - ok

12:52:33.0437 5856        nvstor          (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys

12:52:33.0450 5856        nvstor - ok

12:52:33.0496 5856        nv_agp          (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys

12:52:33.0510 5856        nv_agp - ok

12:52:33.0513 5856        NwlnkFlt - ok

12:52:33.0519 5856        NwlnkFwd - ok

12:52:33.0666 5856        odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

12:52:33.0696 5856        odserv - ok

12:52:33.0742 5856        ohci1394        (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys

12:52:33.0764 5856        ohci1394 - ok

12:52:33.0838 5856        OMSI download service (da345de3b450e9e1691e7b9956d8ffc3) C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe

12:52:33.0844 5856        OMSI download service ( UnsignedFile.Multi.Generic ) - warning

12:52:33.0844 5856        OMSI download service - detected UnsignedFile.Multi.Generic (1)

12:52:33.0874 5856        ose             (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

12:52:33.0891 5856        ose - ok

12:52:33.0975 5856        p2pimsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll

12:52:34.0008 5856        p2pimsvc - ok

12:52:34.0017 5856        p2psvc          (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll

12:52:34.0081 5856        p2psvc - ok

12:52:34.0148 5856        PACSPTISVR      (753a8f339f231d2b857e2ccd51a6e6ca) C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

12:52:34.0153 5856        PACSPTISVR ( UnsignedFile.Multi.Generic ) - warning

12:52:34.0153 5856        PACSPTISVR - detected UnsignedFile.Multi.Generic (1)

12:52:34.0189 5856        Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

12:52:34.0263 5856        Parport - ok

12:52:34.0312 5856        partmgr         (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys

12:52:34.0326 5856        partmgr - ok

12:52:34.0344 5856        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

12:52:34.0386 5856        Parvdm - ok

12:52:34.0443 5856        PcaSvc          (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll

12:52:34.0459 5856        PcaSvc - ok

12:52:34.0507 5856        pci             (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

12:52:34.0524 5856        pci - ok

12:52:34.0535 5856        pciide          (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys

12:52:34.0546 5856        pciide - ok

12:52:34.0599 5856        pcmcia          (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys

12:52:34.0617 5856        pcmcia - ok

12:52:34.0685 5856        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

12:52:34.0772 5856        PEAUTH - ok

12:52:34.0925 5856        pla             (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll

12:52:35.0029 5856        pla - ok

12:52:35.0190 5856        PlugPlay        (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll

12:52:35.0220 5856        PlugPlay - ok

12:52:35.0311 5856        PNRPAutoReg     (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll

12:52:35.0352 5856        PNRPAutoReg - ok

12:52:35.0363 5856        PNRPsvc         (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll

12:52:35.0413 5856        PNRPsvc - ok

12:52:35.0461 5856        PolicyAgent     (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll

12:52:35.0535 5856        PolicyAgent - ok

12:52:35.0628 5856        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

12:52:35.0671 5856        PptpMiniport - ok

12:52:35.0711 5856        Processor       (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys

12:52:35.0783 5856        Processor - ok

12:52:35.0837 5856        ProfSvc         (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll

12:52:35.0877 5856        ProfSvc - ok

12:52:35.0934 5856        ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe

12:52:35.0957 5856        ProtectedStorage - ok

12:52:35.0996 5856        PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

12:52:36.0031 5856        PSched - ok

12:52:36.0064 5856        PxHelp20        (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys

12:52:36.0081 5856        PxHelp20 - ok

12:52:36.0161 5856        ql2300          (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys

12:52:36.0260 5856        ql2300 - ok

12:52:36.0289 5856        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

12:52:36.0312 5856        ql40xx - ok

12:52:36.0377 5856        QWAVE           (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll

12:52:36.0409 5856        QWAVE - ok

12:52:36.0460 5856        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

12:52:36.0483 5856        QWAVEdrv - ok

12:52:36.0521 5856        R5U870FLx86     (9ac8ac6cd00100443ea6afd0a4ade8f7) C:\Windows\system32\Drivers\R5U870FLx86.sys

12:52:36.0541 5856        R5U870FLx86 - ok

12:52:36.0561 5856        R5U870FUx86     (1ae358affffd13bf6ec7dc72dccfac12) C:\Windows\system32\Drivers\R5U870FUx86.sys

12:52:36.0586 5856        R5U870FUx86 - ok

12:52:36.0679 5856        RapiMgr         (70dbdab246c18b78e2200d6401d038be) C:\Windows\WindowsMobile\rapimgr.dll

12:52:36.0723 5856        RapiMgr - ok

12:52:36.0782 5856        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

12:52:36.0816 5856        RasAcd - ok

12:52:36.0879 5856        RasAuto         (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll

12:52:36.0914 5856        RasAuto - ok

12:52:36.0981 5856        Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

12:52:37.0012 5856        Rasl2tp - ok

12:52:37.0065 5856        RasMan          (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll

12:52:37.0098 5856        RasMan - ok

12:52:37.0139 5856        RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

12:52:37.0169 5856        RasPppoe - ok

12:52:37.0216 5856        RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

12:52:37.0237 5856        RasSstp - ok

12:52:37.0297 5856        rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

12:52:37.0337 5856        rdbss - ok

12:52:37.0361 5856        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

12:52:37.0393 5856        RDPCDD - ok

12:52:37.0446 5856        rdpdr           (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys

12:52:37.0500 5856        rdpdr - ok

12:52:37.0538 5856        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

12:52:37.0564 5856        RDPENCDD - ok

12:52:37.0625 5856        RDPWD           (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys

12:52:37.0642 5856        RDPWD - ok

12:52:37.0670 5856        regi            (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys

12:52:37.0678 5856        regi - ok

12:52:37.0729 5856        RemoteAccess    (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll

12:52:37.0757 5856        RemoteAccess - ok

12:52:37.0799 5856        RemoteRegistry  (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll

12:52:37.0824 5856        RemoteRegistry - ok

12:52:37.0874 5856        RFCOMM          (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys

12:52:37.0897 5856        RFCOMM - ok

12:52:37.0924 5856        RpcLocator      (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe

12:52:37.0938 5856        RpcLocator - ok

12:52:38.0021 5856        RpcSs           (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll

12:52:38.0074 5856        RpcSs - ok

12:52:38.0126 5856        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

12:52:38.0164 5856        rspndr - ok

12:52:38.0215 5856        s0017bus        (594ff5620661d1386475406e78cb6f2f) C:\Windows\system32\DRIVERS\s0017bus.sys

12:52:38.0231 5856        s0017bus - ok

12:52:38.0247 5856        s0017mdfl       (7258f550419d543bc5c8e80c578a5d54) C:\Windows\system32\DRIVERS\s0017mdfl.sys

12:52:38.0258 5856        s0017mdfl - ok

12:52:38.0277 5856        s0017mdm        (1de4f6607feb17a15dbd4f1b139e6d2f) C:\Windows\system32\DRIVERS\s0017mdm.sys

12:52:38.0292 5856        s0017mdm - ok

12:52:38.0310 5856        s0017mgmt       (9814e6bacc06d2526cd52981c7eeedf0) C:\Windows\system32\DRIVERS\s0017mgmt.sys

12:52:38.0325 5856        s0017mgmt - ok

12:52:38.0367 5856        s0017nd5        (2c62cd58225973f26682cd4f783ddede) C:\Windows\system32\DRIVERS\s0017nd5.sys

12:52:38.0380 5856        s0017nd5 - ok

12:52:38.0405 5856        s0017obex       (f87c3422e84b2fb1b43e0a26247ad5a5) C:\Windows\system32\DRIVERS\s0017obex.sys

12:52:38.0424 5856        s0017obex - ok

12:52:38.0446 5856        s0017unic       (df5e7360a0afa5956bf75da683d0679f) C:\Windows\system32\DRIVERS\s0017unic.sys

12:52:38.0465 5856        s0017unic - ok

12:52:38.0512 5856        s116bus         (815445f4676cc96bc9aeec303c727e19) C:\Windows\system32\DRIVERS\s116bus.sys

12:52:38.0531 5856        s116bus - ok

12:52:38.0548 5856        s116mdfl        (333d1e0743e6de1779c3c418ac601c3a) C:\Windows\system32\DRIVERS\s116mdfl.sys

12:52:38.0564 5856        s116mdfl - ok

12:52:38.0592 5856        s116mdm         (50d6e5b021e9ec7553ab8a3553cc1b6b) C:\Windows\system32\DRIVERS\s116mdm.sys

12:52:38.0612 5856        s116mdm - ok

12:52:38.0632 5856        s116mgmt        (1589aa53e43f8d193a7d4d580d3ffa95) C:\Windows\system32\DRIVERS\s116mgmt.sys

12:52:38.0653 5856        s116mgmt - ok

12:52:38.0698 5856        s116nd5         (306f85733671fe507470f0273025e768) C:\Windows\system32\DRIVERS\s116nd5.sys

12:52:38.0715 5856        s116nd5 - ok

12:52:38.0741 5856        s116obex        (ec32601f04a5a5de89315d0f55e73d66) C:\Windows\system32\DRIVERS\s116obex.sys

12:52:38.0760 5856        s116obex - ok

12:52:38.0777 5856        s116unic        (32e3ecb4b2b5887426eaf241a8149cde) C:\Windows\system32\DRIVERS\s116unic.sys

12:52:38.0796 5856        s116unic - ok

12:52:38.0840 5856        s3017bus        (aa786ad3a2684d39630744787b00e6f4) C:\Windows\system32\DRIVERS\s3017bus.sys

12:52:38.0858 5856        s3017bus - ok

12:52:38.0876 5856        s3017mdfl       (cba4ca5bce44084e98ce420fd6692d3a) C:\Windows\system32\DRIVERS\s3017mdfl.sys

12:52:38.0891 5856        s3017mdfl - ok

12:52:38.0915 5856        s3017mdm        (68036eff647970d6c0399789c8707cad) C:\Windows\system32\DRIVERS\s3017mdm.sys

12:52:38.0935 5856        s3017mdm - ok

12:52:38.0963 5856        s3017mgmt       (3672e7f9349bd98fd3f5ac33e7b2b1a6) C:\Windows\system32\DRIVERS\s3017mgmt.sys

12:52:38.0999 5856        s3017mgmt - ok

12:52:39.0026 5856        s3017nd5        (b1133b37eb184aef81d56b4302dbae9c) C:\Windows\system32\DRIVERS\s3017nd5.sys

12:52:39.0041 5856        s3017nd5 - ok

12:52:39.0069 5856        s3017obex       (d81b1d504aa1426622e7ec09f25130a9) C:\Windows\system32\DRIVERS\s3017obex.sys

12:52:39.0089 5856        s3017obex - ok

12:52:39.0147 5856        s3017unic       (7b95c53ea8bb585013767eef2875c0a0) C:\Windows\system32\DRIVERS\s3017unic.sys

12:52:39.0168 5856        s3017unic - ok

12:52:39.0223 5856        SamSs           (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe

12:52:39.0247 5856        SamSs - ok

12:52:39.0278 5856        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

12:52:39.0300 5856        sbp2port - ok

12:52:39.0362 5856        SCardSvr        (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll

12:52:39.0401 5856        SCardSvr - ok

12:52:39.0479 5856        Schedule        (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll

12:52:39.0541 5856        Schedule - ok

12:52:39.0597 5856        SCPolicySvc     (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll

12:52:39.0630 5856        SCPolicySvc - ok

12:52:39.0683 5856        SDRSVC          (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll

12:52:39.0728 5856        SDRSVC - ok

12:52:39.0748 5856        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

12:52:39.0819 5856        secdrv - ok

12:52:39.0882 5856        seclogon        (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll

12:52:39.0926 5856        seclogon - ok

12:52:39.0959 5856        seehcri         (e5b56569a9f79b70314fede6c953641e) C:\Windows\system32\DRIVERS\seehcri.sys

12:52:39.0979 5856        seehcri - ok

12:52:39.0994 5856        SENS            (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll

12:52:40.0040 5856        SENS - ok

12:52:40.0071 5856        Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

12:52:40.0142 5856        Serenum - ok

12:52:40.0169 5856        Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

12:52:40.0244 5856        Serial - ok

12:52:40.0299 5856        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

12:52:40.0324 5856        sermouse - ok

12:52:40.0388 5856        SessionEnv      (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll

12:52:40.0417 5856        SessionEnv - ok

12:52:40.0434 5856        sffdisk         (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys

12:52:40.0477 5856        sffdisk - ok

12:52:40.0486 5856        sffp_mmc        (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys

12:52:40.0527 5856        sffp_mmc - ok

12:52:40.0544 5856        sffp_sd         (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys

12:52:40.0586 5856        sffp_sd - ok

12:52:40.0592 5856        sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\DRIVERS\sfloppy.sys

12:52:40.0635 5856        sfloppy - ok

12:52:40.0704 5856        SharedAccess    (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll

12:52:40.0737 5856        SharedAccess - ok

12:52:40.0790 5856        ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll

12:52:40.0808 5856        ShellHWDetection - ok

12:52:40.0825 5856        sisagp          (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys

12:52:40.0839 5856        sisagp - ok

12:52:40.0856 5856        SiSRaid2        (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys

12:52:40.0869 5856        SiSRaid2 - ok

12:52:40.0887 5856        SiSRaid4        (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys

12:52:40.0901 5856        SiSRaid4 - ok

12:52:41.0167 5856        slsvc           (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe

12:52:41.0499 5856        slsvc - ok

12:52:41.0657 5856        SLUINotify      (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll

12:52:41.0695 5856        SLUINotify - ok

12:52:41.0752 5856        Smb             (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

12:52:41.0788 5856        Smb - ok

12:52:41.0821 5856        SNC             (db31d8989b3450569c29780e7fa98c48) C:\Windows\system32\Drivers\SonyNC.sys

12:52:41.0839 5856        SNC - ok

12:52:41.0875 5856        SNMPTRAP        (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe

12:52:41.0900 5856        SNMPTRAP - ok

12:52:42.0068 5856        Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Program Files\Sony\Sony PC Companion\PCCService.exe

12:52:42.0090 5856        Sony PC Companion - ok

12:52:42.0144 5856        spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

12:52:42.0175 5856        spldr - ok

12:52:42.0226 5856        Spooler         (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe

12:52:42.0268 5856        Spooler - ok

12:52:42.0338 5856        SPTISRV         (e3e6c96b0ef4492c3c8fd0deef4e35a1) C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

12:52:42.0350 5856        SPTISRV ( UnsignedFile.Multi.Generic ) - warning

12:52:42.0350 5856        SPTISRV - detected UnsignedFile.Multi.Generic (1)

12:52:42.0435 5856        srv             (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys

12:52:42.0492 5856        srv - ok

12:52:42.0546 5856        srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys

12:52:42.0569 5856        srv2 - ok

12:52:42.0587 5856        srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys

12:52:42.0624 5856        srvnet - ok

12:52:42.0656 5856        SSDPSRV         (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll

12:52:42.0703 5856        SSDPSRV - ok

12:52:42.0731 5856        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys

12:52:42.0749 5856        ssmdrv - ok

12:52:42.0806 5856        SstpSvc         (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll

12:52:42.0828 5856        SstpSvc - ok

12:52:42.0863 5856        STacSV          (b218068eba6f46f102b4218bdb81be0b) C:\Windows\system32\stacsv.exe

12:52:42.0880 5856        STacSV - ok

12:52:42.0928 5856        STHDA           (167909a1c36aa3e8f2582962f0ccc748) C:\Windows\system32\drivers\stwrt.sys

12:52:42.0962 5856        STHDA - ok

12:52:43.0040 5856        stisvc          (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll

12:52:43.0087 5856        stisvc - ok

12:52:43.0159 5856        StkTMini        (0933717146e8054f133b5bdb874ef9fa) C:\Windows\system32\Drivers\StkTMini.sys

12:52:43.0185 5856        StkTMini ( UnsignedFile.Multi.Generic ) - warning

12:52:43.0185 5856        StkTMini - detected UnsignedFile.Multi.Generic (1)

12:52:43.0246 5856        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

12:52:43.0258 5856        swenum - ok

12:52:43.0314 5856        swprv           (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll

12:52:43.0356 5856        swprv - ok

12:52:43.0381 5856        Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

12:52:43.0394 5856        Symc8xx - ok

12:52:43.0412 5856        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

12:52:43.0425 5856        Sym_hi - ok

12:52:43.0444 5856        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

12:52:43.0457 5856        Sym_u3 - ok

12:52:43.0530 5856        SysMain         (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll

12:52:43.0579 5856        SysMain - ok

12:52:43.0619 5856        TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll

12:52:43.0637 5856        TabletInputService - ok

12:52:43.0698 5856        TapiSrv         (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll

12:52:43.0726 5856        TapiSrv - ok

12:52:43.0777 5856        TBS             (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll

12:52:43.0812 5856        TBS - ok

12:52:43.0909 5856        Tcpip           (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys

12:52:43.0975 5856        Tcpip - ok

12:52:43.0989 5856        Tcpip6          (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys

12:52:44.0063 5856        Tcpip6 - ok

12:52:44.0108 5856        tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys

12:52:44.0126 5856        tcpipreg - ok

12:52:44.0188 5856        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

12:52:44.0229 5856        TDPIPE - ok

12:52:44.0246 5856        TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

12:52:44.0288 5856        TDTCP - ok

12:52:44.0337 5856        tdx             (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

12:52:44.0372 5856        tdx - ok

12:52:44.0419 5856        TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

12:52:44.0444 5856        TermDD - ok

12:52:44.0512 5856        TermService     (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll

12:52:44.0558 5856        TermService - ok

12:52:44.0615 5856        Themes          (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll

12:52:44.0664 5856        Themes - ok

12:52:44.0722 5856        THREADORDER     (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll

12:52:44.0766 5856        THREADORDER - ok

12:52:44.0852 5856        ti21sony        (909cd987b54a8179c9aee874d754721a) C:\Windows\system32\drivers\ti21sony.sys

12:52:44.0929 5856        ti21sony - ok

12:52:44.0966 5856        TrkWks          (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll

12:52:45.0035 5856        TrkWks - ok

12:52:45.0105 5856        TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe

12:52:45.0154 5856        TrustedInstaller - ok

12:52:45.0223 5856        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

12:52:45.0286 5856        tssecsrv - ok

12:52:45.0344 5856        tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

12:52:45.0377 5856        tunmp - ok

12:52:45.0439 5856        tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

12:52:45.0473 5856        tunnel - ok

12:52:45.0508 5856        uagp35          (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys

12:52:45.0542 5856        uagp35 - ok

12:52:45.0579 5856        udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

12:52:45.0619 5856        udfs - ok

12:52:45.0684 5856        UI0Detect       (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe

12:52:45.0732 5856        UI0Detect - ok

12:52:45.0872 5856        UleadBurningHelper (f13da74969897359a88f2a739f54a250) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

12:52:45.0879 5856        UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning

12:52:45.0879 5856        UleadBurningHelper - detected UnsignedFile.Multi.Generic (1)

12:52:45.0905 5856        uliagpkx        (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys

12:52:45.0926 5856        uliagpkx - ok

12:52:45.0960 5856        uliahci         (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys

12:52:45.0988 5856        uliahci - ok

12:52:46.0008 5856        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

12:52:46.0031 5856        UlSata - ok

12:52:46.0046 5856        ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

12:52:46.0069 5856        ulsata2 - ok

12:52:46.0127 5856        umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

12:52:46.0170 5856        umbus - ok

12:52:46.0239 5856        upnphost        (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll

12:52:46.0290 5856        upnphost - ok

12:52:46.0343 5856        usbaudio        (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys

12:52:46.0378 5856        usbaudio - ok

12:52:46.0436 5856        usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

12:52:46.0471 5856        usbccgp - ok

12:52:46.0512 5856        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

12:52:46.0585 5856        usbcir - ok

12:52:46.0635 5856        usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

12:52:46.0669 5856        usbehci - ok

12:52:46.0694 5856        usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

12:52:46.0733 5856        usbhub - ok

12:52:46.0751 5856        usbohci         (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

12:52:46.0825 5856        usbohci - ok

12:52:46.0842 5856        usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

12:52:46.0883 5856        usbprint - ok

12:52:46.0939 5856        usbscan         (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys

12:52:46.0973 5856        usbscan - ok

12:52:46.0996 5856        USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

12:52:47.0031 5856        USBSTOR - ok

12:52:47.0090 5856        usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

12:52:47.0124 5856        usbuhci - ok

12:52:47.0232 5856        usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys

12:52:47.0279 5856        usbvideo - ok

12:52:47.0312 5856        UxSms           (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll

12:52:47.0340 5856        UxSms - ok

12:52:47.0452 5856        VAIO Entertainment TV Device Arbitration Service (afbcd738df9de3b6d71afc704e7f27fb) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

12:52:47.0458 5856        VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - warning

12:52:47.0458 5856        VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic (1)

12:52:47.0540 5856        VAIO Event Service (8a9f18adad471402236ca931553bf79b) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

12:52:47.0555 5856        VAIO Event Service - ok

12:52:47.0754 5856        VAIOMediaPlatform-IntegratedServer-AppServer (0a4cd617ed1f03c8b7310fc4871173a4) C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe

12:52:47.0947 5856        VAIOMediaPlatform-IntegratedServer-AppServer ( UnsignedFile.Multi.Generic ) - warning

12:52:47.0947 5856        VAIOMediaPlatform-IntegratedServer-AppServer - detected UnsignedFile.Multi.Generic (1)

12:52:48.0133 5856        VAIOMediaPlatform-IntegratedServer-HTTP (56e33aaa46cba8431e72486196afb3a1) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe

12:52:48.0161 5856        VAIOMediaPlatform-IntegratedServer-HTTP ( UnsignedFile.Multi.Generic ) - warning

12:52:48.0161 5856        VAIOMediaPlatform-IntegratedServer-HTTP - detected UnsignedFile.Multi.Generic (1)

12:52:48.0263 5856        VAIOMediaPlatform-IntegratedServer-UPnP (addf0e4e19bd2ff0a0b852d324fdc281) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

12:52:48.0357 5856        VAIOMediaPlatform-IntegratedServer-UPnP ( UnsignedFile.Multi.Generic ) - warning

12:52:48.0357 5856        VAIOMediaPlatform-IntegratedServer-UPnP - detected UnsignedFile.Multi.Generic (1)

12:52:48.0523 5856        VAIOMediaPlatform-UCLS-AppServer (52d4f568fe7d05ae5026b8717eeb59eb) C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe

12:52:48.0568 5856        VAIOMediaPlatform-UCLS-AppServer ( UnsignedFile.Multi.Generic ) - warning

12:52:48.0568 5856        VAIOMediaPlatform-UCLS-AppServer - detected UnsignedFile.Multi.Generic (1)

12:52:48.0622 5856        VAIOMediaPlatform-UCLS-HTTP (56e33aaa46cba8431e72486196afb3a1) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe

12:52:48.0820 5856        VAIOMediaPlatform-UCLS-HTTP ( UnsignedFile.Multi.Generic ) - warning

12:52:48.0820 5856        VAIOMediaPlatform-UCLS-HTTP - detected UnsignedFile.Multi.Generic (1)

12:52:48.0943 5856        VAIOMediaPlatform-UCLS-UPnP (addf0e4e19bd2ff0a0b852d324fdc281) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

12:52:49.0029 5856        VAIOMediaPlatform-UCLS-UPnP ( UnsignedFile.Multi.Generic ) - warning

12:52:49.0030 5856        VAIOMediaPlatform-UCLS-UPnP - detected UnsignedFile.Multi.Generic (1)

12:52:49.0107 5856        VcmIAlzMgr      (5d325b6add78a111be62a3842cf05345) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

12:52:49.0157 5856        VcmIAlzMgr - ok

12:52:49.0263 5856        VcmXmlIfHelper  (c4de5ba157fd83bbdaeb70ee27417e0e) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe

12:52:49.0288 5856        VcmXmlIfHelper - ok

12:52:49.0340 5856        Vcsw - ok

12:52:49.0529 5856        vds             (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe

12:52:49.0611 5856        vds - ok

12:52:49.0669 5856        vga             (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

12:52:49.0731 5856        vga - ok

12:52:49.0786 5856        VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

12:52:49.0848 5856        VgaSave - ok

12:52:49.0892 5856        viaagp          (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys

12:52:49.0924 5856        viaagp - ok

12:52:49.0949 5856        ViaC7           (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys

12:52:50.0013 5856        ViaC7 - ok

12:52:50.0027 5856        viaide          (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys

12:52:50.0039 5856        viaide - ok

12:52:50.0092 5856        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

12:52:50.0105 5856        volmgr - ok

12:52:50.0160 5856        volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

12:52:50.0181 5856        volmgrx - ok

12:52:50.0234 5856        volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

12:52:50.0253 5856        volsnap - ok

12:52:50.0272 5856        vsmraid         (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys

12:52:50.0287 5856        vsmraid - ok

12:52:50.0396 5856        VSS             (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe

12:52:50.0498 5856        VSS - ok

12:52:50.0609 5856        VzCdbSvc        (2e785f4f92c4c67cebb61dd55ed1f6a1) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

12:52:50.0617 5856        VzCdbSvc ( UnsignedFile.Multi.Generic ) - warning

12:52:50.0618 5856        VzCdbSvc - detected UnsignedFile.Multi.Generic (1)

12:52:50.0654 5856        VzFw            (2d876cad8c7ffb08179dff361ff851e6) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

12:52:50.0660 5856        VzFw ( UnsignedFile.Multi.Generic ) - warning

12:52:50.0661 5856        VzFw - detected UnsignedFile.Multi.Generic (1)

12:52:50.0800 5856        W32Time         (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll

12:52:50.0831 5856        W32Time - ok

12:52:50.0864 5856        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

12:52:50.0918 5856        WacomPen - ok

12:52:50.0972 5856        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

12:52:50.0996 5856        Wanarp - ok

12:52:50.0999 5856        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

12:52:51.0022 5856        Wanarpv6 - ok

12:52:51.0115 5856        WcesComm        (779f9c90d3fe9c70b6ffd8ef035f3e83) C:\Windows\WindowsMobile\wcescomm.dll

12:52:51.0197 5856        WcesComm - ok

12:52:51.0257 5856        wcncsvc         (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll

12:52:51.0293 5856        wcncsvc - ok

12:52:51.0353 5856        WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll

12:52:51.0377 5856        WcsPlugInService - ok

12:52:51.0395 5856        Wd              (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys

12:52:51.0407 5856        Wd - ok

12:52:51.0503 5856        Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

12:52:51.0546 5856        Wdf01000 - ok

12:52:51.0598 5856        WdiServiceHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll

12:52:51.0627 5856        WdiServiceHost - ok

12:52:51.0630 5856        WdiSystemHost   (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll

12:52:51.0660 5856        WdiSystemHost - ok

12:52:51.0704 5856        WebClient       (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll

12:52:51.0722 5856        WebClient - ok

12:52:51.0771 5856        Wecsvc          (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll

12:52:51.0790 5856        Wecsvc - ok

12:52:51.0838 5856        wercplsupport   (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll

12:52:51.0862 5856        wercplsupport - ok

12:52:51.0910 5856        WerSvc          (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll

12:52:51.0934 5856        WerSvc - ok

12:52:51.0970 5856        WimFltr         (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\Windows\system32\DRIVERS\wimfltr.sys

12:52:51.0987 5856        WimFltr - ok

12:52:52.0052 5856        winachsf        (5a77ac34a0ffb70ce8b35b524fede9ba) C:\Windows\system32\DRIVERS\HSX_CNXT.sys

12:52:52.0105 5856        winachsf - ok

12:52:52.0226 5856        WinDefend       (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll

12:52:52.0252 5856        WinDefend - ok

12:52:52.0260 5856        WinHttpAutoProxySvc - ok

12:52:52.0321 5856        Winmgmt         (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll

12:52:52.0350 5856        Winmgmt - ok

12:52:52.0473 5856        WinRM           (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll

12:52:52.0557 5856        WinRM - ok

12:52:52.0636 5856        winusb          (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\winusb.sys

12:52:52.0670 5856        winusb - ok

12:52:52.0748 5856        Wlansvc         (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll

12:52:52.0824 5856        Wlansvc - ok

12:52:52.0867 5856        WmiAcpi         (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys

12:52:52.0941 5856        WmiAcpi - ok

12:52:53.0023 5856        wmiApSrv        (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe

12:52:53.0060 5856        wmiApSrv - ok

12:52:53.0220 5856        WMPNetworkSvc   (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe

12:52:53.0299 5856        WMPNetworkSvc - ok

12:52:53.0324 5856        WPCSvc          (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll

12:52:53.0392 5856        WPCSvc - ok

12:52:53.0436 5856        WPDBusEnum      (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll

12:52:53.0465 5856        WPDBusEnum - ok

12:52:53.0541 5856        WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

12:52:53.0564 5856        WpdUsb - ok

12:52:53.0732 5856        WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

12:52:53.0774 5856        WPFFontCache_v0400 - ok

12:52:53.0832 5856        ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

12:52:53.0873 5856        ws2ifsl - ok

12:52:53.0916 5856        wscsvc          (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll

12:52:53.0946 5856        wscsvc - ok

12:52:53.0979 5856        WSDPrintDevice  (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys

12:52:54.0014 5856        WSDPrintDevice - ok

12:52:54.0021 5856        WSearch - ok

12:52:54.0205 5856        wuauserv        (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll

12:52:54.0382 5856        wuauserv - ok

12:52:54.0544 5856        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

12:52:54.0585 5856        WUDFRd - ok

12:52:54.0641 5856        wudfsvc         (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll

12:52:54.0669 5856        wudfsvc - ok

12:52:54.0700 5856        XAudio          (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys

12:52:54.0712 5856        XAudio - ok

12:52:54.0748 5856        XAudioService   (15a317674a08df26be65164d959e9203) C:\Windows\system32\DRIVERS\xaudio.exe

12:52:54.0808 5856        XAudioService - ok

12:52:54.0878 5856        yukonwlh        (7927e830ecde6db3682cc319bad26984) C:\Windows\system32\DRIVERS\yk60x86.sys

12:52:54.0898 5856        yukonwlh - ok

12:52:54.0939 5856        MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

12:52:55.0130 5856        \Device\Harddisk0\DR0 - ok

12:52:55.0133 5856        Boot (0x1200)   (3615683225c78d54b0482cf5c756d7e8) \Device\Harddisk0\DR0\Partition0

12:52:55.0135 5856        \Device\Harddisk0\DR0\Partition0 - ok

12:52:55.0136 5856        ============================================================

12:52:55.0136 5856        Scan finished

12:52:55.0136 5856        ============================================================

12:52:55.0148 2228        Detected object count: 18

12:52:55.0148 2228        Actual detected object count: 18

12:52:59.0406 2228        FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user

12:52:59.0406 2228        FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:52:59.0408 2228        Freemake Improver ( UnsignedFile.Multi.Generic ) - skipped by user

12:52:59.0408 2228        Freemake Improver ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:52:59.0411 2228        IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

12:52:59.0412 2228        IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:52:59.0414 2228        MSCSPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user

12:52:59.0414 2228        MSCSPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:52:59.0416 2228        OMSI download service ( UnsignedFile.Multi.Generic ) - skipped by user

12:52:59.0416 2228        OMSI download service ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:52:59.0418 2228        PACSPTISVR ( UnsignedFile.Multi.Generic ) - skipped by user

12:52:59.0418 2228        PACSPTISVR ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:52:59.0420 2228        SPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user

12:52:59.0420 2228        SPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:52:59.0422 2228        StkTMini ( UnsignedFile.Multi.Generic ) - skipped by user

12:52:59.0422 2228        StkTMini ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:52:59.0424 2228        UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user

12:52:59.0424 2228        UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:52:59.0426 2228        VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - skipped by user

12:52:59.0426 2228        VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:52:59.0429 2228        VAIOMediaPlatform-IntegratedServer-AppServer ( UnsignedFile.Multi.Generic ) - skipped by user

12:52:59.0429 2228        VAIOMediaPlatform-IntegratedServer-AppServer ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:52:59.0431 2228        VAIOMediaPlatform-IntegratedServer-HTTP ( UnsignedFile.Multi.Generic ) - skipped by user

12:52:59.0431 2228        VAIOMediaPlatform-IntegratedServer-HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:52:59.0433 2228        VAIOMediaPlatform-IntegratedServer-UPnP ( UnsignedFile.Multi.Generic ) - skipped by user

12:52:59.0433 2228        VAIOMediaPlatform-IntegratedServer-UPnP ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:52:59.0435 2228        VAIOMediaPlatform-UCLS-AppServer ( UnsignedFile.Multi.Generic ) - skipped by user

12:52:59.0435 2228        VAIOMediaPlatform-UCLS-AppServer ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:52:59.0437 2228        VAIOMediaPlatform-UCLS-HTTP ( UnsignedFile.Multi.Generic ) - skipped by user

12:52:59.0437 2228        VAIOMediaPlatform-UCLS-HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:52:59.0439 2228        VAIOMediaPlatform-UCLS-UPnP ( UnsignedFile.Multi.Generic ) - skipped by user

12:52:59.0439 2228        VAIOMediaPlatform-UCLS-UPnP ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:52:59.0441 2228        VzCdbSvc ( UnsignedFile.Multi.Generic ) - skipped by user

12:52:59.0442 2228        VzCdbSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 

12:52:59.0444 2228        VzFw ( UnsignedFile.Multi.Generic ) - skipped by user

12:52:59.0445 2228        VzFw ( UnsignedFile.Multi.Generic ) - User select action: Skip

So, das wars... Sieht nicht gut aus?!?

cosinus

14.05.2012 12:44

Nun bleib doch mal ruhig....einatmen, ausatmen :)

Zitat:

Oje, jetzt versteh ich gar nichts mehr...
Wieso war das mit den Attributen denn vorher nicht?

Das war der SMART-Fake der deine Daten verstecken wollte! Verstecken heißt nicht entfernen aber bleib mal ruhig!

Zitat:

Wie viele Viren waren denn auf meinem PC? Kannst du das einsehen?

Die Anzahl hat keine nennenswerte Relevanz, und ich wüsste auch nicht was dich diese Info weiter bringt bzw. postitiv dazu beiträgt, den Rechner jetzt sauber (sauberer?) zu bekommen...:rolleyes:...deswegen werd ich jetzt auf diese Frage nicht richtig eingehen, nur so viel sei gesagt, dass du die Anzahl infizierter Objekte ja zB in den Malwarebytes Logs siehst :pfeiff:

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

Jami87

14.05.2012 19:14

Also ich wüsste nicht, wieso meine Fragen gleich hysterisch sein sollen?!? Ich musste los, und mich deswegen kurz fassen und zudem interessiert mich das nunmal alles... Ich könnte noch viel mehr Fragen stellen...

Hier das Log von Combofix:

Combofix Logfile:

Code:

ComboFix 12-05-14.03 - Jamie-Anthony 14.05.2012  19:36:00.1.2 - x86

Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.2046.980 [GMT 2:00]

ausgeführt von:: c:\users\Jamie-Anthony\Downloads\ComboFix.exe

AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\install.exe

c:\program files\Dealio Toolbar

c:\program files\Dealio Toolbar\config.ini

c:\program files\Dealio Toolbar\Res\amazon.gif

c:\program files\Dealio Toolbar\Res\apple.gif

c:\program files\Dealio Toolbar\Res\barnes.gif

c:\program files\Dealio Toolbar\Res\bestbuy.gif

c:\program files\Dealio Toolbar\Res\dealio_logo.gif

c:\program files\Dealio Toolbar\Res\dealio_logo_hover.gif

c:\program files\Dealio Toolbar\Res\ebay.gif

c:\program files\Dealio Toolbar\Res\icon_settings.gif

c:\program files\Dealio Toolbar\Res\macys.gif

c:\program files\Dealio Toolbar\Res\newegg.gif

c:\program files\Dealio Toolbar\Res\overstock.gif

c:\program files\Dealio Toolbar\Res\search-button-hover.gif

c:\program files\Dealio Toolbar\Res\search-button.gif

c:\program files\Dealio Toolbar\Res\search-chevron-hover.gif

c:\program files\Dealio Toolbar\Res\search-chevron.gif

c:\program files\Dealio Toolbar\Res\search_amazon.gif

c:\program files\Dealio Toolbar\Res\search_dealio.gif

c:\program files\Dealio Toolbar\Res\search_ebay.gif

c:\program files\Dealio Toolbar\Res\search_yahoo.gif

c:\program files\Dealio Toolbar\Res\separator.gif

c:\program files\Dealio Toolbar\Res\target.gif

c:\program files\Dealio Toolbar\Res\walmart.gif

c:\program files\Dealio Toolbar\Res\widgets.xml

c:\program files\Dealio Toolbar\SearchSettingsKit.exe

c:\program files\Dealio Toolbar\WidgiHelper.exe

c:\programdata\hpeFEE7.dll

c:\programdata\SPL128.tmp

c:\programdata\SPL18FF.tmp

c:\programdata\SPL2466.tmp

c:\programdata\SPL4B84.tmp

c:\programdata\SPL4F10.tmp

c:\programdata\SPL8D16.tmp

c:\programdata\SPL8D27.tmp

c:\programdata\SPLA3D2.tmp

c:\programdata\SPLB03E.tmp

c:\programdata\SPLBE06.tmp

c:\programdata\SPLC34E.tmp

c:\programdata\SPLC4C7.tmp

c:\programdata\SPLC908.tmp

c:\programdata\SPLC928.tmp

c:\programdata\SPLF7DB.tmp

c:\programdata\SPLFF94.tmp

c:\windows\IsUn0407.exe

c:\windows\unin0407.exe

.

.

(((((((((((((((((((((((   Dateien erstellt von 2012-04-14 bis 2012-05-14  ))))))))))))))))))))))))))))))

.

.

2012-05-14 17:49 . 2012-05-14 17:49        --------        d-----w-        c:\users\Jamie-Anthony\AppData\Local\temp

2012-05-14 17:49 . 2012-05-14 17:49        --------        d-----w-        c:\users\Default\AppData\Local\temp

2012-05-14 10:50 . 2012-05-14 10:50        --------        d-----w-        C:\TDSSKiller_Quarantine

2012-05-11 16:04 . 2012-04-13 07:36        6734704        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{FE214091-F5F2-4605-B592-62E76061A936}\mpengine.dll

2012-05-11 16:04 . 2012-03-20 23:28        53120        ----a-w-        c:\windows\system32\drivers\partmgr.sys

2012-05-11 16:04 . 2012-03-30 12:39        905600        ----a-w-        c:\windows\system32\drivers\tcpip.sys

2012-05-11 16:03 . 2012-02-01 15:11        1218048        ----a-w-        c:\program files\Windows Journal\NBDoc.DLL

2012-05-11 16:03 . 2012-02-01 15:10        964608        ----a-w-        c:\program files\Windows Journal\JNWDRV.dll

2012-05-11 16:03 . 2012-02-01 15:10        1404928        ----a-w-        c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll

2012-05-11 16:03 . 2012-02-01 15:10        983040        ----a-w-        c:\program files\Windows Journal\JNTFiltr.dll

2012-05-11 16:03 . 2012-02-01 15:10        936960        ----a-w-        c:\program files\Common Files\Microsoft Shared\ink\journal.dll

2012-05-11 16:03 . 2012-02-01 13:58        47104        ----a-w-        c:\program files\Windows Journal\PDIALOG.exe

2012-05-11 16:03 . 2012-03-01 14:46        219648        ----a-w-        c:\windows\system32\d3d10_1core.dll

2012-05-11 16:03 . 2012-02-29 14:08        1172480        ----a-w-        c:\windows\system32\d3d10warp.dll

2012-05-11 16:03 . 2012-02-29 13:41        1069056        ----a-w-        c:\windows\system32\DWrite.dll

2012-05-11 16:03 . 2012-03-01 14:46        160768        ----a-w-        c:\windows\system32\d3d10_1.dll

2012-05-11 16:03 . 2012-02-29 13:44        683008        ----a-w-        c:\windows\system32\d2d1.dll

2012-05-11 16:02 . 2012-04-03 08:16        3550080        ----a-w-        c:\windows\system32\ntoskrnl.exe

2012-05-11 16:02 . 2012-04-03 08:16        3602816        ----a-w-        c:\windows\system32\ntkrnlpa.exe

2012-05-11 16:02 . 2012-04-02 13:36        2044928        ----a-w-        c:\windows\system32\win32k.sys

2012-05-08 18:50 . 2012-05-08 18:50        --------        d-----w-        c:\program files\ESET

2012-05-07 20:36 . 2012-05-07 20:36        --------        d-----w-        C:\_OTL

2012-05-07 19:04 . 2012-05-07 19:04        --------        d-----w-        c:\users\Jamie-Anthony\AppData\Roaming\Malwarebytes

2012-05-07 18:58 . 2012-05-07 18:58        --------        d-----w-        c:\programdata\Malwarebytes

2012-05-07 18:58 . 2012-05-07 18:58        --------        d-----w-        c:\program files\Malwarebytes' Anti-Malware

2012-05-07 18:58 . 2012-04-04 13:56        22344        ----a-w-        c:\windows\system32\drivers\mbam.sys

2012-05-07 18:48 . 2012-05-07 18:48        --------        d-----w-        c:\program files\Uncompressor

2012-05-07 18:47 . 2012-05-07 18:47        --------        d-----w-        c:\users\Jamie-Anthony\AppData\Local\Babylon

2012-05-07 18:47 . 2012-05-07 18:47        --------        d-----w-        c:\programdata\Babylon

2012-05-04 05:39 . 2012-05-04 05:39        --------        d-----w-        c:\program files\Mozilla Maintenance Service

2012-05-04 05:38 . 2012-05-04 05:38        157352        ----a-w-        c:\program files\Mozilla Firefox\maintenanceservice_installer.exe

2012-05-04 05:38 . 2012-05-04 05:38        129976        ----a-w-        c:\program files\Mozilla Firefox\maintenanceservice.exe

2012-04-26 04:33 . 2012-04-26 04:33        --------        d-----w-        c:\users\Jamie-Anthony\AppData\Roaming\Avira

2012-04-26 04:31 . 2012-05-08 10:04        83392        ----a-w-        c:\windows\system32\drivers\avgntflt.sys

2012-04-26 04:31 . 2012-05-08 10:04        137928        ----a-w-        c:\windows\system32\drivers\avipbb.sys

2012-04-26 04:31 . 2011-09-16 14:08        36000        ----a-w-        c:\windows\system32\drivers\avkmgr.sys

2012-04-26 04:31 . 2012-04-26 04:33        --------        d-----w-        c:\programdata\Avira

2012-04-26 04:31 . 2012-04-26 04:31        --------        d-----w-        c:\program files\Avira

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-03-20 18:57 . 2012-03-20 18:57        25512        ----a-w-        c:\windows\system32\drivers\ggsemc.sys

2012-03-20 18:57 . 2012-03-20 18:57        13224        ----a-w-        c:\windows\system32\drivers\ggflt.sys

2012-03-20 18:57 . 2012-03-20 18:57        1112288        ----a-w-        c:\windows\system32\WdfCoInstaller01007.dll

2012-02-29 15:11 . 2012-04-13 07:36        5120        ----a-w-        c:\windows\system32\wmi.dll

2012-02-29 15:11 . 2012-04-13 07:36        172032        ----a-w-        c:\windows\system32\wintrust.dll

2012-02-29 15:09 . 2012-04-13 07:36        157696        ----a-w-        c:\windows\system32\imagehlp.dll

2012-02-29 13:32 . 2012-04-13 07:36        12800        ----a-w-        c:\windows\system32\drivers\fs_rec.sys

2012-02-28 15:26 . 2012-04-12 18:40        834048        ----a-w-        c:\windows\system32\wininet.dll

2012-02-28 14:21 . 2012-04-12 18:40        389632        ----a-w-        c:\windows\system32\html.iec

2012-02-28 13:56 . 2012-04-12 18:40        1383424        ----a-w-        c:\windows\system32\mshtml.tlb

2012-02-23 08:18 . 2009-10-03 00:27        237072        ------w-        c:\windows\system32\MpSigStub.exe

2012-05-04 05:38 . 2011-12-30 09:40        97208        ----a-w-        c:\program files\mozilla firefox\components\browsercomps.dll

2010-06-26 06:12 . 2008-09-24 18:12        119808        ----a-w-        c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

"Sony PC Companion"="c:\program files\Sony\Sony PC Companion\PCCompanion.exe" [2012-03-14 446136]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2006-11-02 215552]

"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2010-06-07 111928]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]

"lxeamon.exe"="c:\program files\Lexmark S300-S400 Series\lxeamon.exe" [2010-01-18 770728]

"EzPrint"="c:\program files\Lexmark S300-S400 Series\ezprint.exe" [2010-01-18 139944]

"NvSvc"="c:\windows\system32\nvsvc.dll" [2009-05-26 92704]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-05-26 8530464]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-05-26 88608]

"UVS10 Preload"="c:\program files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe" [2006-08-09 36864]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-05-08 348624]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]

.

c:\users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-6-22 739880]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]

2007-07-12 06:33        98304        ----a-w-        c:\windows\System32\VESWinlogon.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GOEC62~1.DLL

.

[HKLM\~\startupfolder\C:^Users^Jamie-Anthony^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk]

path=c:\users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk

backup=c:\windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup

backupExtension=.Startup

.

[HKLM\~\startupfolder\C:^Users^Jamie-Anthony^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Picture Motion Browser Medien-Prüfung.lnk]

path=c:\users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Picture Motion Browser Medien-Prüfung.lnk

backup=c:\windows\pss\Picture Motion Browser Medien-Prüfung.lnk.Startup

backupExtension=.Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]

2007-06-10 00:12        118784        ----a-w-        c:\program files\Apoint\Apoint.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]

2010-06-26 06:12        30192        ----a-w-        c:\program files\Google\Google Desktop Search\GoogleDesktop.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]

2007-01-01 21:22        3739648        ----a-w-        c:\program files\Google\Google Talk\googletalk.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]

2007-06-11 16:27        317560        ----a-w-        c:\program files\Sony\ISB Utility\ISBMgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]

2009-05-08 09:35        2780432        ----a-w-        c:\program files\Logitech\Logitech WebCam Software\LWS.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2007-10-19 18:16        286720        ----a-w-        c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]

2010-06-07 13:32        111928        ----a-r-        c:\program files\SweetIM\Messenger\SweetIM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrayServer]

2007-03-29 09:05        90112        ----a-w-        c:\program files\MAGIX\Video_deluxe_2008_e-version\Trayserver.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs        REG_MULTI_SZ           BthServ

WindowsMobile        REG_MULTI_SZ           wcescomm rapimgr

LocalServiceRestricted        REG_MULTI_SZ           WcesComm RapiMgr

LocalServiceAndNoImpersonation        REG_MULTI_SZ           FontCache

.

Inhalt des "geplante Tasks" Ordners

.

2012-05-14 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-07-20 16:57]

.

2012-05-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-22 11:38]

.

2012-05-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-22 11:38]

.

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = 

mStart Page = 

mLocal Page = 

uInternet Settings,ProxyOverride = <local>

uSearchURL,(Default) = hxxp://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR

IE: &Citavi Picker... - file://c:\program files\Internet Explorer\PLUGINS\Citavi Picker\ShowContextMenu.html

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Free YouTube Download - c:\users\Jamie-Anthony\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll

Trusted Zone: intervideo.com

Trusted Zone: intervideo.com\www

TCP: DhcpNameServer = 192.168.2.1

FF - ProfilePath - c:\users\Jamie-Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\

FF - prefs.js: browser.search.defaulturl - 

FF - prefs.js: browser.search.selectedEngine - 

FF - user.js: yahoo.homepage.dontask - true

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)

HKCU-Run-ALBATTTOOL - c:\program files\AkkuLine.de\AkkuLine Batterie-Tool\AL-Batterie-Tool.exe

MSConfigStartUp-Acrobat Assistant 8 - c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe

MSConfigStartUp-ICQ - ~c:\program files\ICQ7.2\ICQ.exe

MSConfigStartUp-ISTray - c:\program files\Spyware Doctor\pctsTray.exe

MSConfigStartUp-SpybotSD TeaTimer - c:\program files\Spybot - Search & Destroy\TeaTimer.exe

AddRemove-Atlantis - Sky Patrol - c:\big fish games\Atlantis - Sky Patrol\Uninstall.exe

AddRemove-babylon01 - c:\program files\babylon01\uninstall.exe

AddRemove-Big Fish Games Center - c:\big fish games\Uninstall.exe

AddRemove-Big Fish Games Sudoku - c:\big fish games\sudoku\Uninstall.exe

AddRemove-Mahjong Towers Eternity EU - c:\big fish games\Mahjong Towers Eternity EU\Uninstall.exe

AddRemove-Moorhuhn 2 deinstallieren - c:\windows\IsUn0407.exe

AddRemove-Mystery Case Files - Prime Suspects - c:\big fish games\Mystery Case Files - Prime Suspects\Uninstall.exe

AddRemove-NetLCR_is1 - c:\program files\oleco\unins000.exe

AddRemove-Virtual Villagers - c:\big fish games\Virtual Villagers\Uninstall.exe

AddRemove-Wintergames 3 - c:\windows\IsUn0407.exe

AddRemove-{79A765E1-C399-405B-85AF-466F52E918B0} - c:\program files\Ask.com\Updater\Updater.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net

Rootkit scan 2012-05-14 19:49

Windows 6.0.6002 Service Pack 2 NTFS

.

Scanne versteckte Prozesse... 

.

Scanne versteckte Autostarteinträge... 

.

Scanne versteckte Dateien... 

.

Scan erfolgreich abgeschlossen

versteckte Dateien: 0

.

**************************************************************************

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

.

- - - - - - - > 'Explorer.exe'(4152)

c:\windows\system32\btmmhook.dll

.

Zeit der Fertigstellung: 2012-05-14  20:00:13

ComboFix-quarantined-files.txt  2012-05-14 18:00

.

Vor Suchlauf: 22 Verzeichnis(se), 25.106.944.000 Bytes frei

Nach Suchlauf: 27 Verzeichnis(se), 24.765.710.336 Bytes frei

.

- - End Of File - - E52114DBE35EF5845B997E7D9E32EB8E

--- --- ---

[/Code]

cosinus

14.05.2012 19:19

Zitat:

Also ich wüsste nicht, wieso meine Fragen gleich hysterisch sein sollen?!?

Ja, das war die falsche Wortwahl, deswegen hab ich ja auch mein Posting editiert wie du siehst :pfeiff:

Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte

aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS-Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

Jami87

14.05.2012 20:56

Also hier erstmal das von GMER... Den Rest mach ich morgen...

[Code]
GMER Logfile:

Code:

GMER 1.0.15.15641 - hxxp://www.gmer.net

Rootkit scan 2012-05-14 21:54:03

Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 FUJITSU_ rev.0000

Running: ebkv5jlg.exe; Driver: C:\Users\JAMIE-~1\AppData\Local\Temp\fwtdipob.sys
 
 

---- System - GMER 1.0.15 ----
 

SSDT            907045D6                                                                                                 ZwCreateSection

SSDT            907045E0                                                                                                 ZwRequestWaitReplyPort

SSDT            907045DB                                                                                                 ZwSetContextThread

SSDT            907045E5                                                                                                 ZwSetSecurityObject

SSDT            907045EA                                                                                                 ZwSystemDebugControl

SSDT            90704577                                                                                                 ZwTerminateProcess
 

---- Kernel code sections - GMER 1.0.15 ----
 

.text           ntkrnlpa.exe!KeSetEvent + 215                                                                            83EF58D8 4 Bytes  [D6, 45, 70, 90] {SALC ; INC EBP; JO 0xffffffffffffff94}

.text           ntkrnlpa.exe!KeSetEvent + 539                                                                            83EF5BFC 4 Bytes  [E0, 45, 70, 90] {LOOPNZ 0x47; JO 0xffffffffffffff94}

.text           ntkrnlpa.exe!KeSetEvent + 56D                                                                            83EF5C30 4 Bytes  [DB, 45, 70, 90] {FILD DWORD [EBP+0x70]; NOP }

.text           ntkrnlpa.exe!KeSetEvent + 5D1                                                                            83EF5C94 4 Bytes  [E5, 45, 70, 90] {IN EAX, 0x45; JO 0xffffffffffffff94}

.text           ntkrnlpa.exe!KeSetEvent + 619                                                                            83EF5CDC 4 Bytes  [EA, 45, 70, 90]

.text           ...                                                                                                      

.text           C:\Windows\system32\DRIVERS\nvlddmkm.sys                                                                 section is writeable [0x8DA04340, 0x39C277, 0xE8000020]

?               C:\Windows\system32\Drivers\PROCEXP113.SYS                                                               Das System kann die angegebene Datei nicht finden. !

?               C:\Users\JAMIE-~1\AppData\Local\Temp\catchme.sys                                                         Das System kann die angegebene Datei nicht finden. !
 

---- User code sections - GMER 1.0.15 ----
 

.text           C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe[2828] USER32.dll!InSendMessageEx + 4C9           75A4E7C8 7 Bytes  JMP 10053940 C:\Program Files\Sony\Sony PC Companion\NewUI.dll (New UI/Avanquest Software)

.text           C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe[2828] USER32.dll!CreateIconFromResourceEx + 340  75A50E45 7 Bytes  JMP 100537F0 C:\Program Files\Sony\Sony PC Companion\NewUI.dll (New UI/Avanquest Software)

.text           C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe[2828] USER32.dll!DdeQueryStringW + 5CE           75A6FA2D 7 Bytes  JMP 10053920 C:\Program Files\Sony\Sony PC Companion\NewUI.dll (New UI/Avanquest Software)

.text           C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe[2828] USER32.dll!MessageBoxIndirectA + F5        75A9D5CE 7 Bytes  JMP 10053990 C:\Program Files\Sony\Sony PC Companion\NewUI.dll (New UI/Avanquest Software)

.text           C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe[2828] USER32.dll!MessageBoxIndirectW + 61        75A9D634 7 Bytes  JMP 10053A60 C:\Program Files\Sony\Sony PC Companion\NewUI.dll (New UI/Avanquest Software)

.text           C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe[2828] USER32.dll!MessageBoxExA + 1F              75A9D658 7 Bytes  JMP 10053A10 C:\Program Files\Sony\Sony PC Companion\NewUI.dll (New UI/Avanquest Software)
 

---- Devices - GMER 1.0.15 ----
 

AttachedDevice  \Driver\volsnap \Device\HarddiskVolumeShadowCopy1                                                        NBVolUp.sys (Nero Backup Volume Upper Filter Driver for the Disk Stack/Nero AG)

AttachedDevice  \Driver\volsnap \Device\HarddiskVolumeShadowCopy2                                                        NBVolUp.sys (Nero Backup Volume Upper Filter Driver for the Disk Stack/Nero AG)

AttachedDevice  \Driver\volsnap \Device\HarddiskVolumeShadowCopy3                                                        NBVolUp.sys (Nero Backup Volume Upper Filter Driver for the Disk Stack/Nero AG)

AttachedDevice  \Driver\volsnap \Device\HarddiskVolumeShadowCopy4                                                        NBVolUp.sys (Nero Backup Volume Upper Filter Driver for the Disk Stack/Nero AG)

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume1                                                                   NBVol.sys (Nero Backup Volume Filter Driver for the Disk Stack/Nero AG)

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume2                                                                   NBVol.sys (Nero Backup Volume Filter Driver for the Disk Stack/Nero AG)

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume3                                                                   NBVol.sys (Nero Backup Volume Filter Driver for the Disk Stack/Nero AG)

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume4                                                                   NBVol.sys (Nero Backup Volume Filter Driver for the Disk Stack/Nero AG)
 

---- Registry - GMER 1.0.15 ----
 

Reg             HKLM\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\0019c1ea12d4 (not active ControlSet)          

Reg             HKLM\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\001bfb1b0716 (not active ControlSet)          

Reg             HKLM\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\001bfb8cb00a (not active ControlSet)          

Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0019c1ea12d4                              

Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001bfb1b0716                              

Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001bfb8cb00a                              

Reg             HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\0019c1ea12d4 (not active ControlSet)          

Reg             HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001bfb1b0716 (not active ControlSet)          

Reg             HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001bfb8cb00a (not active ControlSet)          
 

---- Files - GMER 1.0.15 ----
 

File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS07D19.log                                   131072 bytes

File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS07D1A.log                                   131072 bytes

File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS07D1B.log                                   131072 bytes

File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS07D1C.log                                   131072 bytes

File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS07D1D.log                                   131072 bytes

File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS07D1E.log                                   131072 bytes

File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS07D1F.log                                   131072 bytes

File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS07D20.log                                   131072 bytes

File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS07D21.log                                   131072 bytes

File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS07D22.log                                   131072 bytes
 

---- EOF - GMER 1.0.15 ----

--- --- ---

So,
nun noch die Datei von Osam - bin mir aber sehr unsicher, ob ich das richtig gemacht habe?!? (Weil es so kurz war?)

Code:

eport of OSAM: Autorun Manager v5.0.11926.0

hxxp://www.online-solutions.ru/en/

Saved at 07:31:03 on 15.05.2012
 

OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit

Default Browser: Mozilla Corporation Firefox 12.0
 

Scanner Settings

[x] Rootkits detection (hidden registry)

[x] Rootkits detection (hidden files)

[x] Retrieve files information

[x] Check Microsoft signatures
 

Filters

[ ] Trusted entries

[ ] Empty entries

[x] Hidden registry entries (rootkit activity)

[x] Exclusively opened files

[x] Not found files

[x] Files without detailed information

[x] Existing files

[ ] Non-startable services

[ ] Non-startable drivers

[x] Active entries

[x] Disabled entries
 
 

[AppInit DLLs]

-----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )-----

"AppInit_DLLs" - "Google" - C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
 

[Common]

-----( %SystemRoot%\Tasks )-----

"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe

"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe

"Google Software Updater.job" - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
 

[Control Panel Objects]

-----( %SystemRoot%\system32 )-----

"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----

"Adobe Gamma" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma.cpl

"BIPanel" - "Thomas Michel" - C:\Program Files\BatteryInfo\Suite\BIPanel.cpl

"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl
 

[Drivers]

-----( HKLM\SYSTEM\CurrentControlSet\Services )-----

"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys

"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys

"avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys

"catchme" (catchme) - ? - C:\Users\JAMIE-~1\AppData\Local\Temp\catchme.sys  (File not found)

"dlkmd" (dlkmd) - "DisplayLink Corp." - C:\Windows\system32\drivers\dlkmd.sys

"dlkmdldr" (dlkmdldr) - "DisplayLink Corp." - C:\Windows\System32\drivers\dlkmdldr.sys

"dsltestSp5 NDIS Protocol Driver" (dsltestSp5) - ? - C:\Windows\System32\Drivers\dsltestSp5.sys  (File not found)

"GearAspiWDM" (GEARAspiWDM) - "GEAR Software Inc." - C:\Windows\System32\Drivers\GEARAspiWDM.sys

"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)

"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)

"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)

"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys

"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\Windows\System32\Drivers\PxHelp20.sys

"regi" (regi) - "InterVideo" - C:\Windows\System32\drivers\regi.sys

"Sony DMI Call service" (DMICall) - "Sony Corporation" - C:\Windows\System32\DRIVERS\DMICall.sys

"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys

"WimFltr" (WimFltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\wimfltr.sys
 

[Explorer]

-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----

{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll

{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll

-----( HKLM\Software\Classes\Protocols\Filter )-----

{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

-----( HKLM\Software\Classes\Protocols\Handler )-----

{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll

{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----

{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -   (File not found | COM-object registry key not found)

{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll

{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)

{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)

{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -   (File not found | COM-object registry key not found)

{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -   (File not found | COM-object registry key not found)

{00020d75-0000-0000-c000-000000000046} "lnkfile" - ? -   (File not found | COM-object registry key not found)

{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll

{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll

{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL

{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll

{7842554E-6BED-11D2-8CDB-B05550C10000} "Monitor Class" - "Broadcom Corporation." - C:\Windows\system32\btncopy.dll

{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll

{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll

{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll

{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll

{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)

{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)

{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll

{ED58A35B-B554-42AF-A26C-6F3D424200D3} "SPMPanel" - "Sony Corporation" - C:\Program Files\Sony\VAIO Power Management\SPMPanel.dll

{DBD8E168-244D-448C-9922-25508950D1DC} "USIShellExt Class" - "Ulead Systems, Inc." - C:\Program Files\Common Files\Ulead Systems\DVD\USIShex.dll

{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -   (File not found | COM-object registry key not found)

{75E6139C-7EC4-11D5-8D0F-A07CD97BF970} "WMAExt Class" - ? - C:\Program Files\LitexMedia\All To WMA Converter\WMAShellExt.dll
 

[Internet Explorer]

-----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----

"eBay DE" - ? - C:\Program Files\Supreme Auction\ebay_de.url

"eBay UK" - ? - C:\Program Files\Supreme Auction\ebay_uk.url

"eBay US" - ? - C:\Program Files\Supreme Auction\ebay_us.url

"Supreme Auction" - "Supreme NewMedia GmbH" - C:\Program Files\Supreme Auction\SupremeAuctionOnline.exe

-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----

<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)

-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----

{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_30" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} "Java Plug-in 1.6.0_30" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_30" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_30.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

{00000161-9980-0010-8000-00AA00389B71} "{00000161-9980-0010-8000-00AA00389B71}" - ? -   (File not found | COM-object registry key not found) / hxxp://codecs.microsoft.com/codecs/i386/msaud.cab

{33564D57-9980-0010-8000-00AA00389B71} "{33564D57-9980-0010-8000-00AA00389B71}" - ? -   (File not found | COM-object registry key not found) / hxxp://download.microsoft.com/download/D/0/D/D0DD87DA-994F-4334-8B55-AF2E4D98ED0C/wmv9dmo.cab

-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----

"@btrez.dll,-4015" - ? - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----

{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

{CA6319C0-31B7-401E-A518-A07C3DB8F777} "CBrowserHelperObject Object" - "Your Company Name" - C:\PROGRA~1\GOOGLE~1\BAE.dll

{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\ssv.dll

{D2C5E510-BE6D-42CC-9F61-E4F939078474} "Lexmark " - ? - C:\Program Files\Lexmark Printable Web\bho.dll

{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 

[Logon]

-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----

"desktop.ini" - ? - C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

"OpenOffice.org 3.2.lnk" - ? - C:\Program Files\OpenOffice.org 3\program\quickstart.exe  (Shortcut exists | File found, but it contains no detailed information | File exists)

-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----

"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

"BTTray.lnk" - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe  (Shortcut exists | File exists)

-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----

"Sony PC Companion" - "Sony" - "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background

-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----

"StartupPrograms" - ? - rdpclip  (File not found)

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----

"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

"EzPrint" - ? - "C:\Program Files\Lexmark S300-S400 Series\ezprint.exe"

"lxeamon.exe" - ? - "C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe"

"Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"SweetIM" - "SweetIM Technologies Ltd." - C:\Program Files\SweetIM\Messenger\SweetIM.exe

"UVS10 Preload" - "Ulead Systems, Inc." - C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe
 

[Print Monitors]

-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----

"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll
 

[Services]

-----( HKLM\SYSTEM\CurrentControlSet\Services )-----

"@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

"Adobe Active File Monitor V5" (AdobeActiveFileMonitor5.0) - ? - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe  (File found, but it contains no detailed information)

"Avira Browser Schutz" (AntiVirWebService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE

"Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

"Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe

"DisplayLink Service" (DisplayLinkService) - "DisplayLink Corp." - C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe

"Freemake Improver" (Freemake Improver) - "Freemake" - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

"Google Software Updater" (gusvc) - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

"Google Update Service (gupdate1ca0ac0f00c0a80)" (gupdate1ca0ac0f00c0a80) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe

"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe

"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

"Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

"MSCSPTISRV" (MSCSPTISRV) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe

"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

"Process Monitor" (LVPrcSrv) - "Logitech Inc." - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

"Sony PC Companion" (Sony PC Companion) - "Avanquest Software" - C:\Program Files\Sony\Sony PC Companion\PCCService.exe

"Sony SPTI Service" (SPTISRV) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

"Symantec Lic NetConnect service" (CLTNetCnService) - ? - "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon  (File not found)

"Ulead Burning Helper" (UleadBurningHelper) - "Ulead Systems, Inc." - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

"VAIO Content Metadata Intelligent Analyzing Manager" (VcmIAlzMgr) - "Sony Corporation" - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

"VAIO Content Metadata XML Interface" (VcmXmlIfHelper) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe

"VAIO Entertainment Database Service" (VzCdbSvc) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

"VAIO Entertainment File Import Service" (VzFw) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

"VAIO Entertainment TV Device Arbitration Service" (VAIO Entertainment TV Device Arbitration Service) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

"VAIO Entertainment UPnP Client Adapter" (Vcsw) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

"VAIO Event Service" (VAIO Event Service) - "Sony Corporation" - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

"VAIO Media Content Collection" (VAIOMediaPlatform-UCLS-AppServer) - "Sony Corporation" - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe

"VAIO Media Content Collection (HTTP)" (VAIOMediaPlatform-UCLS-HTTP) - "Sony Corporation" - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe

"VAIO Media Content Collection (UPnP)" (VAIOMediaPlatform-UCLS-UPnP) - "Sony Corporation" - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

"VAIO Media Gateway Server" (VAIOMediaPlatform-Mobile-Gateway) - "Sony Corporation" - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe

"VAIO Media Integrated Server" (VAIOMediaPlatform-IntegratedServer-AppServer) - "Sony Corporation" - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe

"VAIO Media Integrated Server (HTTP)" (VAIOMediaPlatform-IntegratedServer-HTTP) - "Sony Corporation" - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe

"VAIO Media Integrated Server (UPnP)" (VAIOMediaPlatform-IntegratedServer-UPnP) - "Sony Corporation" - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
 

[Winlogon]

-----( HKCU\Control Panel\Desktop )-----

"SCRNSAVE.EXE" - "Sony Corporation" - C:\Windows\system32\vaiomov.scr

-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----

"VESWinlogon" - "Sony Corporation" - C:\Windows\system32\VESWinlogon.dll
 

[Winsock Providers]

-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )-----

"AVSDA" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avsda.dll
 

===[ Logfile end ]=========================================[ Logfile end ]===
 

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

SO, und nun noch das von aswMBR:

Code:

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software

Run date: 2012-05-15 07:35:18

-----------------------------

07:35:18.064    OS Version: Windows 6.0.6002 Service Pack 2

07:35:18.065    Number of processors: 2 586 0xF0D

07:35:18.066    ComputerName: TEDDYBÄR  UserName: 

07:35:50.486    Initialize success

07:55:23.136    AVAST engine defs: 12051401

08:06:34.778    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0

08:06:34.794    Disk 0 Vendor: FUJITSU_ 0000 Size: 190782MB BusType: 3

08:06:34.794    Disk 1  \Device\Harddisk1\DR1 -> \Device\00000072

08:06:34.794    Disk 1 Vendor: (  Size: 190782MB BusType: 0

08:06:34.794    Disk 2  \Device\Harddisk2\DR2 -> \Device\00000073

08:06:34.809    Disk 2 Vendor: (  Size: 190782MB BusType: 0

08:06:34.825    Disk 0 MBR read successfully

08:06:34.825    Disk 0 MBR scan

08:06:34.841    Disk 0 Windows VISTA default MBR code

08:06:34.856    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        10307 MB offset 2048

08:06:34.903    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       180473 MB offset 21110784

08:06:34.919    Disk 0 scanning sectors +390719920

08:06:35.043    Disk 0 scanning C:\Windows\system32\drivers

08:06:57.351    Service scanning

08:07:37.147    Modules scanning

08:07:58.441    Disk 0 trace - called modules:

08:07:58.457    ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys 

08:07:58.472    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x875300d8]

08:07:58.472    3 CLASSPNP.SYS[8a1ba8b3] -> nt!IofCallDriver -> [0x86f23840]

08:07:58.488    5 acpi.sys[898996bc] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x86a1a030]

08:08:00.750    AVAST engine scan C:\Windows

08:08:09.174    AVAST engine scan C:\Windows\system32

08:14:34.322    AVAST engine scan C:\Windows\system32\drivers

08:14:58.923    AVAST engine scan C:\Users\Jamie-Anthony

08:20:56.657    Disk 0 MBR has been saved successfully to "C:\Users\Jamie-Anthony\Desktop\MBR.dat"

08:20:56.673    The log file has been saved successfully to "C:\Users\Jamie-Anthony\Desktop\aswMBR.txt"

Ich glaube das letzte ist nicht vollständig, oder?
Ich mache es dann später nochmal...

cosinus

15.05.2012 08:52

Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

Jami87

15.05.2012 16:02

Das von aswMBR2 scheint doch gereicht zu haben, oder?

Da ich es aber nochmal komplett durchlaufen lassen habe, hier zur Sicherheit nochmal:

Code:

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software

Run date: 2012-05-15 16:25:07

-----------------------------

16:25:07.782    OS Version: Windows 6.0.6002 Service Pack 2

16:25:07.782    Number of processors: 2 586 0xF0D

16:25:07.782    ComputerName: TEDDYBÄR  UserName: 

16:25:10.840    Initialize success

16:25:18.609    AVAST engine defs: 12051401

16:25:21.807    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0

16:25:21.807    Disk 0 Vendor: FUJITSU_ 0000 Size: 190782MB BusType: 3

16:25:21.807    Disk 1  \Device\Harddisk1\DR1 -> \Device\00000072

16:25:21.807    Disk 1 Vendor: (  Size: 190782MB BusType: 0

16:25:21.822    Disk 2  \Device\Harddisk2\DR2 -> \Device\00000073

16:25:21.822    Disk 2 Vendor: (  Size: 190782MB BusType: 0

16:25:21.854    Disk 0 MBR read successfully

16:25:21.869    Disk 0 MBR scan

16:25:21.885    Disk 0 Windows VISTA default MBR code

16:25:21.947    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        10307 MB offset 2048

16:25:21.963    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       180473 MB offset 21110784

16:25:21.978    Disk 0 scanning sectors +390719920

16:25:22.103    Disk 0 scanning C:\Windows\system32\drivers

16:25:38.421    Service scanning

16:26:13.458    Modules scanning

16:26:38.496    Disk 0 trace - called modules:

16:26:38.528    ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys 

16:26:38.528    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8752fac8]

16:26:38.543    3 CLASSPNP.SYS[8a1bf8b3] -> nt!IofCallDriver -> [0x86f23840]

16:26:38.543    5 acpi.sys[898956bc] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x86a1a030]

16:26:39.682    AVAST engine scan C:\Windows

16:26:44.424    AVAST engine scan C:\Windows\system32

16:31:06.660    AVAST engine scan C:\Windows\system32\drivers

16:31:25.474    AVAST engine scan C:\Users\Jamie-Anthony

16:49:27.552    AVAST engine scan C:\ProgramData

16:58:51.321    Scan finished successfully

16:59:43.175    Disk 0 MBR has been saved successfully to "C:\Users\Jamie-Anthony\Desktop\MBR.dat"

16:59:43.191    The log file has been saved successfully to "C:\Users\Jamie-Anthony\Desktop\aswMBR2.txt"

Code:

Malwarebytes Anti-Malware (Test) 1.61.0.1400

www.malwarebytes.org
 

Datenbank Version: v2012.05.15.01
 

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 7.0.6002.18005

Jamie-Anthony :: TEDDYBÄR [Administrator]
 

Schutz: Aktiviert
 

15.05.2012 18:05:08

mbam-log-2012-05-15 (18-05-08).txt
 

Art des Suchlaufs: Vollständiger Suchlauf

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 408770

Laufzeit: 1 Stunde(n), 43 Minute(n), 52 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 0

(Keine bösartigen Objekte gefunden)
 

(Ende)

cosinus

15.05.2012 20:05

Das sind ja auch Kontrollscans. Das Log von SASW fehlt noch

Jami87

15.05.2012 22:06

Ja, das von AntiSpyware war da noch nicht so weit...
Da kamen nun so viele Funde heraus?

Hier die Log:

Code:

SUPERAntiSpyware Scan Log

hxxp://www.superantispyware.com
 

Generated 05/15/2012 at 11:02 PM
 

Application Version : 5.0.1148
 

Core Rules Database Version : 8598

Trace Rules Database Version: 6410
 

Scan type       : Complete Scan

Total Scan Time : 02:07:47
 

Operating System Information

Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)

UAC On - Limited User (Administrator User)
 

Memory items scanned      : 867

Memory threats detected   : 0

Registry items scanned    : 37107

Registry threats detected : 0

File items scanned        : 240452

File threats detected     : 257
 

Adware.Tracking Cookie

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\jamie-anthony@adviva[1].txt [ /adviva ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\jamie-anthony@imrworldwide[2].txt [ /imrworldwide ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\jamie-anthony@microsoftwllivemkt.112.2o7[1].txt [ /microsoftwllivemkt.112.2o7 ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\jamie-anthony@questionmarket[2].txt [ /questionmarket ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\jamie-anthony@vdwp.solution.weborama[2].txt [ /vdwp.solution.weborama ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\jamie-anthony@weborama[1].txt [ /weborama ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\jamie-anthony@www.windowsmedia[2].txt [ /www.windowsmedia ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\NSAD73O0.txt [ /bs.serving-sys.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\LKO2Q2G3.txt [ /revsci.net ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\W50O9LEW.txt [ /www.googleadservices.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\S1I0BAJL.txt [ /adfarm1.adition.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\T6GPWEBL.txt [ /ad.ad-srv.net ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\YAC2I00I.txt [ /guj.122.2o7.net ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\INV1G8NH.txt [ /amazon-adsystem.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\VH2SQW7N.txt [ /zanox-affiliate.de ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\9PGBGXW1.txt [ /advertising.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\LCZFM1SP.txt [ /urbia.wwe-media.de ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\T8CAO793.txt [ /xiti.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\ZG5KOKGZ.txt [ /ad1.adfarm1.adition.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\0GGUX87M.txt [ /atdmt.combing.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\8F85M4W1.txt [ /hightraffic.hugoboss.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\MP4I1T3J.txt [ /adtech.de ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\KJHJLN7U.txt [ /ad.yieldmanager.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\5OIKTNMI.txt [ /smartadserver.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\9I85TN7J.txt [ /ads.creative-serving.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\F0EZ39WD.txt [ /adserver1.mokono.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\GEDA97BV.txt [ /ad1.emediate.dk ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\AJ1ZZGZW.txt [ /s1.trafficmaxx.de ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\WUKQ3BTT.txt [ /ads.quartermedia.de ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\IFNFB0MO.txt [ /ad3.adfarm1.adition.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\FYUE17QT.txt [ /ad.zanox.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\3U73MDUE.txt [ /atdmt.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\9S67B7AD.txt [ /serving-sys.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\2MYGRDD9.txt [ /statse.webtrendslive.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\KYXWZD90.txt [ /ww251.smartadserver.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\7K7LBKE3.txt [ /statcounter.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\3ULZENEP.txt [ /tradedoubler.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\B49UT3FU.txt [ /www.etracker.de ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\E9EOLPU5.txt [ /im.banner.t-online.de ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\MJJ3GSRF.txt [ /ad2.adfarm1.adition.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\UEHO0DKW.txt [ /webmasterplan.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\H04Y22Y8.txt [ /accounts.google.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\KCTV16VE.txt [ /c.atdmt.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\W1K8I3K8.txt [ /insightexpressai.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\AFXIHZSS.txt [ /tracking.quisma.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\XD80RA62.txt [ /2o7.net ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\GAO6VIB8.txt [ /stepstone.112.2o7.net ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\DUX8KD3G.txt [ /adform.net ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\IUQAF7WI.txt [ /s4.trafficmaxx.de ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\AFE0DWPE.txt [ /delivery.atkmedia.de ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\6PJAO8CP.txt [ /ad4.adfarm1.adition.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\W65I6CBP.txt [ /eas.apm.emediate.eu ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\OKQU1OM3.txt [ /www.googleadservices.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\CLXUWW0W.txt [ /invitemedia.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\NOMYGM8R.txt [ /secmedia.de ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\8TZ06P60.txt [ /deutschepostag.112.2o7.net ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\B6EBGSLQ.txt [ /doubleclick.net ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\6QOYIRRU.txt [ /www.active-tracking.de ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\QPMV4HKY.txt [ /remedia.at ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\5IWMXN0M.txt [ /mediaplex.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\701BN2T0.txt [ /ad.360yield.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\60YL9Q1O.txt [ /adx.chip.de ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\NQ5OJQ0C.txt [ /adbrite.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\Q2P97KHX.txt [ /track.effiliation.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\I64ZR92V.txt [ /track.effiliation.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\0H3P6GNG.txt [ /track.adform.net ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\XSIW1G1L.txt [ /apmebf.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\XB86QCMI.txt [ /specificclick.net ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\UROAGB29.txt [ /ad.dyntracker.de ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\8XEBM4QQ.txt [ /stats.paypal.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\HBX5EAQL.txt [ /media.gan-online.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\QEL2XNQ2.txt [ /clickfuse.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\2B0FMZWC.txt [ /fastclick.net ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\O4PO2QZK.txt [ /adserver.plus.ag ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\07QDC8P8.txt [ /www.burstnet.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\RONZE5BO.txt [ /e-2dj6aelywpdjaao.stats.esomniture.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\XSSWGD2G.txt [ /ad.dyntracker.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\4ME62C0Y.txt [ /studivz.adfarm1.adition.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\8U2J23TK.txt [ /unister-adservices.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\6QDQNT7M.txt [ /tracking.klicktel.de ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\FPYMG18M.txt [ /ads.miomedi.de ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\QBC8QF3T.txt [ /tracking.hrs.de ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\8XRLXKYY.txt [ /ad.adnet.de ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\VR2JYUH6.txt [ /go.dynamic-tracking.de ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\XL594JXB.txt [ /count.asnetworks.de ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\K1M37VXP.txt [ /e-2dj6wjlikhdzocp.stats.esomniture.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\RBPDS6GM.txt [ /banner.testberichte.de ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\OLLXKS3O.txt [ /de.sitestat.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\JIEOXMUK.txt [ /e-2dj6wjlogndzmlp.stats.esomniture.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\ATJU2JVC.txt [ /tracking.fastbooking.net ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\8PGSZASH.txt [ /partners.webmasterplan.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\2AXXZFYP.txt [ /tracking.mindshare.de ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\AA42EMN2.txt [ /ads.if-20.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\JZ1L8FAW.txt [ /www.remedia.at ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\55QU6CGB.txt [ /aok.122.2o7.net ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\964ZX4LN.txt [ /ad.beepworld.de ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\LDAZOJG6.txt [ /counters.gigya.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\K8A5BUMP.txt [ /paypal.112.2o7.net ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\MPR6Q5CI.txt [ /e-2dj6wdlysgazceo.stats.esomniture.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\IYV12AB4.txt [ /legolas-media.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\9W9FVMQC.txt [ /traffictrack.de ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\I81XJGG1.txt [ /dyntracker.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\G40NS7SL.txt [ /eas4.emediate.eu ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\G8O13PMH.txt [ /zanox.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\YFIM98XB.txt [ /libri.112.2o7.net ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\STRWBC7N.txt [ /www.ad-track.de ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\FFF0KNNB.txt [ /ad.adc-serv.net ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\ULZ0DECA.txt [ /adserv.chirurgie-portal.de ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\B3T75U26.txt [ /clicks.pangora.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\2GW86AX9.txt [ /www.googleadservices.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\CY1K3RES.txt [ /www.zanox-affiliate.de ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\Q0ET3LEN.txt [ /tracking.klicktel.de ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\55YLV08K.txt [ /overture.com ]

        C:\Users\Jamie-Anthony\AppData\Roaming\Microsoft\Windows\Cookies\WNISAAF8.txt [ /ads.undertone.com ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\XBV96F3N.txt [ Cookie:jamie-anthony@rw.motorpresse-statistik.de/track/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\SFX3B019.txt [ Cookie:jamie-anthony@bs.serving-sys.com/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\V8LD7Y29.txt [ Cookie:jamie-anthony@revsci.net/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\YBPH31WR.txt [ Cookie:jamie-anthony@adfarm1.adition.com/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\L2CDRHL5.txt [ Cookie:jamie-anthony@m1.webstats.motigo.com/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\1DZEKHFS.txt [ Cookie:jamie-anthony@fastclick.net/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\KA8BA0L6.txt [ Cookie:jamie-anthony@eyewonder.com/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\I9PSLF2R.txt [ Cookie:jamie-anthony@amazon-adsystem.com/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\2B8A1RD8.txt [ Cookie:jamie-anthony@tracking.mlsat02.de/tmobile/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\LT5TD8QF.txt [ Cookie:jamie-anthony@imrworldwide.com/cgi-bin ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\E4TFZBU4.txt [ Cookie:jamie-anthony@ad1.adfarm1.adition.com/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\4U3ROJOG.txt [ Cookie:jamie-anthony@ad.yieldmanager.com/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\NELA68E1.txt [ Cookie:jamie-anthony@smartadserver.com/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\F3R6ULGP.txt [ Cookie:jamie-anthony@adtech.de/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\YBDV9TS2.txt [ Cookie:jamie-anthony@komtrack.com/tr/993550 ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\CYAV9N6Q.txt [ Cookie:jamie-anthony@lfstmedia.com/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\QPQDYMGG.txt [ Cookie:jamie-anthony@ads.quartermedia.de/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\ITHS09OV.txt [ Cookie:jamie-anthony@ad3.adfarm1.adition.com/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\NXHBO3WZ.txt [ Cookie:jamie-anthony@content.yieldmanager.com/ak/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\XMI3YGJB.txt [ Cookie:jamie-anthony@serving-sys.com/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\AB1QG9F9.txt [ Cookie:jamie-anthony@ww251.smartadserver.com/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\JL86VYFO.txt [ Cookie:jamie-anthony@tradedoubler.com/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\PGEBBCMO.txt [ Cookie:jamie-anthony@www.etracker.de/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\JA1WKP7W.txt [ Cookie:jamie-anthony@im.banner.t-online.de/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\1RBIO27D.txt [ Cookie:jamie-anthony@ad2.adfarm1.adition.com/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\DQ2YF9Z2.txt [ Cookie:jamie-anthony@webmasterplan.com/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\KPQKKMTG.txt [ Cookie:jamie-anthony@komtrack.com/tr ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\YNVKN87F.txt [ Cookie:jamie-anthony@komtrack.com/tr/400038 ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\0NU34IGE.txt [ Cookie:jamie-anthony@ad4.adfarm1.adition.com/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\0UJFMXQV.txt [ Cookie:jamie-anthony@de.sitestat.com/titus/de/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\I3D529ZU.txt [ Cookie:jamie-anthony@questionmarket.com/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\58VY5RXE.txt [ Cookie:jamie-anthony@invitemedia.com/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y6G13HOB.txt [ Cookie:jamie-anthony@a.revenuemax.de/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\DF86IMML.txt [ Cookie:jamie-anthony@de.sitestat.com/sportscheck/shop-de/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\D97LS3NZ.txt [ Cookie:jamie-anthony@adx.chip.de/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\9N3KWK39.txt [ Cookie:jamie-anthony@adbrite.com/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\4JDK87H3.txt [ Cookie:jamie-anthony@zanox.com/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\JME22YYH.txt [ Cookie:jamie-anthony@apmebf.com/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\9OF14JSR.txt [ Cookie:jamie-anthony@specificclick.net/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\XJYWM5UX.txt [ Cookie:jamie-anthony@112.2o7.net/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\YVWXRV6V.txt [ Cookie:jamie-anthony@ad.zanox.com/ ]

        C:\USERS\JAMIE-ANTHONY\AppData\Roaming\Microsoft\Windows\Cookies\Low\HMHHTK31.txt [ Cookie:jamie-anthony@dyntracker.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\NSAD73O0.txt [ Cookie:jamie-anthony@bs.serving-sys.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\LKO2Q2G3.txt [ Cookie:jamie-anthony@revsci.net/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\S1I0BAJL.txt [ Cookie:jamie-anthony@adfarm1.adition.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\YAC2I00I.txt [ Cookie:jamie-anthony@guj.122.2o7.net/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\INV1G8NH.txt [ Cookie:jamie-anthony@amazon-adsystem.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\VH2SQW7N.txt [ Cookie:jamie-anthony@zanox-affiliate.de/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\jamie-anthony@imrworldwide[2].txt [ Cookie:jamie-anthony@imrworldwide.com/cgi-bin ]

        C:\USERS\JAMIE-ANTHONY\Cookies\LCZFM1SP.txt [ Cookie:jamie-anthony@urbia.wwe-media.de/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\ZG5KOKGZ.txt [ Cookie:jamie-anthony@ad1.adfarm1.adition.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\0GGUX87M.txt [ Cookie:jamie-anthony@atdmt.combing.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\8F85M4W1.txt [ Cookie:jamie-anthony@hightraffic.hugoboss.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\MP4I1T3J.txt [ Cookie:jamie-anthony@adtech.de/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\KJHJLN7U.txt [ Cookie:jamie-anthony@ad.yieldmanager.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\5OIKTNMI.txt [ Cookie:jamie-anthony@smartadserver.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\F0EZ39WD.txt [ Cookie:jamie-anthony@adserver1.mokono.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\GEDA97BV.txt [ Cookie:jamie-anthony@ad1.emediate.dk/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\WUKQ3BTT.txt [ Cookie:jamie-anthony@ads.quartermedia.de/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\IFNFB0MO.txt [ Cookie:jamie-anthony@ad3.adfarm1.adition.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\FYUE17QT.txt [ Cookie:jamie-anthony@ad.zanox.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\9S67B7AD.txt [ Cookie:jamie-anthony@serving-sys.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\jamie-anthony@vdwp.solution.weborama[2].txt [ Cookie:jamie-anthony@vdwp.solution.weborama.fr/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\2MYGRDD9.txt [ Cookie:jamie-anthony@statse.webtrendslive.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\KYXWZD90.txt [ Cookie:jamie-anthony@ww251.smartadserver.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\3ULZENEP.txt [ Cookie:jamie-anthony@tradedoubler.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\B49UT3FU.txt [ Cookie:jamie-anthony@www.etracker.de/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\E9EOLPU5.txt [ Cookie:jamie-anthony@im.banner.t-online.de/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\MJJ3GSRF.txt [ Cookie:jamie-anthony@ad2.adfarm1.adition.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\UEHO0DKW.txt [ Cookie:jamie-anthony@webmasterplan.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\KCTV16VE.txt [ Cookie:jamie-anthony@c.atdmt.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\W1K8I3K8.txt [ Cookie:jamie-anthony@insightexpressai.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\XD80RA62.txt [ Cookie:jamie-anthony@2o7.net/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\GAO6VIB8.txt [ Cookie:jamie-anthony@stepstone.112.2o7.net/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\DUX8KD3G.txt [ Cookie:jamie-anthony@adform.net/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\6PJAO8CP.txt [ Cookie:jamie-anthony@ad4.adfarm1.adition.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\jamie-anthony@questionmarket[2].txt [ Cookie:jamie-anthony@questionmarket.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\CLXUWW0W.txt [ Cookie:jamie-anthony@invitemedia.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\NOMYGM8R.txt [ Cookie:jamie-anthony@secmedia.de/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\8TZ06P60.txt [ Cookie:jamie-anthony@deutschepostag.112.2o7.net/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\jamie-anthony@adviva[1].txt [ Cookie:jamie-anthony@adviva.net/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\jamie-anthony@weborama[1].txt [ Cookie:jamie-anthony@weborama.fr/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\6QOYIRRU.txt [ Cookie:jamie-anthony@www.active-tracking.de/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\QPMV4HKY.txt [ Cookie:jamie-anthony@remedia.at/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\60YL9Q1O.txt [ Cookie:jamie-anthony@adx.chip.de/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\NQ5OJQ0C.txt [ Cookie:jamie-anthony@adbrite.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\Q2P97KHX.txt [ Cookie:jamie-anthony@track.effiliation.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\0H3P6GNG.txt [ Cookie:jamie-anthony@track.adform.net/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\XSIW1G1L.txt [ Cookie:jamie-anthony@apmebf.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\XB86QCMI.txt [ Cookie:jamie-anthony@specificclick.net/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\jamie-anthony@microsoftwllivemkt.112.2o7[1].txt [ Cookie:jamie-anthony@microsoftwllivemkt.112.2o7.net/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\UROAGB29.txt [ Cookie:jamie-anthony@ad.dyntracker.de/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\8XEBM4QQ.txt [ Cookie:jamie-anthony@stats.paypal.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\HBX5EAQL.txt [ Cookie:jamie-anthony@media.gan-online.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\2B0FMZWC.txt [ Cookie:jamie-anthony@fastclick.net/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\O4PO2QZK.txt [ Cookie:jamie-anthony@adserver.plus.ag/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\RONZE5BO.txt [ Cookie:jamie-anthony@e-2dj6aelywpdjaao.stats.esomniture.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\XSSWGD2G.txt [ Cookie:jamie-anthony@ad.dyntracker.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\6QDQNT7M.txt [ Cookie:jamie-anthony@tracking.klicktel.de/dcsbusili10000cl8aqvw6567_6w4v ]

        C:\USERS\JAMIE-ANTHONY\Cookies\VR2JYUH6.txt [ Cookie:jamie-anthony@go.dynamic-tracking.de/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\XL594JXB.txt [ Cookie:jamie-anthony@count.asnetworks.de/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\XBV96F3N.txt [ Cookie:jamie-anthony@rw.motorpresse-statistik.de/track/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\K1M37VXP.txt [ Cookie:jamie-anthony@e-2dj6wjlikhdzocp.stats.esomniture.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\ATJU2JVC.txt [ Cookie:jamie-anthony@tracking.fastbooking.net/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\2AXXZFYP.txt [ Cookie:jamie-anthony@tracking.mindshare.de/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\JZ1L8FAW.txt [ Cookie:jamie-anthony@www.remedia.at/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\55QU6CGB.txt [ Cookie:jamie-anthony@aok.122.2o7.net/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\9W9FVMQC.txt [ Cookie:jamie-anthony@traffictrack.de/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\I81XJGG1.txt [ Cookie:jamie-anthony@dyntracker.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\G40NS7SL.txt [ Cookie:jamie-anthony@eas4.emediate.eu/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\G8O13PMH.txt [ Cookie:jamie-anthony@zanox.com/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\YFIM98XB.txt [ Cookie:jamie-anthony@libri.112.2o7.net/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\STRWBC7N.txt [ Cookie:jamie-anthony@www.ad-track.de/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\ULZ0DECA.txt [ Cookie:jamie-anthony@adserv.chirurgie-portal.de/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\2GW86AX9.txt [ Cookie:jamie-anthony@www.googleadservices.com/pagead/conversion/1030841495/ ]

        C:\USERS\JAMIE-ANTHONY\Cookies\CY1K3RES.txt [ Cookie:jamie-anthony@www.zanox-affiliate.de/ ]

        .mediaplex.com [ C:\USERS\JAMIE-ANTHONY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .apmebf.com [ C:\USERS\JAMIE-ANTHONY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .adfarm1.adition.com [ C:\USERS\JAMIE-ANTHONY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        adx.chip.de [ C:\USERS\JAMIE-ANTHONY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .doubleclick.net [ C:\USERS\JAMIE-ANTHONY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        ad.yieldmanager.com [ C:\USERS\JAMIE-ANTHONY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        ad.yieldmanager.com [ C:\USERS\JAMIE-ANTHONY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        ad.yieldmanager.com [ C:\USERS\JAMIE-ANTHONY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        ad.yieldmanager.com [ C:\USERS\JAMIE-ANTHONY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        ad.yieldmanager.com [ C:\USERS\JAMIE-ANTHONY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        ad.yieldmanager.com [ C:\USERS\JAMIE-ANTHONY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .serving-sys.com [ C:\USERS\JAMIE-ANTHONY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MDOH89Q4.DEFAULT\COOKIES.SQLITE ]

        .serving-sys.com [ C:\USERS\JAMIE-ANTHONY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MDOH89Q4.DEFAULT\COOKIES.SQLITE ]

        adx.entrex.de [ C:\USERS\JAMIE-ANTHONY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MDOH89Q4.DEFAULT\COOKIES.SQLITE ]

        adx.entrex.de [ C:\USERS\JAMIE-ANTHONY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MDOH89Q4.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\JAMIE-ANTHONY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MDOH89Q4.DEFAULT\COOKIES.SQLITE ]

        adfarm1.adition.com [ C:\USERS\JAMIE-ANTHONY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MDOH89Q4.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\JAMIE-ANTHONY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MDOH89Q4.DEFAULT\COOKIES.SQLITE ]

        .doubleclick.net [ C:\USERS\JAMIE-ANTHONY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MDOH89Q4.DEFAULT\COOKIES.SQLITE ]

        ad.yieldmanager.com [ C:\USERS\JAMIE-ANTHONY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MDOH89Q4.DEFAULT\COOKIES.SQLITE ]

        ad.yieldmanager.com [ C:\USERS\JAMIE-ANTHONY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MDOH89Q4.DEFAULT\COOKIES.SQLITE ]

        .invitemedia.com [ C:\USERS\JAMIE-ANTHONY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MDOH89Q4.DEFAULT\COOKIES.SQLITE ]

        .bs.serving-sys.com [ C:\USERS\JAMIE-ANTHONY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MDOH89Q4.DEFAULT\COOKIES.SQLITE ]

        .tradedoubler.com [ C:\USERS\JAMIE-ANTHONY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MDOH89Q4.DEFAULT\COOKIES.SQLITE ]

        .tradedoubler.com [ C:\USERS\JAMIE-ANTHONY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MDOH89Q4.DEFAULT\COOKIES.SQLITE ]

        .tradedoubler.com [ C:\USERS\JAMIE-ANTHONY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MDOH89Q4.DEFAULT\COOKIES.SQLITE ]

        .serving-sys.com [ C:\USERS\JAMIE-ANTHONY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MDOH89Q4.DEFAULT\COOKIES.SQLITE ]

Achso und mit dem "doch gereicht" meinte ich, dass die 2., vollständige Variante des Log von aswMBR dir wahrscheinlich gereicht hätte - ich sie aber nochmal gepostet hab...
Also die Betonung lag auf "doch" ;-)

cosinus

16.05.2012 12:33

Zitat:

Ok, hab ich dich etwas falsch verstanden http://cheesebuerger.de/images/smilie/frech/c040.gif

Sieht ok aus, da wurden nur Cookies gefunden. Kannst du mit SASW löschen.
Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat.

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?

Jami87

16.05.2012 13:00

Puh, ja - also mein System scheint dann wohl soweit wieder in Ordnung zu sein.

Vielen Dank für deine Mühe - auch wenn ich überhaupt nicht verstehe, wie du das gemacht hast ;-)

Nur wenn ich auf Start klicke fehlen halt noch nach wie vor die Anzeigen (unter alle Programm ist aber alles wieder da)... Aber das stört mich ja auch nicht...

Ansonsten: Kann ich was tun, dass ich nicht gleich wieder so ein Ding drauf habe?!? Bzw. wie kann das denn sein?!? Ich bin im Internet wirklich fast nur auf den selben (harmlosen) Seiten...

Kann es sein, dass es wirklich mit dem Internet Explorer zusammenhängt? Weil an dem Tag, wo dann gar nichts mehr ging, hatte ich den seit langem mal wieder geöffnet..

Und egal ob ja oder nein: Kannst du mir sagen, wie ich diesen richtig löschen kann?!? Also ohne einfach nur das Symbol zu löschen?

Und danke nochmal :-) Dachte schon, ich muss mir einen neuen PC kaufen...

cosinus

16.05.2012 13:51

Zitat:

Nur wenn ich auf Start klicke fehlen halt noch nach wie vor die Anzeigen

Bitte so beschreiben, dass ich nicht rumraten muss was du meinst
"Anzeigen" im Startmenü ist doch was umgangssprachliches, das ist was genau? Was verstehst du darunter? Was genau fehlt?

Zitat:

Ansonsten: Kann ich was tun, dass ich nicht gleich wieder so ein Ding drauf habe?!? Bzw. wie kann das denn sein?!? Ich bin im Internet wirklich fast nur auf den selben (harmlosen) Seiten...
Kann es sein, dass es wirklich mit dem Internet Explorer zusammenhängt? Weil an dem Tag, wo dann gar nichts mehr ging, hatte ich den seit langem mal wieder geöffnet..

Den IE kann man nicht einfach löschen! Das funktioniert nicht ohne Windows zu weiten Teilen unbrauchbar zu machen weil er eine Kernkomponente des Betriebssystems aus Redmond ist!

Halte Dich am besten grob an diese Regeln:

Sei misstrauisch im Internet und v.a. bei unbekannten E-Mails, sei vorsichtig bei der Herausgabe persönlicher Daten!!
Halte Windows und alle verwendeten Programme immer aktuell - unterstützen kann dich dabei Secunia PSI
Führe regelmäßig Backups auf externe Medien durch
Arbeite mit eingeschränkten Rechten
Nutze sicherere Programme wie zB Opera oder Firefox zum Surfen statt den IE, zum Mailen Thunderbird statt Outlook Express - E-Mails nur als reinen text anzeigen lassen
automatische Wiedergabe von allen Laufwerken komplett deaktivieren, denn das ist ein unnötiges Sicherheitsrisiko
Bei der Installation von Software möglichst darauf achten, dass die Setups aus offiziellen Quellen stammen und du bei der Installation nach Möglichkeit die benutzerdefinierte Methode wählst - dann hast du die Möglichkeit etwaigen Schrott (wie Toolbars oder sowas wie RegistryBooster) abzuwählen, welcher sonst einfach mitinstalliert wird.
Bösartige bzw. ungewollte Sites von vornherein blockieren lassen mit Hilfe der MVPS Hosts File => Blocking Unwanted Parasites with a Hosts File
Finger weg von: TuneUp, Registry-Cleanern aller Art, Softonic sowie illegalen Cracks/Keygens oder anderen "Tools" um ein kommerzielles Programm ohne Lizenz nutzen zu können
dubiose Seiten bzw. Kinofilm-Streaming-Portale ebenfalls sein lassen, erstens handelt man sich dort schnell Malware ein oder kann in Abofallen geraten und zweitens bewegen sich diese Seiten in einer rechtlichen Grauzone.

Alles noch genauer erklärt steht hier => Kompromittierung unvermeidbar?

Zitat:

Und danke nochmal :-) Dachte schon, ich muss mir einen neuen PC kaufen...

Wegen einer verkorksten Betriebssystem-Installation? :confused:
Kaufst du auch ein neues Auto wenn der Aschenbecher voll ist oder der Tank leer? :lach: :uglyhammer:

Dann wären wir durch! :abklatsch:

Die Programme, die hier zum Einsatz kamen, können alle wieder runter. CF kann über Start, Ausführen mit combofix /uninstall entfernt werden. Melde dich falls es da Fehlermeldungen zu gibt. Mit Hilfe von OTL kannst du auch viele Tools entfernen:

Starte bitte OTL und klicke auf Bereinigung.
Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen.

Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken.

Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden.
Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern.

Microsoftupdate

Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.

Windows Vista/7: Anleitung Windows-Update

PDF-Reader aktualisieren
Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast)

Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers:

Adobe - Andere Version des Adobe Flash Player installieren

Notfalls kann man auch von Chip.de runterladen => http://filepony.de/?q=Flash+Player

Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind.

Java-Update
Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.

Jami87

16.05.2012 14:34

Also das mit dem Startmenü zu erklären ist nicht so einfach...
Also wenn ich auf "Start" gehe kommt ja unten "Alle Programme" - da steht alles normal da. Und früher stand da drüber über "alle Programme" noch mehr. Weiß aber nicht mehr, was das war, da ich es selten bis nie genutzt habe - waren das vielleicht die zuletzt aufgerufenen Programme? Weiß nicht...
Aber wie gesagt: Ich brauche diese Funktion ja nicht... Also wenn mit dem System so weit alles wieder ok ist, ist ja alles klar... ;-)

Ach ja - und unten in der Taskleiste neben dem Startsymbol waren auch die Symbole weg...

Also ich dachte ich muss mir einen neuen PC kaufen, weil ja nichts mehr ging zeitweise... Bzw. wenn x-viele Fehlermeldungen kommen?!? Also ich dachte dann maximal an ein "zur Reperatur bringen", aber da weiß man ja auch nicht, ob man da mehr bezahlt als für einen günstigen Laptop :-(

Also Danke nochmal...
Die Tipps lese ich mir heute Abend nochmal in Ruhe durch :-)

cosinus

16.05.2012 14:59

Zitat:

da steht alles normal da. Und früher stand da drüber über "alle Programme" noch mehr. Weiß aber nicht mehr, was das war, da ich es selten bis nie genutzt habe -

Ich glaube du meinst die Liste der zuletzt verwendeten Programme. Ist das so? Könnte das sein? :)

Dann wären wir durch! :abklatsch:

Die Programme, die hier zum Einsatz kamen, können alle wieder runter. CF kann über Start, Ausführen mit combofix /uninstall entfernt werden. Melde dich falls es da Fehlermeldungen zu gibt. Mit Hilfe von OTL kannst du auch viele Tools entfernen:

Starte bitte OTL und klicke auf Bereinigung.
Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen.

Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken.

Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden.
Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern.

Microsoftupdate

Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.

Windows Vista/7: Anleitung Windows-Update

PDF-Reader aktualisieren
Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast)

Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers:

Adobe - Andere Version des Adobe Flash Player installieren

Notfalls kann man auch von Chip.de runterladen => http://filepony.de/?q=Flash+Player

Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind.

Java-Update
Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.

Jami87

16.05.2012 15:04

Ja, die Liste meine ich ;-) und eben die Taskleiste daneben rechts, wo z.B. das "Desktop" Symbol war, um wieder auf den Desktop zu gelangen, ohne alle Seiten minimieren zu müssen, etc...

cosinus

16.05.2012 15:12

Mach mal ein Screenshot davon

Jami87

16.05.2012 16:58

Anbei mal die Datei mit den Screenshots...
Oben das mit den fehlenden Symbolen in der Startleiste... (Wo die zuletzt geöffneten Programm fehlen)

Darunter sieht man, dass die Taskleiste leer ist (die Symbole, die dort jetz sind, habe ich erst später reingeschoben...

Und noch eine Frage zu Word:

Plötzlich kommen die Fehlermeldungen, wie der Screenshot im Anhang zeigt - ansonsten geht alles prima. Weißt du, was ich da machen kann?

Beim Start von Windows kommt übrigens seit Langem auch immer noch eine Fehlermeldung, die ich immer wegklicke - weiß jetzt aber nicht genau, was da immer steht... Werde ich dir nochmal
mailen...

Ou, die Datei mit den Screenshots passt ja gar nicht rein?!? Wie kann ich diese denn senden?

Habe nochmal wegen der Fehlermeldung geschaut - da steht: "VCM Intelligent Analyzing Manager funktioniert nicht mehr" und dann "... wurde geschlossen...

Hi,

ich habe jetzt nochmal gegoogelt und somit rausgefunden, dass die "Taskleiste" wohl richtig "Schnellstartleiste" heißt - habe inzwischen auch wieder die Symbole alle drin (vor allem das Desktopsymbol wieder eingefügt) - also das hat sich erstmal erledigt ;-)

Habe aber leider schon wieder eine Frage: Ich habe ja nun SuperAntiSpyware installiert... Aber das kann ich neben Avira (Free Antivirus) nicht drin lassen oder? Reicht eines von beiden aus? Oder Avira allein nicht? (Die kostenlose Version?) Kannst du mir da noch einen Tipp geben?

LG...

cosinus

16.05.2012 20:56

Lad den Screenshot hier hier => Saved.im

Und SASW muss wieder runter, das diente NUR zum Zweck der Kontrolle

Jami87

17.05.2012 08:03

Ich weiß irgendwie gar nicht, wie ich den Screenshot im Bildformat speichern kann?!? Aber eigentlich ist das ja jetzt gar nicht mehr so wichtig, da es ja dennoch alles funktioniert und ich diese Leisten auch manuell voll schieben kann ;-)

Alle Zeitangaben in WEZ +1. Es ist jetzt 21:52 Uhr.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19