Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 17.05.2012, 22:36   #1
Seeigel
 
Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein - Standard

Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein



Hi! Ich hoffe, Ihr konnt mir weiterhelfen.

Gestern habe ich auf meinem Laptop ein Fenster entdeckt, welches mir freundlicherweise mitteilte, dass ich zu lange auf pornoseiten unterwegs war und jetzt würde mein Windows blockiert. blablabla - 100EUR per Ukash überweisen und dann sei alles im Lot. Selbstverständlich habe ich es nicht gemacht Mit viel Mühe haben wir es hingekriegt, das System zurückzusetzen und eigentlich funktioniert alles einwandfrei.

Das Problem ist, dass ich mir nicht sicher bin, ob der Virus doch nicht irgendwo sich versteckt hat.. Da ich meine RecoveryCD nicht mehr finden kann, würde ich mich freuen, wenn sich die Neuinstallierung vermeiden ließe..

Bis jetzt habe ich immer die kostenlose Version von Avira benutzt. Aber da ich war und öfters die Java-Updates vernachlässigt habe, kam es offenbar zum "Kontakt" mit dem Java Trojaner. Nachdem ich wieder Zugang zu meinem Profil hatte, ließ ich Avira laufen und da waren die kleinen "Freunde" - leider ließ sich der Bericht nicht als txt speichern, aber ich glaube, es waren 2 verschiedene Virennamen - einmal etwas mit Trojaner und ein mal EXP/CVE-2010-0840. Die habe ich gelöscht und die Welt schien in O. zu sein.

Dann habe ich Scan Spyware laufen lassen (s. Log unten) und der fand 8 high risk files. Darunter auch Trojan Spammer, AntiMalware reg.keys und values. Habe versucht, diese zu löschen. Bei den Reg.keys und values ging es gut (ATI habe ich nicht entfernt), aber bei Tr.Spammer sagte er, dass der PC neugestartet werden muss. Gesagt getan. Nach dem Neustart sah ich ein Fenster, dass die "Löscharbeiten" erfolgreich waren. Als ich jedoch nochmal Scan Spyware laufen ließ, waren ALL DIESE Fails wieder da!!!

Also habe ich noch Malwarebytes Anti-Malware Test laufen lassen. Der hat allerdings NIX gefunden (Log von dem vollständigen Suchlauf konnte ich nicht erstellen, aber das Ergebnis hieß: Der Suchlauf wurde erfolgreich abgeschlossen. Es wurden keine inf.Obj.gefunden). Flash scan ergab ebenfalls keine Treffer (s.Log)

Vor 10Min.habe ich meinen PC wieder mit Avira testen lassen (vorher alles angekreuzt, wie hier im Forum vorgegeben) und es kam raus, dass keine Viren gefunden wurden, dafür aber 189 Warnungen (s.Log).

Ich stehe wirklich auf dem Schlauch und verstehe nicht, ob mein PC nun "sauber" ist oder nein??? Konnt Ihr irgendetwas in den Logs das erkennen?

Danke im Voraus für Eure Antworten!!

Seeigel
Angehängte Dateien
Dateityp: txt AVSCAN-20120517-171004-1C796545.txt (97,5 KB, 173x aufgerufen)
Dateityp: txt mbam-log-2012-05-17 (22-42-13).txt (2,0 KB, 169x aufgerufen)

Geändert von Seeigel (17.05.2012 um 23:07 Uhr)

Alt 19.05.2012, 14:34   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein - Standard

Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein



Führ bitte auch ESET aus, danach sehen wir weiter:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________

__________________

Alt 20.05.2012, 00:44   #3
Seeigel
 
Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein - Standard

Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein



Hi.

Hab den ESET 2mal laufen lassen und beide male wurde nichts gefunden. Log sieht allerdings bei beiden malen äußerst komisch aus:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
esets_scanner_update returned -1 esets_gle=12

Ist es das?? Mehr steht da wirklich nichts drin.

Außerdem habe ich heute erneut Malwarebytes laufen lassen. Hier der Log:
Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.05.19.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421


Schutz: Aktiviert

2012.05.19. 10:26:37
mbam-log-2012-05-19 (10-26-37).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 333219
Laufzeit: 1 Stunde(n), 15 Minute(n), 30 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Wie gesagt - PC läuft normal weiter, unter Start sind keine merkwürdigen leeren Folder zu sehen (bis auf Autostart, aber das scheint ja OK zu sein). In meinem privaten Ordner habe ich FOlder .jivex entdeckt. Der enthält 1 Datei. Weiß nicht, was das Ding soll.

und gute Nacht
__________________

Alt 20.05.2012, 21:27   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein - Standard

Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein



ESET hast du wahrscheinlich falsch gemacht, da gab es extra einen dicken Hinweis zu

Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt so öffnen: per Rechtsklick => als Administrator ausführen
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 21.05.2012, 20:21   #5
Seeigel
 
Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein - Standard

Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein



ou yeah - habe total vergessen, dass ich doch Vista habe

wieder nix gefunden.Hier der Log.

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
esets_scanner_update returned -1 esets_gle=12
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=6b85dd566161a346ac855cc0f10416de
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-05-21 04:19:33
# local_time=2012-05-21 06:19:33 (+0100, Mitteleuropäische Sommerzeit)
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1792 16777215 100 0 18556545 18556545 0 0
# compatibility_mode=5892 16776573 100 100 201862 175149707 0 0
# compatibility_mode=8192 67108863 100 0 253094 253094 0 0
# scanned=232
# found=0
# cleaned=0
# scan_time=198
esets_scanner_update returned -1 esets_gle=53251
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=6b85dd566161a346ac855cc0f10416de
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-05-21 06:16:18
# local_time=2012-05-21 08:16:18 (+0100, Mitteleuropäische Sommerzeit)
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1792 16777215 100 0 18556978 18556978 0 0
# compatibility_mode=5892 16776573 100 100 202295 175150140 0 0
# compatibility_mode=8192 67108863 100 0 253527 253527 0 0
# scanned=143899
# found=0
# cleaned=0
# scan_time=6765


Alt 21.05.2012, 21:29   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein - Standard

Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein



Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?
__________________
--> Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein

Alt 21.05.2012, 21:56   #7
Seeigel
 
Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein - Standard

Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein



Hi!

Ja-PC läuft normal weiter, im Startmenü sind keine merkwürdigen leeren Folder zu sehen (bis auf Autostart, aber das scheint ja OK zu sein, oder?).
In meinem My Documents Ordner habe ich FOlder .jivex entdeckt. Der enthält 1 Datei. Weiß nicht, was das Ding soll.

Habe in der Zwischenzeit OTL durchgeführt

hier der Extras log

OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 2012.05.21. 21:36:45 - Run 1
OTL by OldTimer - Version 3.2.43.1     Folder = C:\Users\Seeigel\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000426 | Country: *** | Language: *** | Date Format: yyyy.MM.dd.
 
3,00 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 48,23% Memory free
6,20 Gb Paging File | 4,21 Gb Available in Paging File | 68,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 224,77 Gb Total Space | 146,16 Gb Free Space | 65,02% Space Free | Partition Type: NTFS
Drive D: | 3,72 Gb Total Space | 2,34 Gb Free Space | 62,95% Space Free | Partition Type: FAT32
 
Computer Name: SEEIGEL-PC | User Name: Seeigel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = Max2.Association.HTML] -- C:\Users\Seeigel\AppData\Roaming\Maxthon2\Maxthon.exe (Maxthon International ltd.)
.url [@ = InternetShortcut] -- C:\Users\Seeigel\AppData\Roaming\Maxthon2\Maxthon.exe (Maxthon International ltd.)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B5E5EEC-C35D-4271-B934-0B9C026C0250}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{1D64DADC-B309-4AD1-ADF8-D68094ED4FD1}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{2AF4896D-373D-475E-8C4D-76574B3DE161}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{2C311BD1-4FF0-48AE-B07E-9293D80B1F52}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{3D45C416-58DC-4552-AE1F-E231676E3088}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{651EDF3F-6DC8-48AC-B249-819CB9F0AE41}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{7F0DB9B4-A4C8-41BF-A920-FD93C34353FD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{912717EC-6EDC-47FD-98EA-A4E2301DDA74}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{AC1C24CB-11D5-4E6A-8425-C0FE0778810C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{C22306D8-E9D5-4610-8AB6-9A5A64400624}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{D9282514-A799-4E44-8C78-78A1E703B9EA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{DCCE715C-4B87-4798-90A5-F2A140727726}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{F55079AC-7C50-41EF-A04B-2076E4437993}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{FBBE953D-E312-48D3-9E72-137053C50527}" = lport=2869 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1401E1B0-361C-4E6F-9E3E-03B82BE3AD01}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{1F094174-0E43-476C-9A8E-FD809C906F70}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{36E4ABBC-7A6E-4410-AC50-1B654BEB7ACF}" = protocol=6 | dir=out | app=system | 
"{40C7A457-3A82-422C-9303-D0DE7E1E55B7}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{466EE777-350A-4D1B-AFDB-826AEDCB5176}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{48E7D24A-D004-4EF4-A77E-1B38B4443058}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe | 
"{4D7CEE09-E507-42DD-8276-D92AA4A8064A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{58792994-ADB5-409F-B06E-13146EFB490D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{6765CFF7-9075-4C96-A851-70EB52BB0BD8}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe | 
"{6B706F92-CC56-4428-B3E0-C628599451B3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{6B9B92F5-ADBC-4B38-AFAF-73A3E6F0E612}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{7804FBCA-01E9-48EB-A1A4-36580C5B04D4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{78522EA0-A13F-45C2-BF4C-FBC5AF9A85EC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{8CDA1223-0531-4AD8-967A-10E9067E8596}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{950DE681-3A9E-446C-BB72-476E2C703D34}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B0E62BAE-29AE-4227-BBB9-E69C1DDEADF5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B5CDD185-D644-4BFE-B80A-456CCD265F16}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{D3977386-ACA8-4733-94EC-340ECD763C11}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe | 
"{EC497A53-69AD-42BC-921E-0A176C1D9C29}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{F27EE3E3-F4E3-4FF1-BB9A-4B6234FE9629}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe | 
"{FE104AD6-734D-4113-BB9F-C3A498228B9B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"TCP Query User{7A2AD33B-C39D-4DA6-9E8A-4ADC05382020}C:\users\Seeigel\appdata\roaming\maxthon2\modules\mxdownloader\mxdownloadserver.exe" = protocol=6 | dir=in | app=c:\users\Seeigel\appdata\roaming\maxthon2\modules\mxdownloader\mxdownloadserver.exe | 
"TCP Query User{97182E46-58B7-480A-9E65-27A2550E7B46}C:\users\Seeigel\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light" = protocol=6 | dir=in | app=c:\users\Seeigel\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light | 
"TCP Query User{A858DECB-3DB1-4C98-9DD5-EF6658B8ECB3}C:\users\Seeigel\appdata\roaming\maxthon2\maxthon.exe" = protocol=6 | dir=in | app=c:\users\Seeigel\appdata\roaming\maxthon2\maxthon.exe | 
"TCP Query User{D54146F9-BC36-4103-856E-8C073EE18493}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 
"TCP Query User{EAD22691-4C18-430F-8222-866EBCB15682}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe | 
"TCP Query User{F96663CF-8126-4D8E-AD3B-17C5C376D171}C:\users\Seeigel\appdata\roaming\maxthon2\modules\mxdownloader\mxdownloadserver.exe" = protocol=6 | dir=in | app=c:\users\Seeigel\appdata\roaming\maxthon2\modules\mxdownloader\mxdownloadserver.exe | 
"UDP Query User{1DCEF61A-0024-4C23-83C3-149CB06AD99A}C:\users\Seeigel\appdata\roaming\maxthon2\modules\mxdownloader\mxdownloadserver.exe" = protocol=17 | dir=in | app=c:\users\Seeigel\appdata\roaming\maxthon2\modules\mxdownloader\mxdownloadserver.exe | 
"UDP Query User{2D6660FC-719B-4CA5-AB9E-5E31CBC7A4CF}C:\users\Seeigel\appdata\roaming\maxthon2\maxthon.exe" = protocol=17 | dir=in | app=c:\users\Seeigel\appdata\roaming\maxthon2\maxthon.exe | 
"UDP Query User{576C2DCB-059A-4392-8B5E-F11B210196EB}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 
"UDP Query User{5836B0F1-60C9-488A-923E-1400EDDDFAC3}C:\users\Seeigel\appdata\roaming\maxthon2\modules\mxdownloader\mxdownloadserver.exe" = protocol=17 | dir=in | app=c:\users\Seeigel\appdata\roaming\maxthon2\modules\mxdownloader\mxdownloadserver.exe | 
"UDP Query User{894BD733-DF17-4E2F-AB15-5D42A328903C}C:\users\Seeigel\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light" = protocol=17 | dir=in | app=c:\users\Seeigel\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light | 
"UDP Query User{D1A5A60D-D45C-447B-BB05-CADF0547F0DB}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{033D2EF8-EE01-4C78-BB87-9BE3BB745A0D}" = Latv4Germ
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06F4E770-E63C-6619-A4BD-BA172E0AF143}" = CCC Help Korean
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{09C468CA-2940-466A-AAE8-DCC0C6E9323C}" = Nokia Software Updater
"{0B3935EA-0186-5B0B-88CB-DDBA93A95376}" = CCC Help Spanish
"{0BE45907-E708-995C-F327-49A11924E2B8}" = Catalyst Control Center Localization Portuguese
"{0D6C3F46-15B5-706E-D162-579F89D7A818}" = Skins
"{0ED4E0C1-2EF1-EE6E-F578-5C1407A3D047}" = ATI Catalyst Install Manager
"{0EEF7052-BE05-E623-2299-9AFE0F2B0CAE}" = Catalyst Control Center Graphics Full Existing
"{0F6939E1-6994-FBA0-34D6-C4CCC2B2DBD3}" = Catalyst Control Center Localization Korean
"{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}" = VAIO Media plus
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1EDF22AA-2762-92FF-9A97-91A8504A1EB8}" = Catalyst Control Center Localization Greek
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{2018C019-30D9-4240-8C01-0865C10DCF5A}" = Unterstützung für VAIO-Präsentation
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{2630832F-5E46-9746-5FC8-295C9B1AADA3}" = Catalyst Control Center Localization Chinese Traditional
"{26921B2E-3E62-47F9-A514-1FC4A83BD738}" = Intel(R) PROSet/Wireless WiFi-Software
"{26A24AE4-039D-4CA4-87B4-2F83217003FF}" = Java(TM) 7 Update 3
"{29F563F4-8807-4496-8463-441EAA0E96AB}" = PC Connectivity Solution
"{2F0D8535-0F13-41FC-A227-101CD316CAB2}" = CCC Help Japanese
"{30D2B06E-12D1-70C3-4AE7-9942BD0736B0}" = Catalyst Control Center Core Implementation
"{314CE545-FF73-1AF2-AB7F-0B3C6F84C139}" = Catalyst Control Center Localization Danish
"{326DC400-1FC4-4D7D-946D-06D1EAB93200}" = VAIO Guide
"{35CCD624-A020-0EBE-3B04-1BE4D47A38E1}" = Catalyst Control Center Localization Czech
"{363611D9-1106-41F2-B74E-BD8481C41219}" = Click to Disc
"{36E408F0-DF8A-4F9B-BF26-AED92C789F5D}" = Tildes Birojs 2005
"{3B659FAD-E772-44A3-B7E7-560FF084669F}" = VAIO Smart Network
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{409ECFF1-9CC7-43A8-B28A-B7F0B7CB04D1}_is1" = Classic Menu 3.x for Office 2007
"{425F56BE-2966-22A6-2123-FD4B5AC334D6}" = Catalyst Control Center Localization Thai
"{42AE4A8D-9941-5890-7D89-BA7563CD6C7B}" = CCC Help Finnish
"{49A75034-EE1D-9BD8-B33B-15E4DFA100C8}" = CCC Help Portuguese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BCC3567-1875-C15C-9C12-818E27B6698D}" = Catalyst Control Center Graphics Full New
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{4F338231-AE58-7B54-963D-0C47A88ACC4D}" = ccc-core-static
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{53DBA3E6-8839-CEEE-C72A-91C8A19E3D92}" = CCC Help German
"{563CD8DC-4BE3-0DE2-18FC-3FA201BEE33D}" = Catalyst Control Center Localization Hungarian
"{57664BF2-4684-E828-4D29-66FC0343AD8A}" = Catalyst Control Center Localization Chinese Standard
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{59991D18-A988-45AB-B1BF-5ADE6E64CD3F}" = SnagIt 9
"{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" = 
"{5E16077B-1373-5D40-2EC6-13A3885DE3D4}" = Catalyst Control Center Graphics Previews Common
"{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Energie Verwaltung
"{5F5DD0C0-3F2A-8830-6FDB-105EDFD6B438}" = CCC Help Polish
"{62CA24D9-F575-352C-F21C-EE45B183B9F8}" = CCC Help Czech
"{64DF88D9-D30D-69F9-58EF-36ED63C7988D}" = Catalyst Control Center Localization Swedish
"{66E164AC-632D-D5A1-95D0-279191FDCDF5}" = Catalyst Control Center Localization Spanish
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6C50525A-2D77-4C22-B058-9AA2F27ACFF2}" = VAIO Content Metadata Intelligent Analyzing Manager
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6EFAB4DC-730A-328F-15B3-16749C52507D}" = Catalyst Control Center Localization Finnish
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{706439E9-105B-B5FA-DF2C-A8E1CFE5CFD5}" = Catalyst Control Center Localization Japanese
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{75853925-2522-46A0-A2CA-D0CC9F49864D}" = RuQWERTY
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7E823DA5-43A2-46E8-A75E-5A2A0FDE81A1}" = VAIO Content Metadata Manager Setting
"{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}" = VAIO Update 4
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87EBA91F-4366-246A-5231-C3DBAEE6E857}" = CCC Help Norwegian
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A9ECC08-E50F-B36B-DECB-C2BC42CA8037}" = CCC Help Thai
"{8BD60AEF-3F9D-47AE-B80A-FB7FFCE335A0}" = VAIO Movie Story
"{8D0318A9-3C52-0EBC-C21C-349B16B25666}" = CCC Help Hungarian
"{8D574794-0933-ACFA-8F3E-E74741EA5D44}" = CCC Help English
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0419-0000-0000000FF1CE}" = Microsoft Office Proof (Russian) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{92F8BB8E-4DDA-5603-81FC-690A4E029EB2}" = CCC Help Danish
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = 
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A10E1547-A0DE-B7EE-712C-860E07F46AAC}" = Catalyst Control Center Localization Russian
"{A552C4EA-D41E-4C61-A0FB-C0E05440F7D7}" = VAIO Entertainment Platform
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AB138669-2648-F7E6-17DC-0056602F0C1C}" = Catalyst Control Center Graphics Light
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B49D194C-4F11-C359-5CEB-BE235CDDD703}" = CCC Help Italian
"{B513C7B0-024A-498F-B0F5-00C67E2440A9}" = VAIO Content Metadata Intelligent Analyzing Manager
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{BACD22AE-5B6B-4F23-B506-3FCFF13AC137}" = VAIO Media plus
"{BF8307DC-DD68-B2EC-FA47-9416406A0A0A}" = Catalyst Control Center Localization German
"{C0BBC0C2-7DDE-7416-23F6-EB20335DBC4D}" = Catalyst Control Center Localization Norwegian
"{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}" = OpenMG Secure Module 5.1.00
"{C15C4908-11B8-D34D-993F-0243F957A13C}" = CCC Help Turkish
"{C233101D-A379-FD7F-2754-5124CF1AA124}" = CCC Help Dutch
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C83D0710-17F9-3D2B-E7A2-58311242A4D6}" = Catalyst Control Center Localization Dutch
"{C85897A9-D7C5-8A9F-299E-998D8B3139B3}" = CCC Help Greek
"{C93F4E7C-1B31-449B-A304-EF277CF55E39}" = Catalyst Control Center - Branding
"{CA967022-3B55-F884-C803-0743A9084DF0}" = CCC Help Chinese Standard
"{CB8A8696-93EC-414E-A752-850AB133F68A}" = VAIO Content Metadata XML Interface Library
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{DA093954-87E4-CE1B-F278-C73607C23A75}" = Catalyst Control Center Localization Italian
"{DB9C9AF5-FA37-DDB7-6A82-D62504958DA0}" = CCC Help Russian
"{DDCDF8EC-8D5C-3390-3D89-27C9AB2CDCAE}" = CCC Help Chinese Traditional
"{E6059A2F-0DD4-53DB-007B-F5B910CB1AB8}" = CCC Help Swedish
"{E7182A1A-8E3D-FD52-7A8C-13DF92489494}" = Catalyst Control Center Localization Polish
"{EB233331-3AB8-8435-4924-B16C29AE0BFC}" = Catalyst Control Center Localization Turkish
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EE59BBF9-415C-45DB-8C4B-EE43CF635FEA}" = VAIO Content Metadata XML Interface Library
"{EE6D5D1E-B638-BBDC-C6A3-2752F38EED42}" = CCC Help French
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.053
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F140EBF8-399F-78F1-73A7-542511649382}" = ccc-utility
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F488BCB2-6D0A-E804-B272-1FF37C34392A}" = Catalyst Control Center Graphics Previews Vista
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" = 
"{F68211B0-4E73-8D9D-B8ED-6B90762AB5D8}" = Catalyst Control Center Localization French
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FD72E69E-CF34-4071-BFD6-FD081A365E2C}" = VAIO Content Metadata Intelligent Analyzing Manager
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"{FE697886-F392-4E0D-A0C0-47587BF60992}" = VAIO Content Metadata Manager Setting
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Windows-Treiberpaket - Nokia Modem  (10/05/2009 4.2)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Windows-Treiberpaket - Nokia Modem  (06/01/2009 7.01.0.4)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira Free Antivirus
"BFG-Big Fish Games Spiel-Suite" = Big Fish Games Spiel-Suite
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"dt icon module" = 
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"Google Desktop" = Google Desktop
"gtfirstboot Setting Request" = 
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}" = OpenMG Secure Module 5.1.00
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"MarketingTools" = VAIO Marketing Tools
"Maxthon2" = Maxthon2
"MFU Module" = 
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Nokia PC Suite" = Nokia PC Suite
"NSS" = Norton Security Scan
"Picasa2" = Picasa 2
"PrimoPDF4.0.1" = PrimoPDF
"PrintServer Network driver" = PrintServer Network driver
"ProInst" = Intel PROSet Wireless
"Scan Spyware_is1" = ScanSpyware v3.8.0.1
"SereneScreen Marine Aquarium 3_is1" = SereneScreen Marine Aquarium 3
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Update Engine" = Sony Ericsson Update Engine
"VAIO Help and Support" = 
"VLC media player" = VLC media player 0.9.8a
"WinRAR archiver" = WinRAR archiver
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 2011.10.28. 15:12:00 | Computer Name = Seeigel-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 9.0.8112.16421, Zeitstempel
 0x4d76255d, fehlerhaftes Modul AVIRAI~1.DLL, Version 1.0.3.1000, Zeitstempel 0x4ea88942,
 Ausnahmecode 0xc0000005, Fehleroffset 0x000180da,  Prozess-ID 0x1178, Anwendungsstartzeit
 01cc95a5503db94d.
 
Error - 2011.10.28. 15:21:35 | Computer Name = Seeigel-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 9.0.8112.16421, Zeitstempel
 0x4d76255d, fehlerhaftes Modul gdiplus.dll_unloaded, Version 0.0.0.0, Zeitstempel
 0x4cd300b8, Ausnahmecode 0xc0000005, Fehleroffset 0x73f774b2,  Prozess-ID 0x1988,
 Anwendungsstartzeit 01cc95a579a05bdd.
 
Error - 2011.10.29. 13:56:00 | Computer Name = Seeigel-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 9.0.8112.16421, Zeitstempel
 0x4d76255d, fehlerhaftes Modul gdiplus.dll_unloaded, Version 0.0.0.0, Zeitstempel
 0x4cd300b8, Ausnahmecode 0xc0000005, Fehleroffset 0x73f774b2,  Prozess-ID 0x870, 
Anwendungsstartzeit 01cc9663d41d9920.
 
Error - 2011.10.30. 2:42:41 | Computer Name = Seeigel-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 9.0.8112.16421, Zeitstempel
 0x4d76255d, fehlerhaftes Modul gdiplus.dll_unloaded, Version 0.0.0.0, Zeitstempel
 0x4cd300b8, Ausnahmecode 0xc0000005, Fehleroffset 0x73f774b2,  Prozess-ID 0x628, 
Anwendungsstartzeit 01cc96ceeb801190.
 
Error - 2011.10.30. 2:52:58 | Computer Name = Seeigel-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 9.0.8112.16421, Zeitstempel
 0x4d76255d, fehlerhaftes Modul gdiplus.dll_unloaded, Version 0.0.0.0, Zeitstempel
 0x4cd300b8, Ausnahmecode 0xc0000005, Fehleroffset 0x73f774b2,  Prozess-ID 0x1a88,
 Anwendungsstartzeit 01cc96d07de02fb0.
 
Error - 2011.10.30. 11:25:33 | Computer Name = Seeigel-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 2011.10.30. 11:27:18 | Computer Name = Seeigel-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 2011.10.30. 11:28:06 | Computer Name = Seeigel-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 2011.10.30. 11:30:56 | Computer Name = Seeigel-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 9.0.8112.16421, Zeitstempel
 0x4d76255d, fehlerhaftes Modul AVIRAI~1.DLL, Version 1.0.3.1000, Zeitstempel 0x4ea88942,
 Ausnahmecode 0xc0000005, Fehleroffset 0x000180da,  Prozess-ID 0x154c, Anwendungsstartzeit
 01cc9718d42947e8.
 
Error - 2011.10.30. 11:30:59 | Computer Name = Seeigel-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 9.0.8112.16421, Zeitstempel
 0x4d76255d, fehlerhaftes Modul AVIRAI~1.DLL, Version 1.0.3.1000, Zeitstempel 0x4ea88942,
 Ausnahmecode 0xc0000005, Fehleroffset 0x000180da,  Prozess-ID 0x16f4, Anwendungsstartzeit
 01cc9718d408eea8.
 
[ OSession Events ]
Error - 2011.10.09. 18:58:18 | Computer Name = Seeigel-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 109
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 2012.05.15. 16:30:05 | Computer Name = Seeigel-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 2012.05.15. 16:30:05 | Computer Name = Seeigel-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 2012.05.15. 16:53:34 | Computer Name = Seeigel-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 2012.05.16. 1:27:56 | Computer Name = Seeigel-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 2012.05.16. 12:10:13 | Computer Name = Seeigel-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 2012.05.17. 0:56:32 | Computer Name = Seeigel-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 2012.05.18. 13:17:54 | Computer Name = Seeigel-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 2012.05.19. 4:07:08 | Computer Name = Seeigel-PC | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 2012.05.20. 11:25:51 | Computer Name = Seeigel-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 2012.05.21. 12:12:41 | Computer Name = Seeigel-PC | Source = Service Control Manager | ID = 7011
Description = 
 
 
< End of report >
         
--- --- ---
[/code]

Hier der OTL log
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 2012.05.21. 21:36:45 - Run 1
OTL by OldTimer - Version 3.2.43.1     Folder = C:\Users\Seeigel\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000426 | Country: *** | Language: *** | Date Format: yyyy.MM.dd.
 
3,00 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 48,23% Memory free
6,20 Gb Paging File | 4,21 Gb Available in Paging File | 68,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 224,77 Gb Total Space | 146,16 Gb Free Space | 65,02% Space Free | Partition Type: NTFS
Drive D: | 3,72 Gb Total Space | 2,34 Gb Free Space | 62,95% Space Free | Partition Type: FAT32
 
Computer Name: SEEIGEL-PC | User Name: Seeigel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Seeigel\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Sony\Sony PC Companion\PCCompanion.exe (Sony)
PRC - C:\Programme\Sony\Sony PC Companion\PCCompanionInfo.exe ()
PRC - C:\Programme\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Programme\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Windows\RTKAUDIOSERVICE.EXE (Realtek Semiconductor)
PRC - C:\Programme\Sony\Network Utility\NSUService.exe (Sony Corporation)
PRC - C:\Programme\Sony\Network Utility\LANUtil.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Update 4\VAIOUpdt.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Programme\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Programme\Tildes Birojs 2005\MDICTION.EXE (Sabiedrîba Tilde)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\75df548d77c2833a48c5da51424c93f1\System.IdentityModel.Selectors.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\32983e3f4c5c20053e6673f37a58a874\System.IdentityModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1619144e1a9eaca847e53b952b21820b\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\521fb04fdfbb0039a34cc91111d11804\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\1dac5ff29f483e19c77b23b00ba533f9\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\675632907c226b0c67a2407f2ddd4bf7\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ef684a2ee2f7276eec3973a0654d2bd4\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4d54640bacd18e047a4573cb4611bd3\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5d8696f15e49aedf883dd945806a7049\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll ()
MOD - C:\Programme\Sony\Sony PC Companion\PCCompanionInfo.exe ()
MOD - C:\Programme\Sony\Sony PC Companion\MExplorer.dll ()
MOD - C:\Programme\Sony\Sony PC Companion\TMonitorAPI.dll ()
MOD - C:\Programme\Google\Google Desktop Search\gzlib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3020.36958__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3020.36966__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3020.36925__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3020.36980__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3020.37156__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3020.37121__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3020.37076__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3020.36945__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3020.37184__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3020.37129__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3020.37190__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3020.37135__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3020.36939__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3020.37128__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3020.37085__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3020.36992__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3020.36947__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3020.37148__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3020.36985__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3020.37100__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3020.37084__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3020.36997__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3020.37100__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3020.37078__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3020.37114__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3020.36998__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3020.37077__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3020.37084__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3020.37114__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2965.22300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2939.23740__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.3020.37169_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3020.36952__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3020.37169__90ba9c70f846762e\CLI.Component.Systemtray.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3020.37176__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3020.37175__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3020.37200__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3020.37210__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3020.36917__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3020.36918__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3020.36932__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3020.37176__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3020.36918__90ba9c70f846762e\ATIDEMOS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3020.36916__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3020.36917__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\SPMCommon\3.1.0.6020__e3c7096ba83f9295\SPMCommon.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\SPMDam\3.1.0.6020__1b3c579b6925895f\SPMDam.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()
MOD - C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll ()
MOD - C:\Programme\Tildes Birojs 2005\ld1062.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Sony PC Companion) -- C:\Programme\Sony\Sony PC Companion\PCCService.exe (Avanquest Software)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (SQLWriter) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ) -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLBrowser) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper) -- C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (Microsoft Office Groove Audit Service) -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (VAIO Event Service) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (RtkAudioService) -- C:\Windows\RTKAUDIOSERVICE.EXE (Realtek Semiconductor)
SRV - (NSUService) -- C:\Programme\Sony\Network Utility\NSUService.exe (Sony Corporation)
SRV - (VCFw) -- C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Programme\Sony\VAIO Media plus\SOHDms.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Programme\Sony\VAIO Media plus\SOHCImp.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Programme\Sony\VAIO Media plus\SOHDs.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Programme\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (MSCSPTISRV) -- C:\Programme\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Programme\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (BcmSqlStartupSvc) -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
SRV - (IviRegMgr) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (UIUSys) -- system32\DRIVERS\UIUSYS.SYS File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (igfx) -- system32\DRIVERS\igdkmd32.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (WsAudio_DeviceS(1)) WsAudio_DeviceS(1) -- C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys (Wondershare)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation)
DRV - (risdptsk) -- C:\Windows\System32\drivers\risdptsk.sys (REDC)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (SFEP) -- C:\Windows\System32\drivers\SFEP.sys (Sony Corporation)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo)
DRV - (SE2Ebus) Sony Ericsson Device 046 Driver driver (WDM) -- C:\Windows\System32\drivers\SE2Ebus.sys (MCCI)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
IE - HKLM\..\SearchScopes,DefaultScope = {6C46687A-47DF-4C56-9E42-77258AB738EB}
IE - HKLM\..\SearchScopes\{6C46687A-47DF-4C56-9E42-77258AB738EB}: "URL" = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {6C46687A-47DF-4C56-9E42-77258AB738EB}
IE - HKCU\..\SearchScopes\{6C46687A-47DF-4C56-9E42-77258AB738EB}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SNYK_de
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://127.0.0.1:4664/search&s=OhbH8nbOWyo3efD8e39YurKqHS8?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Seeigel\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Seeigel\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
 
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Seeigel\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Web Player\npdivx32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Seeigel\AppData\Local\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Seeigel\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Seeigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Users\Seeigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google mekl\u0113\u0161ana = C:\Users\Seeigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Google mekl\u0113\u0161ana = C:\Users\Seeigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Seeigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
CHR - Extension: Gmail = C:\Users\Seeigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Programme\TechSmith\SnagIt 9\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Google BAE\BAE.dll (Your Company Name)
O2 - BHO: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programme\TechSmith\SnagIt 9\SnagItIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CheckCU] C:\Programme\Tildes Birojs 2005\CheckCU.exe ()
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Programme\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation)
O4 - HKLM..\Run: [mdiction] C:\Programme\Tildes Birojs 2005\MDICTION.EXE (Sabiedrîba Tilde)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation)
O4 - HKCU..\Run: [ScanSpyware] C:\Program Files\ScanSpyware v3.8.0.1\Scanner.exe (PC Security Center)
O4 - HKCU..\Run: [Sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Translate with Tilde Computer Dictionary - C:\Program Files\Tildes Birojs 2005\TDVLauncher.DLL ()
O8 - Extra context menu item: &Tulkot ar Tildes Datorvārdnīcu - C:\Program Files\Tildes Birojs 2005\TDVLauncher.DLL ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: int.lan ([lv1msg02.am] https in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: mfa.gov.lv ([pasts] https in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://www.geni.com/ImageUploader5.cab (Image Uploader Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0)
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} hxxp://ax.emsisoft.com/emsisoft_webscan.cab (Emsisoft Web Malware Scan)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1FF9E66F-9D0A-408E-8B29-31348A9B2ED0}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) -  File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\Seeigel\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Seeigel\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Autorun\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.05.18 19:58:05 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.05.17 19:27:18 | 000,000,000 | ---D | C] -- C:\Users\Seeigel\AppData\Roaming\Malwarebytes
[2012.05.17 19:26:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.05.17 19:26:54 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.05.17 19:26:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.05.17 19:26:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.05.16 01:38:49 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.05.16 01:38:49 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.05.16 01:28:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012.05.16 01:27:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012.05.15 22:30:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012.05.15 22:26:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.05.15 22:23:58 | 000,637,848 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll
[2012.05.15 22:23:58 | 000,224,136 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012.05.15 22:23:58 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012.05.15 22:23:58 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012.05.15 22:23:40 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012.05.15 22:02:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.05.15 18:39:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe(18)
[2012.05.10 07:26:43 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012.05.10 07:26:43 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012.05.10 07:26:43 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012.05.10 07:26:43 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012.05.10 07:26:43 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012.05.10 07:26:37 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.05.10 07:26:37 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.05.10 07:26:36 | 002,044,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.05.01 08:05:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2012.05.01 08:05:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
 
========== Files - Modified Within 30 Days ==========
 
[2012.05.21 21:36:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.05.21 21:32:00 | 000,000,956 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-90521188-4158982503-1986053845-1003UA.job
[2012.05.21 21:23:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.05.21 21:16:10 | 000,000,474 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Seeigel.job
[2012.05.21 20:13:09 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.21 20:13:09 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.21 18:15:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.05.21 18:15:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-90521188-4158982503-1986053845-1003Core.job
[2012.05.21 18:12:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.05.18 19:19:59 | 000,000,198 | ---- | M] () -- C:\PSLOG
[2012.05.18 19:17:26 | 3218,116,608 | -HS- | M] () -- C:\hiberfil.sys
[2012.05.17 19:26:55 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.05.16 07:26:59 | 000,455,304 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.05.16 01:38:49 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.05.16 01:38:49 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.05.16 01:05:48 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.05.15 22:30:16 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.05.15 22:23:44 | 000,637,848 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll
[2012.05.15 22:23:44 | 000,567,696 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2012.05.15 22:23:44 | 000,224,136 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012.05.15 22:23:44 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012.05.15 22:23:44 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012.05.15 22:12:31 | 000,684,246 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.05.15 22:12:31 | 000,651,938 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.05.15 22:12:31 | 000,153,848 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.05.15 22:12:31 | 000,125,892 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.05.15 22:02:13 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.05.15 08:38:50 | 000,001,356 | ---- | M] () -- C:\Users\Seeigel\AppData\Local\d3d9caps.dat
[2012.05.14 20:01:42 | 000,720,888 | ---- | M] () -- C:\Users\Seeigel\Desktop\22+6.JPG
[2012.05.08 19:53:50 | 000,137,928 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012.05.08 19:53:50 | 000,083,392 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.05.08 07:38:16 | 000,713,851 | ---- | M] () -- C:\Users\Seeigel\Desktop\21+6b.JPG
[2012.05.08 07:38:05 | 000,675,804 | ---- | M] () -- C:\Users\Seeigel\Desktop\21+6a.JPG
 
========== Files Created - No Company Name ==========
 
[2012.05.17 19:26:55 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.05.16 07:26:37 | 000,455,304 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.05.16 01:38:50 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.05.15 22:30:16 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.05.15 22:30:16 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.05.15 19:09:18 | 3218,116,608 | -HS- | C] () -- C:\hiberfil.sys
[2012.05.14 20:01:42 | 000,720,888 | ---- | C] () -- C:\Users\Seeigel\Desktop\22+6.JPG
[2012.05.08 07:38:16 | 000,713,851 | ---- | C] () -- C:\Users\Seeigel\Desktop\21+6b.JPG
[2012.05.08 07:38:04 | 000,675,804 | ---- | C] () -- C:\Users\Seeigel\Desktop\21+6a.JPG
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 211 bytes -> C:\ProgramData\TEMP:D282699C

< End of report >
         
--- --- ---

[/code]

Alt 22.05.2012, 11:36   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein - Standard

Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein



Zitat:
Habe in der Zwischenzeit OTL durchgeführt
Leider etwas falsch

Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet
Code:
ATTFilter
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 22.05.2012, 19:17   #9
Seeigel
 
Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein - Standard

Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein



Danke für den Hinweis.

Hoffentlich habe ich diesmal alles richtig gemacht. Hier der OTL Log

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 2012.05.22. 18:41:12 - Run 2
OTL by OldTimer - Version 3.2.43.1     Folder = c:\Users\Seeigel\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000426 | Country: *** | Language: *** | Date Format: yyyy.MM.dd.
 
3,00 Gb Total Physical Memory | 1,11 Gb Available Physical Memory | 36,95% Memory free
6,20 Gb Paging File | 3,85 Gb Available in Paging File | 62,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 224,77 Gb Total Space | 147,39 Gb Free Space | 65,57% Space Free | Partition Type: NTFS
Drive D: | 3,72 Gb Total Space | 2,34 Gb Free Space | 62,95% Space Free | Partition Type: FAT32
 
Computer Name: SEEIGEL-PC | User Name: Seeigel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - c:\Users\Seeigel\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Programme\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Programme\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Windows\RTKAUDIOSERVICE.EXE (Realtek Semiconductor)
PRC - C:\Programme\Sony\Network Utility\NSUService.exe (Sony Corporation)
PRC - C:\Programme\Sony\Network Utility\LANUtil.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Update 4\VAIOUpdt.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Programme\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Programme\Tildes Birojs 2005\MDICTION.EXE (Sabiedrîba Tilde)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\75df548d77c2833a48c5da51424c93f1\System.IdentityModel.Selectors.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\32983e3f4c5c20053e6673f37a58a874\System.IdentityModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1619144e1a9eaca847e53b952b21820b\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\521fb04fdfbb0039a34cc91111d11804\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\1dac5ff29f483e19c77b23b00ba533f9\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\675632907c226b0c67a2407f2ddd4bf7\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ef684a2ee2f7276eec3973a0654d2bd4\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4d54640bacd18e047a4573cb4611bd3\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5d8696f15e49aedf883dd945806a7049\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll ()
MOD - C:\Programme\Google\Google Desktop Search\gzlib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3020.36958__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3020.36966__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3020.36925__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3020.36980__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3020.37156__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3020.37121__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3020.37076__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3020.36945__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3020.37184__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3020.37129__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3020.37190__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3020.37135__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3020.36939__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3020.37128__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3020.37085__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3020.36992__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3020.36947__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3020.37148__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3020.36985__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3020.37100__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3020.37084__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3020.36997__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3020.37100__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3020.37078__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3020.37114__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3020.36998__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3020.37077__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3020.37084__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3020.37114__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2965.22300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2939.23740__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.3020.37169_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3020.36952__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3020.37169__90ba9c70f846762e\CLI.Component.Systemtray.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3020.37176__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3020.37175__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3020.37200__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3020.37210__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3020.36917__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3020.36918__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3020.36932__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3020.37176__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3020.36918__90ba9c70f846762e\ATIDEMOS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3020.36916__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3020.36917__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\SPMCommon\3.1.0.6020__e3c7096ba83f9295\SPMCommon.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\SPMDam\3.1.0.6020__1b3c579b6925895f\SPMDam.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()
MOD - C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll ()
MOD - C:\Programme\Tildes Birojs 2005\ld1062.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Sony PC Companion) -- C:\Programme\Sony\Sony PC Companion\PCCService.exe (Avanquest Software)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (SQLWriter) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ) -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLBrowser) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper) -- C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (Microsoft Office Groove Audit Service) -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (VAIO Event Service) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (RtkAudioService) -- C:\Windows\RTKAUDIOSERVICE.EXE (Realtek Semiconductor)
SRV - (NSUService) -- C:\Programme\Sony\Network Utility\NSUService.exe (Sony Corporation)
SRV - (VCFw) -- C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Programme\Sony\VAIO Media plus\SOHDms.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Programme\Sony\VAIO Media plus\SOHCImp.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Programme\Sony\VAIO Media plus\SOHDs.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Programme\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (MSCSPTISRV) -- C:\Programme\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Programme\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (BcmSqlStartupSvc) -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
SRV - (IviRegMgr) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (UIUSys) -- system32\DRIVERS\UIUSYS.SYS File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (igfx) -- system32\DRIVERS\igdkmd32.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (WsAudio_DeviceS(1)) WsAudio_DeviceS(1) -- C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys (Wondershare)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation)
DRV - (risdptsk) -- C:\Windows\System32\drivers\risdptsk.sys (REDC)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (SFEP) -- C:\Windows\System32\drivers\SFEP.sys (Sony Corporation)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo)
DRV - (SE2Ebus) Sony Ericsson Device 046 Driver driver (WDM) -- C:\Windows\System32\drivers\SE2Ebus.sys (MCCI)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
IE - HKLM\..\SearchScopes,DefaultScope = {6C46687A-47DF-4C56-9E42-77258AB738EB}
IE - HKLM\..\SearchScopes\{6C46687A-47DF-4C56-9E42-77258AB738EB}: "URL" = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
IE - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\..\SearchScopes,DefaultScope = {6C46687A-47DF-4C56-9E42-77258AB738EB}
IE - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\..\SearchScopes\{6C46687A-47DF-4C56-9E42-77258AB738EB}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SNYK_de
IE - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://127.0.0.1:4664/search&s=OhbH8nbOWyo3efD8e39YurKqHS8?q={searchTerms}
IE - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Seeigel\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Seeigel\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
 
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Seeigel\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Web Player\npdivx32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Seeigel\AppData\Local\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Seeigel\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Seeigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Users\Seeigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google mekl\u0113\u0161ana = C:\Users\Seeigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Google mekl\u0113\u0161ana = C:\Users\Seeigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Seeigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
CHR - Extension: Gmail = C:\Users\Seeigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Programme\TechSmith\SnagIt 9\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Google BAE\BAE.dll (Your Company Name)
O2 - BHO: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programme\TechSmith\SnagIt 9\SnagItIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O3 - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CheckCU] C:\Programme\Tildes Birojs 2005\CheckCU.exe ()
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Programme\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation)
O4 - HKLM..\Run: [mdiction] C:\Programme\Tildes Birojs 2005\MDICTION.EXE (Sabiedrîba Tilde)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-90521188-4158982503-1986053845-1003..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation)
O4 - HKU\S-1-5-21-90521188-4158982503-1986053845-1003..\Run: [ScanSpyware] C:\Program Files\ScanSpyware v3.8.0.1\Scanner.exe (PC Security Center)
O4 - HKU\S-1-5-21-90521188-4158982503-1986053845-1003..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O7 - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Translate with Tilde Computer Dictionary - C:\Program Files\Tildes Birojs 2005\TDVLauncher.DLL ()
O8 - Extra context menu item: &Tulkot ar Tildes Datorvārdnīcu - C:\Program Files\Tildes Birojs 2005\TDVLauncher.DLL ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\..Trusted Domains: int.lan ([lv1msg02.am] https in Trusted sites)
O15 - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\..Trusted Domains: mfa.gov.lv ([pasts] https in Trusted sites)
O15 - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://www.geni.com/ImageUploader5.cab (Image Uploader Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0)
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} hxxp://ax.emsisoft.com/emsisoft_webscan.cab (Emsisoft Web Malware Scan)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1FF9E66F-9D0A-408E-8B29-31348A9B2ED0}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) -  File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\Seeigel\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Seeigel\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Autorun\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\Microsoft
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\Microsoft
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - C:\Windows\System32\Adobe
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: aux - wdmaud.drv (Microsoft Corporation)
Drivers32: midi - wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - midimap.dll (Microsoft Corporation)
Drivers32: mixer - wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32: MSVideo8 - VfWWDM32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - iccvid.dll (Radius Inc.)
Drivers32: VIDC.dvsd - C:\Programme\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation)
Drivers32: vidc.i420 - iyuv_32.dll (Microsoft Corporation)
Drivers32: VIDC.IYUV - iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YUY2 - msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVU9 - tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - msyuv.dll (Microsoft Corporation)
Drivers32: wave - wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - msacm32.drv (Microsoft Corporation)
 
CREATERESTOREPOINT
System Restore Service not available.
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.05.18 19:58:05 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.05.17 19:27:18 | 000,000,000 | ---D | C] -- C:\Users\Seeigel\AppData\Roaming\Malwarebytes
[2012.05.17 19:26:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.05.17 19:26:54 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.05.17 19:26:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.05.17 19:26:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.05.16 01:28:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012.05.16 01:27:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012.05.15 22:30:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012.05.15 22:26:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.05.15 22:23:40 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012.05.15 22:02:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.05.15 18:39:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe(18)
[2012.05.01 08:05:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2012.05.01 08:05:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
 
========== Files - Modified Within 30 Days ==========
 
[2012.05.22 18:36:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.05.22 18:32:04 | 000,000,956 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-90521188-4158982503-1986053845-1003UA.job
[2012.05.22 18:28:35 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.05.22 18:27:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.05.22 07:36:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.05.22 07:32:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-90521188-4158982503-1986053845-1003Core.job
[2012.05.22 07:21:33 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.22 07:21:29 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.21 21:16:10 | 000,000,474 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Seeigel.job
[2012.05.18 19:19:59 | 000,000,198 | ---- | M] () -- C:\PSLOG
[2012.05.18 19:17:26 | 3218,116,608 | -HS- | M] () -- C:\hiberfil.sys
[2012.05.17 19:26:55 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.05.16 07:26:59 | 000,455,304 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.05.16 01:05:48 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.05.15 22:30:16 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.05.15 22:12:31 | 000,684,246 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.05.15 22:12:31 | 000,651,938 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.05.15 22:12:31 | 000,153,848 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.05.15 22:12:31 | 000,125,892 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.05.15 22:02:13 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.05.15 08:38:50 | 000,001,356 | ---- | M] () -- C:\Users\Seeigel\AppData\Local\d3d9caps.dat
[2012.05.14 20:01:42 | 000,720,888 | ---- | M] () -- C:\Users\Seeigel\Desktop\22+6.JPG
[2012.05.08 19:53:50 | 000,137,928 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012.05.08 19:53:50 | 000,083,392 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.05.08 07:38:16 | 000,713,851 | ---- | M] () -- C:\Users\Seeigel\Desktop\21+6b.JPG
[2012.05.08 07:38:05 | 000,675,804 | ---- | M] () -- C:\Users\Seeigel\Desktop\21+6a.JPG
 
========== Files Created - No Company Name ==========
 
[2012.05.17 19:26:55 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.05.16 07:26:37 | 000,455,304 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.05.16 01:38:50 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.05.15 22:30:16 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.05.15 22:30:16 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.05.15 19:09:18 | 3218,116,608 | -HS- | C] () -- C:\hiberfil.sys
[2012.05.14 20:01:42 | 000,720,888 | ---- | C] () -- C:\Users\Seeigel\Desktop\22+6.JPG
[2012.05.08 07:38:16 | 000,713,851 | ---- | C] () -- C:\Users\Seeigel\Desktop\21+6b.JPG
[2012.05.08 07:38:04 | 000,675,804 | ---- | C] () -- C:\Users\Seeigel\Desktop\21+6a.JPG
 
========== LOP Check ==========
 
[2009.01.17 15:19:06 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\InterVideo
[2012.03.11 16:20:57 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Marine Aquarium 3
[2010.04.13 22:00:23 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Maxthon2
[2012.05.18 21:21:55 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\MxBoost
[2010.07.09 19:39:18 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Nokia
[2009.09.24 17:56:50 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\PC Suite
[2012.05.18 07:46:56 | 000,032,514 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.05.15 22:32:07 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Adobe
[2008.12.24 19:12:08 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\ArcSoft
[2008.08.12 05:13:41 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\ATI
[2011.10.19 23:41:31 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Avira
[2010.07.18 23:50:56 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\DivX
[2010.08.05 07:37:02 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\dvdcss
[2008.12.24 19:07:22 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Google
[2008.01.21 03:43:07 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Identities
[2008.08.12 04:27:41 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\InstallShield
[2009.01.17 15:19:06 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\InterVideo
[2008.08.12 04:45:51 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Macromedia
[2012.05.17 19:27:18 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Malwarebytes
[2012.03.11 16:20:57 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Marine Aquarium 3
[2010.04.13 22:00:23 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Maxthon2
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Media Center Programs
[2012.05.15 22:32:07 | 000,000,000 | --SD | M] -- C:\Users\Seeigel\AppData\Roaming\Microsoft
[2012.05.18 21:21:55 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\MxBoost
[2010.07.09 19:39:18 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Nokia
[2009.09.24 17:56:50 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\PC Suite
[2011.12.30 14:47:52 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Skype
[2011.12.30 14:01:25 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\skypePM
[2009.01.26 19:13:56 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\Sony Corporation
[2010.07.22 21:36:00 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\vlc
[2009.02.03 20:06:49 | 000,000,000 | ---D | M] -- C:\Users\Seeigel\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2010.04.01 06:45:32 | 003,761,560 | ---- | M] (Maxthon International ltd.) -- C:\Users\Seeigel\AppData\Roaming\Maxthon2\Maxthon.exe
[2009.06.30 04:22:00 | 000,078,136 | ---- | M] () -- C:\Users\Seeigel\AppData\Roaming\Maxthon2\maxupdate.exe
[2010.03.08 07:13:12 | 000,345,512 | ---- | M] (Maxthon International ltd.) -- C:\Users\Seeigel\AppData\Roaming\Maxthon2\Mx2UnInstall.exe
[2010.04.01 06:45:26 | 000,148,888 | ---- | M] (Maxthon International ltd.) -- C:\Users\Seeigel\AppData\Roaming\Maxthon2\MxCrashReport.exe
[2009.12.04 14:22:46 | 000,673,024 | ---- | M] (Maxthon International ltd.) -- C:\Users\Seeigel\AppData\Roaming\Maxthon2\Modules\MxDownloader\MxDownloadServer.exe
[2009.12.23 07:27:38 | 000,181,656 | ---- | M] (Maxthon International ltd.) -- C:\Users\Seeigel\AppData\Roaming\Maxthon2\Modules\MxUpdate\MxUp.exe
[2010.09.16 01:37:33 | 006,894,720 | ---- | M] (Maxthon International ltd.) -- C:\Users\Seeigel\AppData\Roaming\Maxthon2\Temp\MxSetup.exe
[2008.08.12 04:39:49 | 000,010,134 | R--- | M] () -- C:\Users\Seeigel\AppData\Roaming\Microsoft\Installer\{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}\ARPPRODUCTICON.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: IASTOR.SYS  >
[2008.04.22 02:20:41 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\Drivers\INF\SATA Driver (Intel) (Non-RAID)\IaStor.sys
[2008.04.22 02:20:41 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\drivers\iaStor.sys
[2008.04.22 02:20:41 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_77c04a30\iaStor.sys
[2008.04.22 02:20:41 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_054cd65f\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2008.07.09 02:05:14 | 000,372,736 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 211 bytes -> C:\ProgramData\TEMP:D282699C

< End of report >
         
--- --- ---

Alt 22.05.2012, 20:26   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein - Standard

Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein



Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!!

Code:
ATTFilter
:OTL
IE - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=OhbH8nbOWyo3efD8e39YurKqHS8?q={searchTerms}
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O3 - HKU\S-1-5-21-90521188-4158982503-1986053845-1003\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Autorun\Autorun.exe
@Alternate Data Stream - 211 bytes -> C:\ProgramData\TEMP:D282699C
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
         
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 22.05.2012, 21:36   #11
Seeigel
 
Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein - Standard

Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein



Schöne Sch****

Hab in der Zwischenzeit Avira Scanner laufen lassen und er hat 2 Funde entdeckt. Es handelt sich offenbar um EXP/CVE-2012-0507.AX

Lohnt es sich noch den OTL-Fix durchzuführen oder ist mein PC endgültig versifft?

Hier der Avira Log
Code:
ATTFilter
 Avira Free Antivirus
Erstellungsdatum der Reportdatei: Dienstag, 22. Mai 2012  19:40

Es wird nach 3727264 Virenstämmen gesucht.

Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : Avira AntiVir Personal - Free Antivirus
Seriennummer   : 0000149996-ADJIE-0000001
Plattform      : Windows Vista (TM) Home Premium
Windowsversion : (Service Pack 2)  [6.0.6002]
Boot Modus     : Normal gebootet
Benutzername   : SYSTEM
Computername   : SEEIGEL-PC

Versionsinformationen:
BUILD.DAT      : 12.0.0.1125    41829 Bytes  2012.05.02. 16:34:00
AVSCAN.EXE     : 12.3.0.15     466896 Bytes  2012.05.08. 17:53:49
AVSCAN.DLL     : 12.3.0.15      66256 Bytes  2012.05.08. 17:53:49
LUKE.DLL       : 12.3.0.15      68304 Bytes  2012.05.08. 17:53:49
AVSCPLR.DLL    : 12.3.0.14      97032 Bytes  2012.05.08. 17:53:50
AVREG.DLL      : 12.3.0.17     232200 Bytes  2012.05.11. 05:12:40
VBASE000.VDF   : 7.10.0.0    19875328 Bytes  2009.11.06. 18:18:34
VBASE001.VDF   : 7.11.0.0    13342208 Bytes  2010.12.14. 09:07:39
VBASE002.VDF   : 7.11.19.170 14374912 Bytes  2011.12.20. 08:24:30
VBASE003.VDF   : 7.11.21.238  4472832 Bytes  2012.02.01. 10:51:40
VBASE004.VDF   : 7.11.26.44   4329472 Bytes  2012.03.28. 17:57:32
VBASE005.VDF   : 7.11.29.136  2166272 Bytes  2012.05.10. 05:12:36
VBASE006.VDF   : 7.11.29.137     2048 Bytes  2012.05.10. 05:12:36
VBASE007.VDF   : 7.11.29.138     2048 Bytes  2012.05.10. 05:12:36
VBASE008.VDF   : 7.11.29.139     2048 Bytes  2012.05.10. 05:12:36
VBASE009.VDF   : 7.11.29.140     2048 Bytes  2012.05.10. 05:12:36
VBASE010.VDF   : 7.11.29.141     2048 Bytes  2012.05.10. 05:12:36
VBASE011.VDF   : 7.11.29.142     2048 Bytes  2012.05.10. 05:12:36
VBASE012.VDF   : 7.11.29.143     2048 Bytes  2012.05.10. 05:12:36
VBASE013.VDF   : 7.11.29.144     2048 Bytes  2012.05.10. 05:12:36
VBASE014.VDF   : 7.11.30.3     198144 Bytes  2012.05.14. 17:22:20
VBASE015.VDF   : 7.11.30.69    186368 Bytes  2012.05.17. 17:22:45
VBASE016.VDF   : 7.11.30.143   223744 Bytes  2012.05.21. 16:28:29
VBASE017.VDF   : 7.11.30.144     2048 Bytes  2012.05.21. 16:28:29
VBASE018.VDF   : 7.11.30.145     2048 Bytes  2012.05.21. 16:28:30
VBASE019.VDF   : 7.11.30.146     2048 Bytes  2012.05.21. 16:28:30
VBASE020.VDF   : 7.11.30.147     2048 Bytes  2012.05.21. 16:28:30
VBASE021.VDF   : 7.11.30.148     2048 Bytes  2012.05.21. 16:28:30
VBASE022.VDF   : 7.11.30.149     2048 Bytes  2012.05.21. 16:28:30
VBASE023.VDF   : 7.11.30.150     2048 Bytes  2012.05.21. 16:28:31
VBASE024.VDF   : 7.11.30.151     2048 Bytes  2012.05.21. 16:28:31
VBASE025.VDF   : 7.11.30.152     2048 Bytes  2012.05.21. 16:28:31
VBASE026.VDF   : 7.11.30.153     2048 Bytes  2012.05.21. 16:28:31
VBASE027.VDF   : 7.11.30.154     2048 Bytes  2012.05.21. 16:28:31
VBASE028.VDF   : 7.11.30.155     2048 Bytes  2012.05.21. 16:28:31
VBASE029.VDF   : 7.11.30.156     2048 Bytes  2012.05.21. 16:28:31
VBASE030.VDF   : 7.11.30.157     2048 Bytes  2012.05.21. 16:28:31
VBASE031.VDF   : 7.11.30.182    50688 Bytes  2012.05.22. 16:28:32
Engineversion  : 8.2.10.68 
AEVDF.DLL      : 8.1.2.2       106868 Bytes  2011.10.25. 17:50:06
AESCRIPT.DLL   : 8.1.4.19      455034 Bytes  2012.05.11. 05:12:40
AESCN.DLL      : 8.1.8.2       131444 Bytes  2012.01.27. 10:33:50
AESBX.DLL      : 8.2.5.5       606579 Bytes  2012.03.12. 17:38:05
AERDL.DLL      : 8.1.9.15      639348 Bytes  2011.09.08. 21:16:06
AEPACK.DLL     : 8.2.16.13     807287 Bytes  2012.05.11. 05:12:40
AEOFFICE.DLL   : 8.1.2.28      201082 Bytes  2012.04.30. 04:36:29
AEHEUR.DLL     : 8.1.4.28     4800886 Bytes  2012.05.16. 17:22:45
AEHELP.DLL     : 8.1.21.0      254326 Bytes  2012.05.11. 05:12:37
AEGEN.DLL      : 8.1.5.28      422260 Bytes  2012.04.30. 04:36:15
AEEXP.DLL      : 8.1.0.40       82292 Bytes  2012.05.16. 17:22:45
AEEMU.DLL      : 8.1.3.0       393589 Bytes  2011.09.01. 21:46:01
AECORE.DLL     : 8.1.25.6      201078 Bytes  2012.03.15. 18:08:08
AEBB.DLL       : 8.1.1.0        53618 Bytes  2011.09.01. 21:46:01
AVWINLL.DLL    : 12.3.0.15      27344 Bytes  2012.05.08. 17:53:48
AVPREF.DLL     : 12.3.0.15      51920 Bytes  2012.05.08. 17:53:49
AVREP.DLL      : 12.3.0.15     179208 Bytes  2012.05.08. 17:53:50
AVARKT.DLL     : 12.3.0.15     211408 Bytes  2012.05.08. 17:53:49
AVEVTLOG.DLL   : 12.3.0.15     169168 Bytes  2012.05.08. 17:53:49
SQLITE3.DLL    : 3.7.0.1       398288 Bytes  2012.05.08. 17:53:49
AVSMTP.DLL     : 12.3.0.15      63440 Bytes  2012.05.08. 17:53:49
NETNT.DLL      : 12.3.0.15      17104 Bytes  2012.05.08. 17:53:49
RCIMAGE.DLL    : 12.3.0.15    4447952 Bytes  2012.05.08. 17:53:48
RCTEXT.DLL     : 12.3.0.15      98512 Bytes  2012.05.08. 17:53:48

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\program files\avira\antivir desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: ignorieren
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, 
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: ein
Optimierter Suchlauf..................: ein
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Abweichende Gefahrenkategorien........: +APPL,+GAME,+JOKE,+PCK,+PFS,+SPR,

Beginn des Suchlaufs: Dienstag, 22. Mai 2012  19:40

Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
    [INFO]      Es wurde kein Virus gefunden!
Masterbootsektor HD1
    [INFO]      Es wurde kein Virus gefunden!
Masterbootsektor HD2
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf nach versteckten Objekten wird begonnen.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'UpdateTask.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'iexplore.exe' - '136' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashUtil32_11_2_202_235_ActiveX.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'iexplore.exe' - '144' Modul(e) wurden durchsucht
Durchsuche Prozess 'iexplore.exe' - '139' Modul(e) wurden durchsucht
Durchsuche Prozess 'iexplore.exe' - '137' Modul(e) wurden durchsucht
Durchsuche Prozess 'iexplore.exe' - '96' Modul(e) wurden durchsucht
Durchsuche Prozess 'NclRSSrv.exe' - '15' Modul(e) wurden durchsucht
Durchsuche Prozess 'NclUSBSrv.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'ServiceLayer.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'conime.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'CCC.exe' - '142' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '99' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleDesktop.exe' - '92' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnscfg.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleToolbarNotifier.exe' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'LANUtil.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamgui.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'Updater.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmdSync.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'NokiaMServer.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'MOM.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'MDICTION.EXE' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'GrooveMonitor.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'MarketingTools.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleDesktop.exe' - '96' Modul(e) wurden durchsucht
Durchsuche Prozess 'ISBMgr.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynTPEnh.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'MSASCui.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamservice.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCSW.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'AVWEBGRD.EXE' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'SPMgr.exe' - '88' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'VAIOUpdt.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'xaudio.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'VESMgrSub.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'VzCdbSvc.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCFw.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'SPMService.exe' - '94' Modul(e) wurden durchsucht
Durchsuche Prozess 'VESMgr.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'sqlwriter.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'sqlbrowser.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'RegSrvc.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'NSUService.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'iviRegMgr.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'EvtEng.exe' - '85' Modul(e) wurden durchsucht
Durchsuche Prozess 'BcmSqlStartupSvc.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '90' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLANExt.exe' - '87' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '100' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '173' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'Ati2evxx.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'RtkAudioService.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '86' Modul(e) wurden durchsucht
Durchsuche Prozess 'SLsvc.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '157' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '116' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'Ati2evxx.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht

Untersuchung der Systemdateien wird begonnen:
Signiert -> 'C:\Windows\system32\svchost.exe'
Signiert -> 'C:\Windows\system32\winlogon.exe'
Signiert -> 'C:\Windows\explorer.exe'
Signiert -> 'C:\Windows\system32\smss.exe'
Signiert -> 'C:\Windows\system32\wininet.DLL'
Signiert -> 'C:\Windows\system32\wsock32.DLL'
Signiert -> 'C:\Windows\system32\ws2_32.DLL'
Signiert -> 'C:\Windows\system32\services.exe'
Signiert -> 'C:\Windows\system32\lsass.exe'
Signiert -> 'C:\Windows\system32\csrss.exe'
Signiert -> 'C:\Windows\system32\drivers\kbdclass.sys'
Signiert -> 'C:\Windows\system32\spoolsv.exe'
Signiert -> 'C:\Windows\system32\alg.exe'
Signiert -> 'C:\Windows\system32\wuauclt.exe'
Signiert -> 'C:\Windows\system32\advapi32.DLL'
Signiert -> 'C:\Windows\system32\user32.DLL'
Signiert -> 'C:\Windows\system32\gdi32.DLL'
Signiert -> 'C:\Windows\system32\kernel32.DLL'
Signiert -> 'C:\Windows\system32\ntdll.DLL'
Signiert -> 'C:\Windows\system32\ntoskrnl.exe'
Signiert -> 'C:\Windows\system32\ctfmon.exe'
Die Systemdateien wurden durchsucht ('21' Dateien)

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '2527' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\'
C:\Program Files\WinRAR\rarnew.dat
  [WARNUNG]   Das Archiv ist unbekannt oder defekt
C:\Users\Seeigel\avira_free_antivirus_de.exe
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\05F33C45E3ED18A07929732FF2459B82.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\0AD63133711A935712128033F590C544.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\13A8A2ACCDC05B4F8ACAFE78086668A3.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\157EBB867B9034EA4BA2231A8F491539.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\19B969A67E6385D141621CD3BC8A480B.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\36783810FB379E099576519E80001E07.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\369679B3CE6BFAD5FB3E9296CBBE7115.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\371A74F2049D3607DA195F2E2E0115AE.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\3A457BAA50B205A2B29E5540C24A743E.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\43D48D11D3BBFC6949D2E6119E1956A0.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\45D16E1F1CC84CC3DCD7BD04AA15474F.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\486734D32D4E5ED3F53358DAFB648AC4.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\52C0C192E52345519B764B47C2C4DA51.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\56112427BE2D17EFC1DA4979ECA26D28.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\599EA219442D485FFA0121CA351813E4.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\5A9DBDC40B357F1C0E3EE16AD39B2A8F.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\5EC643B694FA7419EADD270839CC29F4.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\63191EF3119A8B5CFDB3CB5DEDC953CE.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\632AD0874E720DBCBBE497222EA4627F.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\667FF57840634106C370D33163742EAE.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\6839BEDDBC90389E3712B5D144771B38.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\6A9D6D6C3C5A7D99502D91B8581034C1.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\6F4357C63FC5EB01892A045AC5A1A58D.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\704039EB62CD8A8C5B3CD0E7D50EA640.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\72540D7EE1AEB2B4DCABB8BE86ADC898.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\7680BBE5596B8E9F2E77A0592CA20BC2.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\81D50DE056EFFF54D9B813318E02CC6D.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\81F524DD991F7AB5CE9030206E141D43.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\95A6FB92D539D19817B08763D5A815C3.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\9960E8F4DAC170AB1C3FB708FADED47F.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\9F9767B76CDC78256C8AE04D0A1EFF60.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\A633A3189DFA85A82FE343BA86A7BCA1.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\A7FE6B222D9BD5B81571658B0F6CE53F.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\A901889E408C1A06E386DC27946F2134.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\B3FF7BEE61C8D87C3A8BEFFA87A443DB.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\B7AE27BFB1AC098CD044ACFFDB78B39B.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\B99F07053D57B973A92C49BF3CD9E148.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\BF153F7DE4D05CB9419870D10C04D964.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\C38C1B669BB15D030D6D0FD7BEA496EA.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\C9AF9E1886D4D0FD166F69FD37E793CD.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\D32E2395DF947026E38AF9479B9C19B8.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\DA7B3859183F1F45308D5E0AF2AC3920.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\E3ED64A2D30848E43E06C87B1B53E0FD.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\E984FEEC4B3DEF2EAF3CA0B783C51FF4.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\F2190DE1D9927A0BA6842CAB9C0A3DA1.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\F7EA9B053267800B01F51B2E96527DFB.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2443RD36\FAF1FBDF744F8C1349FE5B24B75E5820.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\08DC925D65D37A1E5E720513BFB5F2B1.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\0B32406C4EC31D4FE754EE05F9A0E5D1.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\0BBBF39F12908A92FE986E7970A5E6B1.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\15F391575141D2493465DF7136A9E8EE.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\16608724B61CA30DF037CB9CA6F9E46A.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\1B035350D2954904D20A35C665E2AA6D.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\24425CC3A1E644576F687DEC5CF680D4.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\2EDCF5791FA136F0105A9DB6C61750DF.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\3619E98DF666C73B3AA5E4CB2160F427.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\3F2C6437DACB7DC23FF3E8781126D95C.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\41652B55D5193D8F013F51323FE0B00B.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\4BDA9B1D055BB53BA7C4455376A38285.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\4E92DCCC4EDDD4F9DD71DF7C95077D7A.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\5A384048C699CB588B5C9FA7F49A9408.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\5A6CCCF57E166563F5005E0FABD591DC.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\5CAF1ED9DC311777E1E9595E9A5908A6.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\7A9634AC7D2DBA7B40AEC636A13FEE23.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\7E5E15DF164A94B951170A4B4CD604F1.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\80F8183A5BE37D391959B203D0DE8ECF.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\816D261E5B496D2A287DB0164D1EE9F3.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\823846F4129CF95DE98CD7CCC5186F63.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\83B82B58179BE12EE1B2D481BADDCDC9.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\85163600F3D414235A608898F05930B6.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\86D319BB9068F4615B8E34069C31641A.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\8858E7CB91CD5BE8B5790056478D0485.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\8BE6E2038B92957B595464B0845C4E4F.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\8C0D339A2A7B530E1A51C7851F4389CD.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\99C0ACCBEFE07338B147777B194DE87B.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\99ED84B5AC254D59891600144E36BA88.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\9A3631E84ED683D28982626A97009E99.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\A1AAEEAAFF8C3741B0AA619DD8124CCA.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\ABB943EA98BB6EFCD95D1876272D05FE.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\BA2DC8FE60FB6FC46446C14704D11202.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\CC2DD26DD56024673BEA7146C3F0EC8A.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\CC969CAF124CB80845468755C95FA463.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\CF966079B2B181C40A6B310E781AFDF2.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\D1E03B67B0074042F43B7DB7573EBA5E.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\D38C83195C5C3CE3A0F40B363FA434C0.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\D3C57E6BF2A07BF4AFAB23209D68E070.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\D6056AB98165F64B077DD7FC6C0E0D9E.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\E4D97F48D79F81EE9060C950FEE5FB4A.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\EC032D639919EC7B5136A6CCB2E7DDCF.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\F08232CAC76C15906EA099B0F97065BD.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\F0E772764F3B3BDDFFD5BB34FBF2E8FE.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\F478CF8F7BE66515178046DE1EE3B735.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\F5CA30B4DF8909C71A736DF93189E659.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\84T6AYO6\F9A25C38EB2E67A2C5A27E53250038BC.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\02A771C81BFCFE96FCD64EF456E57B87.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\0E65442A8B2543F14C039A7F6211CFA2.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\0E89413B24362059681230E46A31638F.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\12DE6FB70F7D6DE1D0C61AC16E0E0F1B.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\22BD46E6B80785D57C910BA74C501BE8.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\22E2CCD748C9D738BD33B01DCC1A409A.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\2D8C4378B055692FC45C2F7A324D8796.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\2E48E1381B5034968469F80ABF59A673.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\338D233ED35F5DFFD29F82C4B3FC66EC.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\34DAE2C6561049DC60EB8C30E37AAB9E.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\3594BACE2FF1B5B77572700A14C5A12E.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\3A3DD2616A5EF1F1CF32F6AA4342AD18.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\3F29B5E30BAAA30E01475C6FA0BCB4D1.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\41326415CB23D6108C79FAA8084EAB2F.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\4C797D04125DCFC7057FB3C20032D89D.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\52376A71BED8CA2B4173C7B8A6F644A3.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\5392D58AB99648299F6E4267E3DF39D3.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\556E85AAC48591DDA6CC21C59D25DF14.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\6D26E9262442A8C2E0200ED752BD03BF.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\6F096D9307C2C171F90BB81074DA4412.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\6F0C0C691CFDD2053A7DBDCF725F4064.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\74F278D84B80049BF685464757CDA786.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\75600C381324A459B8C591094724228E.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\782689F241225C30734C8786BD860923.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\7C7227FA4CB4CD1CB09DE9DC2334FC51.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\7F4A6EF3E34F89302F4E93A3B41D75B6.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\866FB36720BE3A0FD1989ED2D146E644.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\8C17EA6D4CD7787177C416D4ABF5D930.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\98ED91BD502B86CCE32D2FDD1F8DEB76.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\99AD5B5A1FFA9DD4543E9669C538FFFA.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\9B122978030FEB48F471C5CAE29DF2A5.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\A08A90E7CB20C12AB13885A150323337.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\AE80B3CDBA8B4C671A8D88C41BA04307.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\B152E529DE6D00499321C928ACE5BEAB.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\BECAC13A878A67EED4E0FDD51BE91937.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\C069AAE701EC592F36F92338D20AAAAA.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\CA645B75CFBC89FAF3531C40EC4619BD.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\CF722E44C3888EDAA55BF2FECABE514C.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\DAB1782B31E783149F6836ED3E08EC41.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\E370078990470651F62077ADDC41BC08.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\E463207BC1808F240BF4C7D1DE8E0D32.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\E662D549052480B12239BBFF5A435316.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\E785E81FA3EDE8669CA7FC719606D08C.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\E7F94E51F4110A36FCC77CF060E21F06.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\E8EF8DC3215D403A8471C1A53146A15F.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G9O54R08\ECD316FA28FE9A8087DCE972CCF51089.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\0467984D893A9A7BAE5CFFC380036ACC.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\0F356F2590139C5C51DA5F793514C522.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\10F73B1E5DA7CBFDFD9A1901409C353F.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\1957B8D1E29A8756930B78EF3F9418D4.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\20E5FE7F27BF46E071E7781BE845060D.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\2CF9A154EC58860F10CA2EA14E414C0C.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\403DC754BE42CA371629D4BB14EC5C64.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\417D55C734D63A87B67564237A1A83A7.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\42E05DA9CBEE72B8B06D79E5B9CBB358.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\46BDB65F08EAD8C01ED345FAD2C9F3D0.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\4A9F834EEBE33F53CDEB65195C66EEB3.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\50209A97843156DF97B0F18A0174367A.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\53D1D501BC8C9F5EFDD6D98A3948CDC4.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\575E304AB4E3257FA15F7F3D20C00EC0.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\5B9FF09C9025BDF8A9BEE2693A0B36A8.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\5E2339F557AB7A2D9F224A48A4B16E80.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\67E285F87E9E78AA8B5C6DF7AFF297BA.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\6BF1A606FA0FE940F3FF479E90091BF7.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\70BC7560BF3664EFC5246781481A53EF.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\731485191A4C7257A5007BA8F9AEB0D0.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\7778FE66042837F268B6EF0C7B0F9CF8.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\7B197E35B4995B0F0098A69861BD7974.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\7D5BACF9657DFB161533C53D50E3D306.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\81A208C04923ACAF6EBCDAEB0ED0AEC8.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\8FE69A3536C4D39DF67F1946367C0DEB.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\917E45338A68E3F6C82F3634B4FF7395.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\92A4134F1F3AF1DBD3858A6AD551E48C.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\94852BBF2CE4790A4BCC6DEA3F0EDB4A.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\9D7C844792AA395AEA3BE58AC21390B3.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\9F03B6FD6B2CA0B040C0E7901B60E04D.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\AE42C94CBB138B7E6A63D0ADE8A90128.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\C1FC34FD390C64B129EA4666C20C2E87.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\C69703C7920E0C812CB38C8CC3981BB7.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\C74C7FAC3E717CAA9EC8756796D2DE0D.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\CEC4B0C245FB77773B06EF46CE9AFCC2.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\CF2D95FC2897590B3030D6CD6CC48C2C.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\D129FA510C66B0A19FB92B0D7690B5CA.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\D2D74259944E9F7028B7600D9B32FFDA.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\D70B2C591EF34010C9D2AEC19EFB087E.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\D892328D4D434424E2F8A656007C89C5.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\DAB1AD7F05759259BCD6DC9FDB114CBF.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\E26075C861A2508267835DB7B020D9E3.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\E72EB2A787FE0B5822298A014B1F9F6E.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\E8E574B4369AA79C57E4F33AB15065D1.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\E988AFBCA45E20067F18CCCD92458C71.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIZ6BUH1\FAD8C9F7FEAE0B88C9F7779D6BBA2DF2.zip[1].dat
  [WARNUNG]   Die Datei ist kennwortgeschützt
C:\Users\Seeigel\AppData\Local\Temp\jar_cache643409545496383150.tmp
  [0] Archivtyp: ZIP
  [HINWEIS]   Eine Sicherungskopie wurde unter dem Namen 56337d24.qua erstellt ( QUARANTÄNE )
  --> expl3it/hpss.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/CVE-2012-0507.AX
C:\Users\Seeigel\AppData\Local\Temp\jar_cache7808269618175213824.tmp
  [0] Archivtyp: ZIP
  [HINWEIS]   Eine Sicherungskopie wurde unter dem Namen 4ea45283.qua erstellt ( QUARANTÄNE )
  --> expl3it/hpss.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/CVE-2012-0507.AX
C:\Users\Seeigel\Downloads\avira_free_antivirus_de.exe
  [WARNUNG]   Die Datei ist kennwortgeschützt


Ende des Suchlaufs: Dienstag, 22. Mai 2012  21:25
Benötigte Zeit:  1:44:24 Stunde(n)

Der Suchlauf wurde vollständig durchgeführt.

  25988 Verzeichnisse wurden überprüft
 605729 Dateien wurden geprüft
      2 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      2 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
 605727 Dateien ohne Befall
   3328 Archive wurden durchsucht
    189 Warnungen
      2 Hinweise
 657205 Objekte wurden beim Rootkitscan durchsucht
      0 Versteckte Objekte wurden gefunden
         

Alt 22.05.2012, 21:40   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein - Standard

Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein



mach bitte den OTL-Fix
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 22.05.2012, 22:08   #13
Seeigel
 
Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein - Standard

Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein



Danke für die rasche Antwort.

Alles erledigt. Hier der Log:

Code:
ATTFilter
 All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-90521188-4158982503-1986053845-1003\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Programme\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-90521188-4158982503-1986053845-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3}\ not found.
Registry value HKEY_USERS\S-1-5-21-90521188-4158982503-1986053845-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully.
C:\Programme\Ask.com\Updater\Updater.exe moved successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ deleted successfully.
File G:\Autorun\Autorun.exe not found.
ADS C:\ProgramData\TEMP:D282699C deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 16384 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 198 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Seeigel
->Temp folder emptied: 140975788 bytes
->Temporary Internet Files folder emptied: 259555948 bytes
->Java cache emptied: 85189317 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 13616 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1676334 bytes
RecycleBin emptied: 70996 bytes
 
Total Files Cleaned = 465,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
->Flash cache emptied: 0 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: Seeigel
->Flash cache emptied: 0 bytes
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.43.1 log created on 05222012_215829

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
         

Alt 22.05.2012, 22:36   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein - Standard

Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein



Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 23.05.2012, 07:23   #15
Seeigel
 
Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein - Standard

Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein



Morgen!

Erledigt. Und bei "verdächtigen" Skip geklickt. Hier der Log:

Code:
ATTFilter
 07:10:46.0052 4676	TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
07:10:47.0062 4676	============================================================
07:10:47.0062 4676	Current date / time: 2012/05/23 07:10:47.0062
07:10:47.0062 4676	SystemInfo:
07:10:47.0062 4676	
07:10:47.0063 4676	OS Version: 6.0.6002 ServicePack: 2.0
07:10:47.0063 4676	Product type: Workstation
07:10:47.0063 4676	ComputerName: SEEIGEL-PC
07:10:47.0063 4676	UserName: Seeigel
07:10:47.0063 4676	Windows directory: C:\Windows
07:10:47.0063 4676	System windows directory: C:\Windows
07:10:47.0064 4676	Processor architecture: Intel x86
07:10:47.0064 4676	Number of processors: 2
07:10:47.0064 4676	Page size: 0x1000
07:10:47.0064 4676	Boot type: Normal boot
07:10:47.0064 4676	============================================================
07:10:47.0702 4676	Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
07:10:47.0717 4676	Drive \Device\Harddisk1\DR1 - Size: 0xEE200000 (3.72 Gb), SectorSize: 0x200, Cylinders: 0x1E3CF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x1, Type 'W'
07:10:47.0719 4676	============================================================
07:10:47.0719 4676	\Device\Harddisk0\DR0:
07:10:47.0719 4676	MBR partitions:
07:10:47.0719 4676	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1038800, BlocksNum 0x1C18C970
07:10:47.0719 4676	\Device\Harddisk1\DR1:
07:10:47.0720 4676	MBR partitions:
07:10:47.0720 4676	\Device\Harddisk1\DR1\Partition0: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x771000
07:10:47.0720 4676	============================================================
07:10:47.0753 4676	C: <-> \Device\Harddisk0\DR0\Partition0
07:10:47.0754 4676	============================================================
07:10:47.0754 4676	Initialize success
07:10:47.0754 4676	============================================================
07:11:27.0166 4652	============================================================
07:11:27.0167 4652	Scan started
07:11:27.0167 4652	Mode: Manual; SigCheck; TDLFS; 
07:11:27.0167 4652	============================================================
07:11:27.0858 4652	ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
07:11:28.0124 4652	ACPI - ok
07:11:28.0338 4652	AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
07:11:28.0369 4652	AdobeARMservice - ok
07:11:28.0491 4652	AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
07:11:28.0526 4652	AdobeFlashPlayerUpdateSvc - ok
07:11:28.0624 4652	adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
07:11:28.0679 4652	adp94xx - ok
07:11:28.0721 4652	adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
07:11:28.0762 4652	adpahci - ok
07:11:28.0787 4652	adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
07:11:28.0823 4652	adpu160m - ok
07:11:28.0860 4652	adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
07:11:28.0901 4652	adpu320 - ok
07:11:28.0973 4652	AeLookupSvc     (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
07:11:29.0087 4652	AeLookupSvc - ok
07:11:29.0174 4652	AFD             (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
07:11:29.0251 4652	AFD - ok
07:11:29.0321 4652	agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
07:11:29.0353 4652	agp440 - ok
07:11:29.0426 4652	aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
07:11:29.0464 4652	aic78xx - ok
07:11:29.0491 4652	ALG             (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
07:11:29.0674 4652	ALG - ok
07:11:29.0751 4652	aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
07:11:29.0782 4652	aliide - ok
07:11:29.0855 4652	amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
07:11:29.0886 4652	amdagp - ok
07:11:29.0925 4652	amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
07:11:29.0956 4652	amdide - ok
07:11:30.0024 4652	AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
07:11:30.0110 4652	AmdK7 - ok
07:11:30.0136 4652	AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
07:11:30.0246 4652	AmdK8 - ok
07:11:30.0407 4652	AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files\Avira\AntiVir Desktop\sched.exe
07:11:30.0463 4652	AntiVirSchedulerService - ok
07:11:30.0531 4652	AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
07:11:30.0543 4652	AntiVirService - ok
07:11:30.0589 4652	AntiVirWebService (676894fa57b671fec5c3f05f8929e03b) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
07:11:30.0618 4652	AntiVirWebService - ok
07:11:30.0696 4652	Appinfo         (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
07:11:30.0743 4652	Appinfo - ok
07:11:30.0780 4652	arc             (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
07:11:30.0813 4652	arc - ok
07:11:30.0879 4652	arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
07:11:30.0921 4652	arcsas - ok
07:11:30.0972 4652	AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
07:11:31.0053 4652	AsyncMac - ok
07:11:31.0130 4652	atapi           (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
07:11:31.0162 4652	atapi - ok
07:11:31.0284 4652	athr            (600efe56f37adbd65a0fb076b50d1b8d) C:\Windows\system32\DRIVERS\athr.sys
07:11:31.0371 4652	athr - ok
07:11:31.0468 4652	Ati External Event Utility (3c105ae4cc005ab67907add9dff2e192) C:\Windows\system32\Ati2evxx.exe
07:11:31.0587 4652	Ati External Event Utility - ok
07:11:31.0925 4652	atikmdag        (a4e212f45b2457b39d59d4972a67af47) C:\Windows\system32\DRIVERS\atikmdag.sys
07:11:32.0207 4652	atikmdag - ok
07:11:32.0377 4652	AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
07:11:32.0454 4652	AudioEndpointBuilder - ok
07:11:32.0473 4652	Audiosrv        (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
07:11:32.0533 4652	Audiosrv - ok
07:11:32.0652 4652	avgntflt        (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
07:11:32.0723 4652	avgntflt - ok
07:11:32.0782 4652	avipbb          (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
07:11:32.0813 4652	avipbb - ok
07:11:32.0854 4652	avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
07:11:32.0881 4652	avkmgr - ok
07:11:33.0017 4652	BcmSqlStartupSvc (6163664c7e9cd110af70180c126c3fdc) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
07:11:33.0046 4652	BcmSqlStartupSvc - ok
07:11:33.0123 4652	Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
07:11:33.0197 4652	Beep - ok
07:11:33.0284 4652	BFE             (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
07:11:33.0404 4652	BFE - ok
07:11:33.0586 4652	BITS            (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
07:11:33.0703 4652	BITS - ok
07:11:33.0726 4652	blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
07:11:33.0816 4652	blbdrive - ok
07:11:33.0849 4652	bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
07:11:33.0931 4652	bowser - ok
07:11:34.0009 4652	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
07:11:34.0072 4652	BrFiltLo - ok
07:11:34.0102 4652	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
07:11:34.0163 4652	BrFiltUp - ok
07:11:34.0193 4652	Browser         (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
07:11:34.0279 4652	Browser - ok
07:11:34.0337 4652	Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
07:11:34.0592 4652	Brserid - ok
07:11:34.0674 4652	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
07:11:34.0809 4652	BrSerWdm - ok
07:11:34.0832 4652	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
07:11:34.0996 4652	BrUsbMdm - ok
07:11:35.0046 4652	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
07:11:35.0170 4652	BrUsbSer - ok
07:11:35.0230 4652	BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
07:11:35.0373 4652	BTHMODEM - ok
07:11:35.0459 4652	cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
07:11:35.0541 4652	cdfs - ok
07:11:35.0610 4652	cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
07:11:35.0689 4652	cdrom - ok
07:11:35.0786 4652	CertPropSvc     (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
07:11:35.0876 4652	CertPropSvc - ok
07:11:35.0928 4652	circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
07:11:35.0994 4652	circlass - ok
07:11:36.0054 4652	CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
07:11:36.0102 4652	CLFS - ok
07:11:36.0239 4652	clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:11:36.0272 4652	clr_optimization_v2.0.50727_32 - ok
07:11:36.0518 4652	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:11:36.0555 4652	clr_optimization_v4.0.30319_32 - ok
07:11:36.0636 4652	CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
07:11:36.0717 4652	CmBatt - ok
07:11:36.0750 4652	cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
07:11:36.0781 4652	cmdide - ok
07:11:36.0819 4652	Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
07:11:36.0850 4652	Compbatt - ok
07:11:36.0858 4652	COMSysApp - ok
07:11:36.0909 4652	crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
07:11:36.0940 4652	crcdisk - ok
07:11:36.0982 4652	Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
07:11:37.0081 4652	Crusoe - ok
07:11:37.0196 4652	CryptSvc        (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
07:11:37.0262 4652	CryptSvc - ok
07:11:37.0369 4652	DcomLaunch      (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
07:11:37.0470 4652	DcomLaunch - ok
07:11:37.0520 4652	DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
07:11:37.0592 4652	DfsC - ok
07:11:37.0950 4652	DFSR            (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
07:11:38.0354 4652	DFSR - ok
07:11:38.0537 4652	Dhcp            (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
07:11:38.0684 4652	Dhcp - ok
07:11:38.0849 4652	disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
07:11:38.0883 4652	disk - ok
07:11:38.0940 4652	DMICall         (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys
07:11:38.0964 4652	DMICall - ok
07:11:39.0028 4652	Dnscache        (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
07:11:39.0100 4652	Dnscache - ok
07:11:39.0148 4652	dot3svc         (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
07:11:39.0223 4652	dot3svc - ok
07:11:39.0291 4652	DPS             (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
07:11:39.0379 4652	DPS - ok
07:11:39.0437 4652	drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
07:11:39.0557 4652	drmkaud - ok
07:11:39.0647 4652	DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
07:11:39.0716 4652	DXGKrnl - ok
07:11:39.0828 4652	E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
07:11:39.0935 4652	E1G60 - ok
07:11:40.0015 4652	EapHost         (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
07:11:40.0082 4652	EapHost - ok
07:11:40.0189 4652	Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
07:11:40.0229 4652	Ecache - ok
07:11:40.0315 4652	ehRecvr         (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
07:11:40.0352 4652	ehRecvr - ok
07:11:40.0377 4652	ehSched         (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
07:11:40.0419 4652	ehSched - ok
07:11:40.0439 4652	ehstart         (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
07:11:40.0484 4652	ehstart - ok
07:11:40.0561 4652	elxstor         (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
07:11:40.0657 4652	elxstor - ok
07:11:40.0763 4652	EMDMgmt         (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
07:11:40.0893 4652	EMDMgmt - ok
07:11:40.0958 4652	ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
07:11:41.0048 4652	ErrDev - ok
07:11:41.0157 4652	EventSystem     (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
07:11:41.0202 4652	EventSystem - ok
07:11:41.0428 4652	EvtEng          (306ac856622864c761cbdb5e816bb9d8) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
07:11:41.0508 4652	EvtEng ( UnsignedFile.Multi.Generic ) - warning
07:11:41.0508 4652	EvtEng - detected UnsignedFile.Multi.Generic (1)
07:11:41.0606 4652	exfat           (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
07:11:41.0684 4652	exfat - ok
07:11:41.0724 4652	fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
07:11:41.0790 4652	fastfat - ok
07:11:41.0858 4652	fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
07:11:41.0924 4652	fdc - ok
07:11:41.0996 4652	fdPHost         (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
07:11:42.0066 4652	fdPHost - ok
07:11:42.0138 4652	FDResPub        (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
07:11:42.0243 4652	FDResPub - ok
07:11:42.0318 4652	FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
07:11:42.0333 4652	FileInfo - ok
07:11:42.0374 4652	Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
07:11:42.0468 4652	Filetrace - ok
07:11:42.0526 4652	flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
07:11:42.0612 4652	flpydisk - ok
07:11:42.0664 4652	FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
07:11:42.0705 4652	FltMgr - ok
07:11:42.0846 4652	FontCache       (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
07:11:42.0914 4652	FontCache - ok
07:11:43.0070 4652	FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
07:11:43.0100 4652	FontCache3.0.0.0 - ok
07:11:43.0136 4652	Fs_Rec          (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
07:11:43.0189 4652	Fs_Rec - ok
07:11:43.0245 4652	gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
07:11:43.0280 4652	gagp30kx - ok
07:11:43.0354 4652	ggflt           (007aea2e06e7cef7372e40c277163959) C:\Windows\system32\DRIVERS\ggflt.sys
07:11:43.0379 4652	ggflt - ok
07:11:43.0397 4652	ggsemc          (c73de35960ca75c5ab4ae636b127c64e) C:\Windows\system32\DRIVERS\ggsemc.sys
07:11:43.0420 4652	ggsemc - ok
07:11:43.0584 4652	GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
07:11:43.0608 4652	GoogleDesktopManager-051210-111108 - ok
07:11:43.0711 4652	gpsvc           (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
07:11:43.0823 4652	gpsvc - ok
07:11:43.0910 4652	gupdate         (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
07:11:43.0920 4652	gupdate - ok
07:11:43.0924 4652	gupdatem        (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
07:11:43.0942 4652	gupdatem - ok
07:11:44.0015 4652	gusvc           (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
07:11:44.0034 4652	gusvc - ok
07:11:44.0148 4652	HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
07:11:44.0299 4652	HdAudAddService - ok
07:11:44.0425 4652	HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
07:11:44.0534 4652	HDAudBus - ok
07:11:44.0555 4652	HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
07:11:44.0668 4652	HidBth - ok
07:11:44.0706 4652	HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
07:11:44.0833 4652	HidIr - ok
07:11:44.0897 4652	hidserv         (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
07:11:44.0985 4652	hidserv - ok
07:11:45.0037 4652	HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
07:11:45.0098 4652	HidUsb - ok
07:11:45.0164 4652	hkmsvc          (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
07:11:45.0250 4652	hkmsvc - ok
07:11:45.0322 4652	HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
07:11:45.0354 4652	HpCISSs - ok
07:11:45.0468 4652	HSFHWAZL        (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
07:11:45.0574 4652	HSFHWAZL - ok
07:11:45.0655 4652	HSF_DPV         (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys
07:11:45.0880 4652	HSF_DPV - ok
07:11:45.0973 4652	HSXHWAZL        (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
07:11:46.0043 4652	HSXHWAZL - ok
07:11:46.0136 4652	HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
07:11:46.0233 4652	HTTP - ok
07:11:46.0285 4652	i2omp           (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
07:11:46.0323 4652	i2omp - ok
07:11:46.0392 4652	i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
07:11:46.0478 4652	i8042prt - ok
07:11:46.0570 4652	iaStor          (db0cc620b27a928d968c1a1e9cd9cb87) C:\Windows\system32\DRIVERS\iaStor.sys
07:11:46.0605 4652	iaStor - ok
07:11:46.0661 4652	iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
07:11:46.0700 4652	iaStorV - ok
07:11:46.0856 4652	IDriverT        (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
07:11:46.0902 4652	IDriverT ( UnsignedFile.Multi.Generic ) - warning
07:11:46.0902 4652	IDriverT - detected UnsignedFile.Multi.Generic (1)
07:11:47.0147 4652	idsvc           (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
07:11:47.0215 4652	idsvc - ok
07:11:47.0224 4652	igfx - ok
07:11:47.0254 4652	iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
07:11:47.0286 4652	iirsp - ok
07:11:47.0357 4652	IKEEXT          (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
07:11:47.0447 4652	IKEEXT - ok
07:11:47.0699 4652	IntcAzAudAddService (4a0f260df9a5333c07f4ab40ca9d4f4b) C:\Windows\system32\drivers\RTKVHDA.sys
07:11:47.0844 4652	IntcAzAudAddService - ok
07:11:48.0108 4652	intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
07:11:48.0139 4652	intelide - ok
07:11:48.0202 4652	intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
07:11:48.0255 4652	intelppm - ok
07:11:48.0290 4652	IPBusEnum       (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
07:11:48.0364 4652	IPBusEnum - ok
07:11:48.0391 4652	IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:11:48.0441 4652	IpFilterDriver - ok
07:11:48.0472 4652	iphlpsvc        (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
07:11:48.0557 4652	iphlpsvc - ok
07:11:48.0565 4652	IpInIp - ok
07:11:48.0631 4652	IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
07:11:48.0730 4652	IPMIDRV - ok
07:11:48.0775 4652	IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
07:11:48.0846 4652	IPNAT - ok
07:11:48.0892 4652	IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
07:11:48.0952 4652	IRENUM - ok
07:11:48.0998 4652	isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
07:11:49.0031 4652	isapnp - ok
07:11:49.0113 4652	iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
07:11:49.0152 4652	iScsiPrt - ok
07:11:49.0170 4652	iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
07:11:49.0201 4652	iteatapi - ok
07:11:49.0242 4652	iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
07:11:49.0254 4652	iteraid - ok
07:11:49.0366 4652	IviRegMgr       (213822072085b5bbad9af30ab577d817) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
07:11:49.0384 4652	IviRegMgr - ok
07:11:49.0409 4652	kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
07:11:49.0438 4652	kbdclass - ok
07:11:49.0483 4652	kbdhid          (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
07:11:49.0524 4652	kbdhid - ok
07:11:49.0565 4652	KeyIso          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
07:11:49.0618 4652	KeyIso - ok
07:11:49.0695 4652	KSecDD          (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
07:11:49.0751 4652	KSecDD - ok
07:11:49.0879 4652	KtmRm           (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
07:11:49.0964 4652	KtmRm - ok
07:11:49.0998 4652	LanmanServer    (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
07:11:50.0024 4652	LanmanServer - ok
07:11:50.0089 4652	LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
07:11:50.0147 4652	LanmanWorkstation - ok
07:11:50.0183 4652	lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
07:11:50.0265 4652	lltdio - ok
07:11:50.0337 4652	lltdsvc         (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
07:11:50.0365 4652	lltdsvc - ok
07:11:50.0393 4652	lmhosts         (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
07:11:50.0455 4652	lmhosts - ok
07:11:50.0511 4652	LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
07:11:50.0532 4652	LSI_FC - ok
07:11:50.0563 4652	LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
07:11:50.0585 4652	LSI_SAS - ok
07:11:50.0627 4652	LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
07:11:50.0650 4652	LSI_SCSI - ok
07:11:50.0674 4652	luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
07:11:50.0753 4652	luafv - ok
07:11:50.0814 4652	MBAMProtector   (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
07:11:50.0836 4652	MBAMProtector - ok
07:11:51.0003 4652	MBAMService     (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
07:11:51.0058 4652	MBAMService - ok
07:11:51.0138 4652	Mcx2Svc         (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
07:11:51.0198 4652	Mcx2Svc - ok
07:11:51.0243 4652	mdmxsdk         (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
07:11:51.0269 4652	mdmxsdk - ok
07:11:51.0342 4652	megasas         (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
07:11:51.0373 4652	megasas - ok
07:11:51.0453 4652	MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
07:11:51.0502 4652	MegaSR - ok
07:11:51.0672 4652	Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
07:11:51.0701 4652	Microsoft Office Groove Audit Service - ok
07:11:51.0833 4652	MMCSS           (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
07:11:51.0932 4652	MMCSS - ok
07:11:51.0968 4652	Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
07:11:52.0077 4652	Modem - ok
07:11:52.0141 4652	monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
07:11:52.0223 4652	monitor - ok
07:11:52.0287 4652	mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
07:11:52.0320 4652	mouclass - ok
07:11:52.0343 4652	mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
07:11:52.0375 4652	mouhid - ok
07:11:52.0430 4652	MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
07:11:52.0447 4652	MountMgr - ok
07:11:52.0501 4652	mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
07:11:52.0520 4652	mpio - ok
07:11:52.0566 4652	mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
07:11:52.0629 4652	mpsdrv - ok
07:11:52.0699 4652	MpsSvc          (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
07:11:52.0774 4652	MpsSvc - ok
07:11:52.0833 4652	Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
07:11:52.0863 4652	Mraid35x - ok
07:11:52.0916 4652	MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
07:11:52.0987 4652	MRxDAV - ok
07:11:53.0049 4652	mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
07:11:53.0094 4652	mrxsmb - ok
07:11:53.0160 4652	mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:11:53.0218 4652	mrxsmb10 - ok
07:11:53.0230 4652	mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:11:53.0250 4652	mrxsmb20 - ok
07:11:53.0319 4652	msahci          (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
07:11:53.0333 4652	msahci - ok
07:11:53.0650 4652	MSCSPTISRV      (a99d2c7e30ad63ef920a894131caf5f7) C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
07:11:53.0660 4652	MSCSPTISRV ( UnsignedFile.Multi.Generic ) - warning
07:11:53.0660 4652	MSCSPTISRV - detected UnsignedFile.Multi.Generic (1)
07:11:53.0766 4652	msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
07:11:53.0800 4652	msdsm - ok
07:11:53.0877 4652	MSDTC           (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
07:11:53.0945 4652	MSDTC - ok
07:11:54.0021 4652	Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
07:11:54.0122 4652	Msfs - ok
07:11:54.0164 4652	msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
07:11:54.0195 4652	msisadrv - ok
07:11:54.0259 4652	MSiSCSI         (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
07:11:54.0347 4652	MSiSCSI - ok
         
Fortsetzung folgt

Fortsetzung:

Code:
ATTFilter
 07:11:54.0353 4652	msiserver - ok
07:11:54.0407 4652	MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
07:11:54.0475 4652	MSKSSRV - ok
07:11:54.0503 4652	MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
07:11:54.0550 4652	MSPCLOCK - ok
07:11:54.0567 4652	MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
07:11:54.0624 4652	MSPQM - ok
07:11:54.0693 4652	MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
07:11:54.0719 4652	MsRPC - ok
07:11:54.0750 4652	mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
07:11:54.0772 4652	mssmbios - ok
07:11:54.0853 4652	MSSQL$MSSMLBIZ - ok
07:11:54.0934 4652	MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
07:11:54.0960 4652	MSSQLServerADHelper - ok
07:11:55.0025 4652	MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
07:11:55.0051 4652	MSTEE - ok
07:11:55.0107 4652	Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
07:11:55.0121 4652	Mup - ok
07:11:55.0252 4652	napagent        (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
07:11:55.0351 4652	napagent - ok
07:11:55.0428 4652	NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
07:11:55.0486 4652	NativeWifiP - ok
07:11:55.0589 4652	NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
07:11:55.0653 4652	NDIS - ok
07:11:55.0737 4652	NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
07:11:55.0805 4652	NdisTapi - ok
07:11:55.0836 4652	Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
07:11:55.0899 4652	Ndisuio - ok
07:11:55.0972 4652	NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
07:11:56.0023 4652	NdisWan - ok
07:11:56.0063 4652	NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
07:11:56.0118 4652	NDProxy - ok
07:11:56.0138 4652	NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
07:11:56.0172 4652	NetBIOS - ok
07:11:56.0212 4652	netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
07:11:56.0248 4652	netbt - ok
07:11:56.0299 4652	Netlogon        (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
07:11:56.0313 4652	Netlogon - ok
07:11:56.0359 4652	Netman          (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
07:11:56.0396 4652	Netman - ok
07:11:56.0427 4652	netprofm        (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
07:11:56.0485 4652	netprofm - ok
07:11:56.0600 4652	NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:11:56.0621 4652	NetTcpPortSharing - ok
07:11:56.0938 4652	NETw5v32        (e559ea9138c77b5d1fda8c558764a25f) C:\Windows\system32\DRIVERS\NETw5v32.sys
07:11:57.0197 4652	NETw5v32 - ok
07:11:57.0322 4652	nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
07:11:57.0351 4652	nfrd960 - ok
07:11:57.0406 4652	NlaSvc          (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
07:11:57.0442 4652	NlaSvc - ok
07:11:57.0511 4652	nmwcd           (c3963d85b721a7f80d8a55f4e2867a3a) C:\Windows\system32\drivers\ccdcmb.sys
07:11:57.0550 4652	nmwcd - ok
07:11:57.0631 4652	nmwcdc          (3859c69a77793180548802dac9f34a38) C:\Windows\system32\drivers\ccdcmbo.sys
07:11:57.0687 4652	nmwcdc - ok
07:11:57.0765 4652	nmwcdnsu        (338f83ee9cb9e15eeacf0cbb90218cbf) C:\Windows\system32\drivers\nmwcdnsu.sys
07:11:57.0809 4652	nmwcdnsu - ok
07:11:57.0832 4652	nmwcdnsuc       (d15bac979144fb69ed28f97b2dd84d48) C:\Windows\system32\drivers\nmwcdnsuc.sys
07:11:57.0872 4652	nmwcdnsuc - ok
07:11:57.0944 4652	Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
07:11:57.0991 4652	Npfs - ok
07:11:58.0016 4652	nsi             (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
07:11:58.0089 4652	nsi - ok
07:11:58.0117 4652	nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
07:11:58.0160 4652	nsiproxy - ok
07:11:58.0295 4652	NSUService      (fd141d19f1392920a6a517316910d770) C:\Program Files\Sony\Network Utility\NSUService.exe
07:11:58.0337 4652	NSUService ( UnsignedFile.Multi.Generic ) - warning
07:11:58.0337 4652	NSUService - detected UnsignedFile.Multi.Generic (1)
07:11:58.0478 4652	Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
07:11:58.0572 4652	Ntfs - ok
07:11:58.0622 4652	ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
07:11:58.0667 4652	ntrigdigi - ok
07:11:58.0690 4652	Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
07:11:58.0729 4652	Null - ok
07:11:58.0759 4652	nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
07:11:58.0772 4652	nvraid - ok
07:11:58.0808 4652	nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
07:11:58.0821 4652	nvstor - ok
07:11:58.0865 4652	nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
07:11:58.0879 4652	nv_agp - ok
07:11:58.0884 4652	NwlnkFlt - ok
07:11:58.0890 4652	NwlnkFwd - ok
07:11:59.0094 4652	odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
07:11:59.0126 4652	odserv - ok
07:11:59.0171 4652	ohci1394        (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
07:11:59.0196 4652	ohci1394 - ok
07:11:59.0225 4652	ose             (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:11:59.0239 4652	ose - ok
07:11:59.0325 4652	p2pimsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
07:11:59.0408 4652	p2pimsvc - ok
07:11:59.0430 4652	p2psvc          (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
07:11:59.0489 4652	p2psvc - ok
07:11:59.0555 4652	PACSPTISVR      (41c33fb4fd929fed732a00d2daef5be0) C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
07:11:59.0612 4652	PACSPTISVR ( UnsignedFile.Multi.Generic ) - warning
07:11:59.0612 4652	PACSPTISVR - detected UnsignedFile.Multi.Generic (1)
07:11:59.0645 4652	Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
07:11:59.0741 4652	Parport - ok
07:11:59.0777 4652	partmgr         (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
07:11:59.0793 4652	partmgr - ok
07:11:59.0836 4652	Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
07:11:59.0920 4652	Parvdm - ok
07:11:59.0951 4652	PcaSvc          (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
07:11:59.0983 4652	PcaSvc - ok
07:12:00.0063 4652	pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
07:12:00.0087 4652	pccsmcfd - ok
07:12:00.0146 4652	pci             (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
07:12:00.0184 4652	pci - ok
07:12:00.0229 4652	pciide          (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
07:12:00.0260 4652	pciide - ok
07:12:00.0300 4652	pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
07:12:00.0322 4652	pcmcia - ok
07:12:00.0444 4652	PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
07:12:00.0512 4652	PEAUTH - ok
07:12:00.0634 4652	pla             (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
07:12:00.0766 4652	pla - ok
07:12:00.0902 4652	PlugPlay        (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
07:12:00.0971 4652	PlugPlay - ok
07:12:01.0037 4652	PNRPAutoReg     (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
07:12:01.0097 4652	PNRPAutoReg - ok
07:12:01.0120 4652	PNRPsvc         (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
07:12:01.0190 4652	PNRPsvc - ok
07:12:01.0238 4652	PolicyAgent     (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
07:12:01.0339 4652	PolicyAgent - ok
07:12:01.0443 4652	PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
07:12:01.0526 4652	PptpMiniport - ok
07:12:01.0563 4652	Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
07:12:01.0626 4652	Processor - ok
07:12:01.0674 4652	ProfSvc         (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
07:12:01.0698 4652	ProfSvc - ok
07:12:01.0733 4652	ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
07:12:01.0757 4652	ProtectedStorage - ok
07:12:01.0787 4652	PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
07:12:01.0815 4652	PSched - ok
07:12:01.0870 4652	PxHelp20        (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys
07:12:01.0883 4652	PxHelp20 - ok
07:12:02.0023 4652	ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
07:12:02.0118 4652	ql2300 - ok
07:12:02.0155 4652	ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
07:12:02.0186 4652	ql40xx - ok
07:12:02.0241 4652	QWAVE           (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
07:12:02.0285 4652	QWAVE - ok
07:12:02.0305 4652	QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
07:12:02.0335 4652	QWAVEdrv - ok
07:12:02.0444 4652	RapiMgr         (70dbdab246c18b78e2200d6401d038be) C:\Windows\WindowsMobile\rapimgr.dll
07:12:02.0486 4652	RapiMgr - ok
07:12:02.0497 4652	RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
07:12:02.0550 4652	RasAcd - ok
07:12:02.0589 4652	RasAuto         (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
07:12:02.0642 4652	RasAuto - ok
07:12:02.0677 4652	Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
07:12:02.0733 4652	Rasl2tp - ok
07:12:02.0780 4652	RasMan          (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
07:12:02.0838 4652	RasMan - ok
07:12:02.0945 4652	RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
07:12:02.0994 4652	RasPppoe - ok
07:12:03.0019 4652	RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
07:12:03.0069 4652	RasSstp - ok
07:12:03.0133 4652	rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
07:12:03.0219 4652	rdbss - ok
07:12:03.0265 4652	RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
07:12:03.0343 4652	RDPCDD - ok
07:12:03.0381 4652	rdpdr           (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
07:12:03.0434 4652	rdpdr - ok
07:12:03.0441 4652	RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
07:12:03.0497 4652	RDPENCDD - ok
07:12:03.0548 4652	RDPWD           (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
07:12:03.0593 4652	RDPWD - ok
07:12:03.0671 4652	regi            (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
07:12:03.0693 4652	regi - ok
07:12:03.0811 4652	RegSrvc         (b33c88df3588acf250b87a004526c31a) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
07:12:03.0889 4652	RegSrvc ( UnsignedFile.Multi.Generic ) - warning
07:12:03.0889 4652	RegSrvc - detected UnsignedFile.Multi.Generic (1)
07:12:03.0962 4652	RemoteAccess    (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
07:12:04.0042 4652	RemoteAccess - ok
07:12:04.0081 4652	RemoteRegistry  (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
07:12:04.0178 4652	RemoteRegistry - ok
07:12:04.0258 4652	rimsptsk        (d0c2a0ce1091e08efb7ccba6cea4c3f9) C:\Windows\system32\DRIVERS\rimsptsk.sys
07:12:04.0314 4652	rimsptsk - ok
07:12:04.0365 4652	risdptsk        (c22e4e27ccdf9aa5fe8143104f28cde3) C:\Windows\system32\DRIVERS\risdptsk.sys
07:12:04.0428 4652	risdptsk - ok
07:12:04.0484 4652	RpcLocator      (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
07:12:04.0531 4652	RpcLocator - ok
07:12:04.0611 4652	RpcSs           (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
07:12:04.0688 4652	RpcSs - ok
07:12:04.0733 4652	rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
07:12:04.0768 4652	rspndr - ok
07:12:04.0836 4652	RtkAudioService (65330e78c17db8a99a7ff1ba3c8824b6) C:\Windows\RtkAudioService.exe
07:12:04.0853 4652	RtkAudioService - ok
07:12:04.0900 4652	SamSs           (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
07:12:04.0929 4652	SamSs - ok
07:12:04.0949 4652	sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
07:12:04.0971 4652	sbp2port - ok
07:12:05.0032 4652	SCardSvr        (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
07:12:05.0069 4652	SCardSvr - ok
07:12:05.0132 4652	Schedule        (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
07:12:05.0195 4652	Schedule - ok
07:12:05.0232 4652	SCPolicySvc     (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
07:12:05.0265 4652	SCPolicySvc - ok
07:12:05.0307 4652	sdbus           (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
07:12:05.0379 4652	sdbus - ok
07:12:05.0413 4652	SDRSVC          (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
07:12:05.0446 4652	SDRSVC - ok
07:12:05.0492 4652	SE2Ebus         (97ec6c60112ebd40c07fe295a38ab1ea) C:\Windows\system32\DRIVERS\SE2Ebus.sys
07:12:05.0511 4652	SE2Ebus - ok
07:12:05.0545 4652	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
07:12:05.0664 4652	secdrv - ok
07:12:05.0703 4652	seclogon        (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
07:12:05.0769 4652	seclogon - ok
07:12:05.0803 4652	SENS            (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
07:12:05.0876 4652	SENS - ok
07:12:05.0906 4652	Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
07:12:06.0024 4652	Serenum - ok
07:12:06.0072 4652	Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
07:12:06.0115 4652	Serial - ok
07:12:06.0149 4652	sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
07:12:06.0174 4652	sermouse - ok
07:12:06.0358 4652	ServiceLayer    (2d841b7b7f6dec32162edfcc69d61f42) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
07:12:06.0454 4652	ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
07:12:06.0454 4652	ServiceLayer - detected UnsignedFile.Multi.Generic (1)
07:12:06.0584 4652	SessionEnv      (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
07:12:06.0612 4652	SessionEnv - ok
07:12:06.0680 4652	SFEP            (8b7c1768d2cde2e02e09a66563ddfd16) C:\Windows\system32\DRIVERS\SFEP.sys
07:12:06.0702 4652	SFEP - ok
07:12:06.0733 4652	sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
07:12:06.0757 4652	sffdisk - ok
07:12:06.0813 4652	sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
07:12:06.0878 4652	sffp_mmc - ok
07:12:06.0911 4652	sffp_sd         (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
07:12:06.0973 4652	sffp_sd - ok
07:12:07.0018 4652	sfloppy         (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys
07:12:07.0090 4652	sfloppy - ok
07:12:07.0130 4652	SharedAccess    (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
07:12:07.0181 4652	SharedAccess - ok
07:12:07.0226 4652	ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
07:12:07.0243 4652	ShellHWDetection - ok
07:12:07.0313 4652	sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
07:12:07.0333 4652	sisagp - ok
07:12:07.0359 4652	SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
07:12:07.0376 4652	SiSRaid2 - ok
07:12:07.0395 4652	SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
07:12:07.0412 4652	SiSRaid4 - ok
07:12:07.0690 4652	slsvc           (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
07:12:07.0872 4652	slsvc - ok
07:12:08.0097 4652	SLUINotify      (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
07:12:08.0161 4652	SLUINotify - ok
07:12:08.0230 4652	Smb             (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
07:12:08.0303 4652	Smb - ok
07:12:08.0345 4652	SNMPTRAP        (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
07:12:08.0415 4652	SNMPTRAP - ok
07:12:08.0516 4652	SOHCImp         (dc826affa608f50c385bca4c71ef1bdd) C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe
07:12:08.0542 4652	SOHCImp - ok
07:12:08.0594 4652	SOHDms          (1ec739f65c51fa1c7ac4502464a3c3a8) C:\Program Files\Sony\VAIO Media plus\SOHDms.exe
07:12:08.0661 4652	SOHDms - ok
07:12:08.0703 4652	SOHDs           (ec8fab4ac684445d6032aa5c6e77ca2e) C:\Program Files\Sony\VAIO Media plus\SOHDs.exe
07:12:08.0726 4652	SOHDs - ok
07:12:08.0863 4652	Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Program Files\Sony\Sony PC Companion\PCCService.exe
07:12:08.0888 4652	Sony PC Companion - ok
07:12:08.0950 4652	spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
07:12:08.0981 4652	spldr - ok
07:12:09.0026 4652	Spooler         (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
07:12:09.0086 4652	Spooler - ok
07:12:09.0205 4652	SPTISRV         (f63102f289ae2039940b22e9b2a8e0bd) C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
07:12:09.0216 4652	SPTISRV ( UnsignedFile.Multi.Generic ) - warning
07:12:09.0216 4652	SPTISRV - detected UnsignedFile.Multi.Generic (1)
07:12:09.0325 4652	SQLBrowser      (86ebd8b1f23e743aad21f4d5b4d40985) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
07:12:09.0358 4652	SQLBrowser - ok
07:12:09.0410 4652	SQLWriter       (d89083c4eb02daca8f944b0e05e57f9d) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
07:12:09.0439 4652	SQLWriter - ok
07:12:09.0492 4652	srv             (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
07:12:09.0557 4652	srv - ok
07:12:09.0591 4652	srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
07:12:09.0623 4652	srv2 - ok
07:12:09.0646 4652	srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
07:12:09.0685 4652	srvnet - ok
07:12:09.0746 4652	SSDPSRV         (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
07:12:09.0830 4652	SSDPSRV - ok
07:12:09.0865 4652	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
07:12:09.0889 4652	ssmdrv - ok
07:12:09.0935 4652	SstpSvc         (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
07:12:10.0007 4652	SstpSvc - ok
07:12:10.0097 4652	stisvc          (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
07:12:10.0156 4652	stisvc - ok
07:12:10.0196 4652	swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
07:12:10.0227 4652	swenum - ok
07:12:10.0274 4652	swprv           (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
07:12:10.0349 4652	swprv - ok
07:12:10.0370 4652	Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
07:12:10.0401 4652	Symc8xx - ok
07:12:10.0439 4652	Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
07:12:10.0484 4652	Sym_hi - ok
07:12:10.0519 4652	Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
07:12:10.0530 4652	Sym_u3 - ok
07:12:10.0570 4652	SynTP           (99da94793332aadbb17bbb521ae56e21) C:\Windows\system32\DRIVERS\SynTP.sys
07:12:10.0583 4652	SynTP - ok
07:12:10.0635 4652	SysMain         (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
07:12:10.0690 4652	SysMain - ok
07:12:10.0736 4652	TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
07:12:10.0793 4652	TabletInputService - ok
07:12:10.0848 4652	TapiSrv         (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
07:12:10.0935 4652	TapiSrv - ok
07:12:10.0969 4652	TBS             (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
07:12:11.0056 4652	TBS - ok
07:12:11.0158 4652	Tcpip           (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
07:12:11.0248 4652	Tcpip - ok
07:12:11.0293 4652	Tcpip6          (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
07:12:11.0341 4652	Tcpip6 - ok
07:12:11.0391 4652	tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
07:12:11.0405 4652	tcpipreg - ok
07:12:11.0433 4652	TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
07:12:11.0471 4652	TDPIPE - ok
07:12:11.0484 4652	TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
07:12:11.0509 4652	TDTCP - ok
07:12:11.0569 4652	tdx             (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
07:12:11.0610 4652	tdx - ok
07:12:11.0651 4652	TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
07:12:11.0669 4652	TermDD - ok
07:12:11.0786 4652	TermService     (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
07:12:11.0874 4652	TermService - ok
07:12:11.0927 4652	Themes          (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
07:12:11.0958 4652	Themes - ok
07:12:11.0989 4652	THREADORDER     (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
07:12:12.0034 4652	THREADORDER - ok
07:12:12.0107 4652	TrkWks          (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
07:12:12.0138 4652	TrkWks - ok
07:12:12.0195 4652	TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
07:12:12.0217 4652	TrustedInstaller - ok
07:12:12.0262 4652	tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
07:12:12.0299 4652	tssecsrv - ok
07:12:12.0321 4652	tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
07:12:12.0355 4652	tunmp - ok
07:12:12.0377 4652	tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
07:12:12.0406 4652	tunnel - ok
07:12:12.0423 4652	uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
07:12:12.0438 4652	uagp35 - ok
07:12:12.0504 4652	udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
07:12:12.0534 4652	udfs - ok
07:12:12.0584 4652	UI0Detect       (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
07:12:12.0618 4652	UI0Detect - ok
07:12:12.0623 4652	UIUSys - ok
07:12:12.0700 4652	uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
07:12:12.0724 4652	uliagpkx - ok
07:12:12.0767 4652	uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
07:12:12.0787 4652	uliahci - ok
07:12:12.0812 4652	UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
07:12:12.0828 4652	UlSata - ok
07:12:12.0864 4652	ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
07:12:12.0881 4652	ulsata2 - ok
07:12:12.0915 4652	umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
07:12:12.0951 4652	umbus - ok
07:12:13.0005 4652	upnphost        (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
07:12:13.0048 4652	upnphost - ok
07:12:13.0069 4652	upperdev        (0ccadc7391021376edbb8aa649d04e68) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
07:12:13.0120 4652	upperdev - ok
07:12:13.0165 4652	usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
07:12:13.0206 4652	usbccgp - ok
07:12:13.0251 4652	usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
07:12:13.0314 4652	usbcir - ok
07:12:13.0369 4652	usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
07:12:13.0403 4652	usbehci - ok
07:12:13.0451 4652	usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
07:12:13.0474 4652	usbhub - ok
07:12:13.0493 4652	usbohci         (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
07:12:13.0546 4652	usbohci - ok
07:12:13.0567 4652	usbprint        (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
07:12:13.0613 4652	usbprint - ok
07:12:13.0684 4652	usbser          (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\drivers\usbser.sys
07:12:13.0710 4652	usbser - ok
07:12:13.0741 4652	UsbserFilt      (68b4f83cccf70a2ff32ee142c234332a) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
07:12:13.0768 4652	UsbserFilt - ok
07:12:13.0807 4652	USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:12:13.0844 4652	USBSTOR - ok
07:12:13.0875 4652	usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
07:12:13.0918 4652	usbuhci - ok
07:12:13.0965 4652	usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
07:12:14.0007 4652	usbvideo - ok
07:12:14.0041 4652	usb_rndisx      (35c9095fa7076466afbfc5b9ec4b779e) C:\Windows\system32\DRIVERS\usb8023x.sys
07:12:14.0088 4652	usb_rndisx - ok
07:12:14.0133 4652	UxSms           (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
07:12:14.0163 4652	UxSms - ok
07:12:14.0303 4652	VAIO Entertainment TV Device Arbitration Service (2a640dc735cb0112ac1dcd1e1549b27e) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
07:12:14.0307 4652	VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - warning
07:12:14.0307 4652	VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic (1)
07:12:14.0397 4652	VAIO Event Service (693a3fdd279c345105fff9dde277849b) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
07:12:14.0411 4652	VAIO Event Service - ok
07:12:14.0465 4652	VAIO Power Management (43cec9bf5a4f2917982ad01d92e0f44d) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
07:12:14.0487 4652	VAIO Power Management - ok
07:12:14.0589 4652	VCFw            (cbcbe2233d21e9b278f95f5cb28bc8ae) C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
07:12:14.0652 4652	VCFw ( UnsignedFile.Multi.Generic ) - warning
07:12:14.0652 4652	VCFw - detected UnsignedFile.Multi.Generic (1)
07:12:14.0801 4652	VcmIAlzMgr      (27888f132d2ee0b72b28093a5f5f20eb) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
07:12:14.0822 4652	VcmIAlzMgr - ok
07:12:14.0911 4652	VcmXmlIfHelper  (ee9abfc2f8f2dcdc624b6a9d5cf3b19d) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
07:12:14.0922 4652	VcmXmlIfHelper - ok
07:12:14.0932 4652	Vcsw - ok
07:12:15.0069 4652	vds             (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
07:12:15.0108 4652	vds - ok
07:12:15.0154 4652	vga             (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
07:12:15.0186 4652	vga - ok
07:12:15.0223 4652	VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
07:12:15.0260 4652	VgaSave - ok
07:12:15.0293 4652	viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
07:12:15.0306 4652	viaagp - ok
07:12:15.0338 4652	ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
07:12:15.0364 4652	ViaC7 - ok
07:12:15.0383 4652	viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
07:12:15.0397 4652	viaide - ok
07:12:15.0426 4652	volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
07:12:15.0440 4652	volmgr - ok
07:12:15.0484 4652	volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
07:12:15.0505 4652	volmgrx - ok
07:12:15.0548 4652	volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
07:12:15.0570 4652	volsnap - ok
07:12:15.0615 4652	vsmraid         (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
07:12:15.0633 4652	vsmraid - ok
07:12:15.0716 4652	VSS             (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
07:12:15.0825 4652	VSS - ok
07:12:15.0968 4652	VzCdbSvc        (071634532066c2e29350d450c3412837) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
07:12:15.0975 4652	VzCdbSvc ( UnsignedFile.Multi.Generic ) - warning
07:12:15.0975 4652	VzCdbSvc - detected UnsignedFile.Multi.Generic (1)
07:12:16.0020 4652	W32Time         (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
07:12:16.0069 4652	W32Time - ok
07:12:16.0117 4652	WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
07:12:16.0190 4652	WacomPen - ok
07:12:16.0209 4652	Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
07:12:16.0245 4652	Wanarp - ok
07:12:16.0253 4652	Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
07:12:16.0274 4652	Wanarpv6 - ok
07:12:16.0349 4652	WcesComm        (779f9c90d3fe9c70b6ffd8ef035f3e83) C:\Windows\WindowsMobile\wcescomm.dll
07:12:16.0430 4652	WcesComm - ok
07:12:16.0493 4652	wcncsvc         (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
07:12:16.0542 4652	wcncsvc - ok
07:12:16.0597 4652	WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
07:12:16.0669 4652	WcsPlugInService - ok
07:12:16.0710 4652	Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
07:12:16.0728 4652	Wd - ok
07:12:16.0794 4652	Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
07:12:16.0820 4652	Wdf01000 - ok
07:12:16.0841 4652	WdiServiceHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
07:12:16.0914 4652	WdiServiceHost - ok
07:12:16.0922 4652	WdiSystemHost   (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
07:12:16.0951 4652	WdiSystemHost - ok
07:12:16.0992 4652	WebClient       (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
07:12:17.0025 4652	WebClient - ok
07:12:17.0066 4652	Wecsvc          (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
07:12:17.0093 4652	Wecsvc - ok
07:12:17.0123 4652	wercplsupport   (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
07:12:17.0147 4652	wercplsupport - ok
07:12:17.0196 4652	WerSvc          (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
07:12:17.0219 4652	WerSvc - ok
07:12:17.0253 4652	WimFltr         (090a2b8f055343815556a01f725f6c35) C:\Windows\system32\DRIVERS\wimfltr.sys
07:12:17.0267 4652	WimFltr - ok
07:12:17.0317 4652	winachsf        (5a77ac34a0ffb70ce8b35b524fede9ba) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
07:12:17.0381 4652	winachsf - ok
07:12:17.0486 4652	WinDefend       (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
07:12:17.0503 4652	WinDefend - ok
07:12:17.0516 4652	WinHttpAutoProxySvc - ok
07:12:17.0588 4652	Winmgmt         (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
07:12:17.0610 4652	Winmgmt - ok
07:12:17.0699 4652	WinRM           (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
07:12:17.0759 4652	WinRM - ok
07:12:17.0851 4652	Wlansvc         (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
07:12:17.0902 4652	Wlansvc - ok
07:12:17.0963 4652	WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
07:12:17.0998 4652	WmiAcpi - ok
07:12:18.0079 4652	wmiApSrv        (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
07:12:18.0145 4652	wmiApSrv - ok
07:12:18.0328 4652	WMPNetworkSvc   (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
07:12:18.0496 4652	WMPNetworkSvc - ok
07:12:18.0571 4652	WPCSvc          (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
07:12:18.0636 4652	WPCSvc - ok
07:12:18.0697 4652	WPDBusEnum      (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
07:12:18.0733 4652	WPDBusEnum - ok
07:12:18.0790 4652	WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
07:12:18.0804 4652	WpdUsb - ok
07:12:19.0043 4652	WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
07:12:19.0089 4652	WPFFontCache_v0400 - ok
07:12:19.0140 4652	ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
07:12:19.0166 4652	ws2ifsl - ok
07:12:19.0242 4652	WsAudio_DeviceS(1) (a75dc063c9f0b787cce296c8ccad9c30) C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys
07:12:19.0246 4652	WsAudio_DeviceS(1) ( UnsignedFile.Multi.Generic ) - warning
07:12:19.0247 4652	WsAudio_DeviceS(1) - detected UnsignedFile.Multi.Generic (1)
07:12:19.0311 4652	wscsvc          (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
07:12:19.0328 4652	wscsvc - ok
07:12:19.0338 4652	WSearch - ok
07:12:19.0466 4652	wuauserv        (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
07:12:19.0738 4652	wuauserv - ok
07:12:19.0958 4652	WudfPf          (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
07:12:20.0009 4652	WudfPf - ok
07:12:20.0072 4652	WUDFRd          (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
07:12:20.0108 4652	WUDFRd - ok
07:12:20.0135 4652	wudfsvc         (2c0206ff8d2c75ac027d1096fa2fafda) C:\Windows\System32\WUDFSvc.dll
07:12:20.0182 4652	wudfsvc - ok
07:12:20.0254 4652	XAudio          (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys
07:12:20.0265 4652	XAudio - ok
07:12:20.0330 4652	XAudioService   (15a317674a08df26be65164d959e9203) C:\Windows\system32\DRIVERS\xaudio.exe
07:12:20.0385 4652	XAudioService - ok
07:12:20.0432 4652	yukonwlh        (7d4cca3659fa0780603206e3d12a993f) C:\Windows\system32\DRIVERS\yk60x86.sys
07:12:20.0473 4652	yukonwlh - ok
07:12:20.0551 4652	MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
07:12:21.0633 4652	\Device\Harddisk0\DR0 - ok
07:12:21.0659 4652	MBR (0x1B8)     (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
07:12:21.0832 4652	\Device\Harddisk1\DR1 - ok
07:12:21.0935 4652	Boot (0x1200)   (5c64891cba38a56957fc8e8ae32a709b) \Device\Harddisk0\DR0\Partition0
07:12:21.0936 4652	\Device\Harddisk0\DR0\Partition0 - ok
07:12:21.0946 4652	Boot (0x1200)   (328a5e908ddc0f988dc6814779b827b5) \Device\Harddisk1\DR1\Partition0
07:12:21.0948 4652	\Device\Harddisk1\DR1\Partition0 - ok
07:12:21.0951 4652	============================================================
07:12:21.0951 4652	Scan finished
07:12:21.0951 4652	============================================================
07:12:21.0964 3472	Detected object count: 12
07:12:21.0964 3472	Actual detected object count: 12
07:12:42.0365 3472	EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
07:12:42.0365 3472	EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip 
07:12:42.0365 3472	IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
07:12:42.0365 3472	IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
07:12:42.0366 3472	MSCSPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
07:12:42.0366 3472	MSCSPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
07:12:42.0366 3472	NSUService ( UnsignedFile.Multi.Generic ) - skipped by user
07:12:42.0366 3472	NSUService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
07:12:42.0367 3472	PACSPTISVR ( UnsignedFile.Multi.Generic ) - skipped by user
07:12:42.0367 3472	PACSPTISVR ( UnsignedFile.Multi.Generic ) - User select action: Skip 
07:12:42.0370 3472	RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
07:12:42.0370 3472	RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
07:12:42.0370 3472	ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
07:12:42.0370 3472	ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
07:12:42.0375 3472	SPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
07:12:42.0375 3472	SPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
07:12:42.0376 3472	VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - skipped by user
07:12:42.0376 3472	VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
07:12:42.0377 3472	VCFw ( UnsignedFile.Multi.Generic ) - skipped by user
07:12:42.0377 3472	VCFw ( UnsignedFile.Multi.Generic ) - User select action: Skip 
07:12:42.0380 3472	VzCdbSvc ( UnsignedFile.Multi.Generic ) - skipped by user
07:12:42.0380 3472	VzCdbSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
07:12:42.0380 3472	WsAudio_DeviceS(1) ( UnsignedFile.Multi.Generic ) - skipped by user
07:12:42.0380 3472	WsAudio_DeviceS(1) ( UnsignedFile.Multi.Generic ) - User select action: Skip 
07:13:37.0612 5520	============================================================
07:13:37.0612 5520	Scan started
07:13:37.0612 5520	Mode: Manual; SigCheck; TDLFS; 
07:13:37.0612 5520	============================================================
07:13:37.0847 5520	ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
07:13:37.0903 5520	ACPI - ok
07:13:38.0076 5520	AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
07:13:38.0098 5520	AdobeARMservice - ok
07:13:38.0171 5520	AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
07:13:38.0186 5520	AdobeFlashPlayerUpdateSvc - ok
07:13:38.0236 5520	adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
07:13:38.0271 5520	adp94xx - ok
07:13:38.0311 5520	adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
07:13:38.0331 5520	adpahci - ok
07:13:38.0358 5520	adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
07:13:38.0377 5520	adpu160m - ok
07:13:38.0409 5520	adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
07:13:38.0426 5520	adpu320 - ok
07:13:38.0467 5520	AeLookupSvc     (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
07:13:38.0489 5520	AeLookupSvc - ok
07:13:38.0530 5520	AFD             (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
07:13:38.0548 5520	AFD - ok
07:13:38.0576 5520	agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
07:13:38.0590 5520	agp440 - ok
07:13:38.0619 5520	aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
07:13:38.0637 5520	aic78xx - ok
07:13:38.0674 5520	ALG             (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
07:13:38.0700 5520	ALG - ok
07:13:38.0723 5520	aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
07:13:38.0736 5520	aliide - ok
07:13:38.0759 5520	amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
07:13:38.0774 5520	amdagp - ok
07:13:38.0795 5520	amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
07:13:38.0807 5520	amdide - ok
07:13:38.0896 5520	AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
07:13:38.0923 5520	AmdK7 - ok
07:13:38.0952 5520	AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
07:13:38.0984 5520	AmdK8 - ok
07:13:39.0088 5520	AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files\Avira\AntiVir Desktop\sched.exe
07:13:39.0101 5520	AntiVirSchedulerService - ok
07:13:39.0138 5520	AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
07:13:39.0154 5520	AntiVirService - ok
07:13:39.0196 5520	AntiVirWebService (676894fa57b671fec5c3f05f8929e03b) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
07:13:39.0220 5520	AntiVirWebService - ok
07:13:39.0257 5520	Appinfo         (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
07:13:39.0271 5520	Appinfo - ok
07:13:39.0306 5520	arc             (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
07:13:39.0320 5520	arc - ok
07:13:39.0350 5520	arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
07:13:39.0367 5520	arcsas - ok
07:13:39.0389 5520	AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
07:13:39.0422 5520	AsyncMac - ok
07:13:39.0446 5520	atapi           (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
07:13:39.0459 5520	atapi - ok
07:13:39.0542 5520	athr            (600efe56f37adbd65a0fb076b50d1b8d) C:\Windows\system32\DRIVERS\athr.sys
07:13:39.0577 5520	athr - ok
07:13:39.0667 5520	Ati External Event Utility (3c105ae4cc005ab67907add9dff2e192) C:\Windows\system32\Ati2evxx.exe
07:13:39.0693 5520	Ati External Event Utility - ok
07:13:39.0952 5520	atikmdag        (a4e212f45b2457b39d59d4972a67af47) C:\Windows\system32\DRIVERS\atikmdag.sys
07:13:40.0054 5520	atikmdag - ok
07:13:40.0210 5520	AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
07:13:40.0234 5520	AudioEndpointBuilder - ok
07:13:40.0240 5520	Audiosrv        (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
07:13:40.0266 5520	Audiosrv - ok
07:13:40.0357 5520	avgntflt        (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
07:13:40.0372 5520	avgntflt - ok
07:13:40.0397 5520	avipbb          (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
07:13:40.0412 5520	avipbb - ok
07:13:40.0437 5520	avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
07:13:40.0450 5520	avkmgr - ok
07:13:40.0533 5520	BcmSqlStartupSvc (6163664c7e9cd110af70180c126c3fdc) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
07:13:40.0548 5520	BcmSqlStartupSvc - ok
07:13:40.0617 5520	Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
07:13:40.0656 5520	Beep - ok
07:13:40.0706 5520	BFE             (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
07:13:40.0738 5520	BFE - ok
07:13:40.0804 5520	BITS            (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
07:13:40.0845 5520	BITS - ok
07:13:40.0876 5520	blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
07:13:40.0902 5520	blbdrive - ok
07:13:40.0943 5520	bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
07:13:40.0968 5520	bowser - ok
07:13:41.0001 5520	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
07:13:41.0022 5520	BrFiltLo - ok
07:13:41.0042 5520	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
07:13:41.0061 5520	BrFiltUp - ok
07:13:41.0099 5520	Browser         (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
07:13:41.0126 5520	Browser - ok
07:13:41.0155 5520	Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
07:13:41.0203 5520	Brserid - ok
07:13:41.0234 5520	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
07:13:41.0280 5520	BrSerWdm - ok
07:13:41.0304 5520	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
07:13:41.0348 5520	BrUsbMdm - ok
07:13:41.0374 5520	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
07:13:41.0425 5520	BrUsbSer - ok
07:13:41.0457 5520	BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
07:13:41.0504 5520	BTHMODEM - ok
07:13:41.0542 5520	cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
07:13:41.0571 5520	cdfs - ok
07:13:41.0628 5520	cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
07:13:41.0649 5520	cdrom - ok
07:13:41.0703 5520	CertPropSvc     (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
07:13:41.0726 5520	CertPropSvc - ok
07:13:41.0766 5520	circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
07:13:41.0792 5520	circlass - ok
07:13:41.0838 5520	CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
07:13:41.0857 5520	CLFS - ok
07:13:41.0932 5520	clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:13:41.0946 5520	clr_optimization_v2.0.50727_32 - ok
07:13:42.0033 5520	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:13:42.0049 5520	clr_optimization_v4.0.30319_32 - ok
07:13:42.0075 5520	CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
07:13:42.0102 5520	CmBatt - ok
07:13:42.0122 5520	cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
07:13:42.0137 5520	cmdide - ok
07:13:42.0157 5520	Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
07:13:42.0171 5520	Compbatt - ok
07:13:42.0181 5520	COMSysApp - ok
07:13:42.0203 5520	crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
07:13:42.0217 5520	crcdisk - ok
07:13:42.0243 5520	Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
07:13:42.0270 5520	Crusoe - ok
07:13:42.0343 5520	CryptSvc        (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
07:13:42.0364 5520	CryptSvc - ok
07:13:42.0418 5520	DcomLaunch      (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
07:13:42.0457 5520	DcomLaunch - ok
07:13:42.0491 5520	DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
07:13:42.0518 5520	DfsC - ok
07:13:42.0651 5520	DFSR            (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
07:13:42.0765 5520	DFSR - ok
07:13:42.0882 5520	Dhcp            (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
07:13:42.0906 5520	Dhcp - ok
07:13:42.0976 5520	disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
07:13:42.0991 5520	disk - ok
07:13:43.0034 5520	DMICall         (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys
07:13:43.0045 5520	DMICall - ok
07:13:43.0087 5520	Dnscache        (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
07:13:43.0115 5520	Dnscache - ok
07:13:43.0153 5520	dot3svc         (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
07:13:43.0176 5520	dot3svc - ok
07:13:43.0216 5520	DPS             (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
07:13:43.0244 5520	DPS - ok
07:13:43.0275 5520	drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
07:13:43.0296 5520	drmkaud - ok
07:13:43.0353 5520	DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
07:13:43.0388 5520	DXGKrnl - ok
07:13:43.0421 5520	E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
07:13:43.0450 5520	E1G60 - ok
07:13:43.0486 5520	EapHost         (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
07:13:43.0508 5520	EapHost - ok
07:13:43.0548 5520	Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
07:13:43.0565 5520	Ecache - ok
07:13:43.0628 5520	ehRecvr         (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
07:13:43.0646 5520	ehRecvr - ok
07:13:43.0669 5520	ehSched         (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
07:13:43.0684 5520	ehSched - ok
07:13:43.0703 5520	ehstart         (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
07:13:43.0726 5520	ehstart - ok
07:13:43.0771 5520	elxstor         (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
07:13:43.0792 5520	elxstor - ok
07:13:43.0868 5520	EMDMgmt         (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
07:13:43.0907 5520	EMDMgmt - ok
07:13:43.0930 5520	ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
07:13:43.0993 5520	ErrDev - ok
07:13:44.0063 5520	EventSystem     (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
07:13:44.0087 5520	EventSystem - ok
07:13:44.0205 5520	EvtEng          (306ac856622864c761cbdb5e816bb9d8) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
07:13:44.0239 5520	EvtEng ( UnsignedFile.Multi.Generic ) - warning
07:13:44.0239 5520	EvtEng - detected UnsignedFile.Multi.Generic (1)
07:13:44.0276 5520	exfat           (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
07:13:44.0300 5520	exfat - ok
07:13:44.0360 5520	fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
07:13:44.0394 5520	fastfat - ok
07:13:44.0430 5520	fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
07:13:44.0473 5520	fdc - ok
07:13:44.0523 5520	fdPHost         (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
07:13:44.0566 5520	fdPHost - ok
07:13:44.0599 5520	FDResPub        (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
07:13:44.0671 5520	FDResPub - ok
07:13:44.0701 5520	FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
07:13:44.0724 5520	FileInfo - ok
07:13:44.0745 5520	Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
07:13:44.0801 5520	Filetrace - ok
07:13:44.0831 5520	flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
07:13:44.0857 5520	flpydisk - ok
07:13:44.0922 5520	FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
07:13:44.0939 5520	FltMgr - ok
07:13:45.0012 5520	FontCache       (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
07:13:45.0088 5520	FontCache - ok
07:13:45.0187 5520	FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
07:13:45.0216 5520	FontCache3.0.0.0 - ok
07:13:45.0253 5520	Fs_Rec          (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
07:13:45.0308 5520	Fs_Rec - ok
07:13:45.0350 5520	gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
07:13:45.0362 5520	gagp30kx - ok
07:13:45.0403 5520	ggflt           (007aea2e06e7cef7372e40c277163959) C:\Windows\system32\DRIVERS\ggflt.sys
07:13:45.0414 5520	ggflt - ok
07:13:45.0435 5520	ggsemc          (c73de35960ca75c5ab4ae636b127c64e) C:\Windows\system32\DRIVERS\ggsemc.sys
07:13:45.0450 5520	ggsemc - ok
07:13:45.0567 5520	GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
07:13:45.0583 5520	GoogleDesktopManager-051210-111108 - ok
07:13:45.0650 5520	gpsvc           (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
07:13:45.0700 5520	gpsvc - ok
07:13:45.0727 5520	gupdate         (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
07:13:45.0747 5520	gupdate - ok
07:13:45.0752 5520	gupdatem        (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
07:13:45.0772 5520	gupdatem - ok
07:13:45.0811 5520	gusvc           (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
07:13:45.0829 5520	gusvc - ok
07:13:45.0895 5520	HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
07:13:45.0978 5520	HdAudAddService - ok
07:13:46.0057 5520	HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
07:13:46.0093 5520	HDAudBus - ok
07:13:46.0127 5520	HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
07:13:46.0172 5520	HidBth - ok
07:13:46.0200 5520	HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
07:13:46.0250 5520	HidIr - ok
07:13:46.0280 5520	hidserv         (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
07:13:46.0295 5520	hidserv - ok
07:13:46.0331 5520	HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
07:13:46.0385 5520	HidUsb - ok
07:13:46.0424 5520	hkmsvc          (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
07:13:46.0453 5520	hkmsvc - ok
07:13:46.0494 5520	HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
07:13:46.0512 5520	HpCISSs - ok
07:13:46.0569 5520	HSFHWAZL        (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
07:13:46.0600 5520	HSFHWAZL - ok
07:13:46.0678 5520	HSF_DPV         (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys
07:13:46.0761 5520	HSF_DPV - ok
07:13:46.0818 5520	HSXHWAZL        (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
07:13:46.0834 5520	HSXHWAZL - ok
07:13:46.0898 5520	HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
07:13:46.0968 5520	HTTP - ok
07:13:47.0023 5520	i2omp           (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
07:13:47.0040 5520	i2omp - ok
07:13:47.0074 5520	i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
07:13:47.0099 5520	i8042prt - ok
07:13:47.0149 5520	iaStor          (db0cc620b27a928d968c1a1e9cd9cb87) C:\Windows\system32\DRIVERS\iaStor.sys
07:13:47.0164 5520	iaStor - ok
07:13:47.0196 5520	iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
07:13:47.0214 5520	iaStorV - ok
07:13:47.0327 5520	IDriverT        (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
07:13:47.0335 5520	IDriverT ( UnsignedFile.Multi.Generic ) - warning
07:13:47.0335 5520	IDriverT - detected UnsignedFile.Multi.Generic (1)
07:13:47.0488 5520	idsvc           (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
07:13:47.0541 5520	idsvc - ok
07:13:47.0547 5520	igfx - ok
07:13:47.0581 5520	iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
07:13:47.0594 5520	iirsp - ok
07:13:47.0645 5520	IKEEXT          (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
         

Antwort

Themen zu Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein
anti-malware, antimalware, antworten, avira, bericht, ergebnis, forum, funktioniert, gelöscht, keine viren, laptop, log, malwarebytes, namen, neustart, nicht mehr, nicht sicher, problem, scan, speicher, spyware, system, test, trojaner, viren, virus, windows



Ähnliche Themen: Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein


  1. Infektion mit spyware.passwords.ed (Scan mit malware bytes)
    Plagegeister aller Art und deren Bekämpfung - 19.01.2015 (15)
  2. Malwarebytes Anti-Malware meldet beim Scan Funde!
    Plagegeister aller Art und deren Bekämpfung - 30.11.2014 (11)
  3. Windows 7 64 bit home: Malware oder Spyware gefunden, Avira Scan hat das Problem nicht behoben
    Log-Analyse und Auswertung - 29.10.2014 (13)
  4. PUP Funde nach Scan mit Malwarebytes Anti-Malware
    Plagegeister aller Art und deren Bekämpfung - 25.04.2014 (15)
  5. Malwarebytes Anti-Malware Scan findet zwei Viren
    Log-Analyse und Auswertung - 07.12.2013 (25)
  6. Full Scan Malwarebytes Anti-Malware findet 2 infizierte Datein
    Log-Analyse und Auswertung - 04.10.2013 (1)
  7. 60 Infizierte Objekte bei MalwareBytes Anti-Malware Scan :-(
    Plagegeister aller Art und deren Bekämpfung - 15.09.2013 (7)
  8. Malwarebytes Anti-Malware meldet 218 infizierte Objekte im Quick-Scan
    Log-Analyse und Auswertung - 10.09.2013 (12)
  9. MyStart by IncrediBar.com / Ergebnis des Scan mit Malwarebytes Anti-Malware
    Log-Analyse und Auswertung - 28.12.2012 (21)
  10. PUP.Blabbers bei Malwarebytes Anti-Malware Scan gefunden
    Plagegeister aller Art und deren Bekämpfung - 23.10.2012 (14)
  11. 7 Infizierte Registrierungsschlüssel (Trojan.BHO) nach Malwarebytes Anti-Malware Scan
    Plagegeister aller Art und deren Bekämpfung - 23.10.2012 (43)
  12. Logfile nach Scan mit Malwarebytes Anti-Malware
    Log-Analyse und Auswertung - 27.07.2012 (1)
  13. Avira hat Trojaner gefunden beim Malwarebytes scan..
    Log-Analyse und Auswertung - 22.05.2012 (6)
  14. Geldaufforderung während Scan von Malwarebytes Anti-Malware
    Plagegeister aller Art und deren Bekämpfung - 16.12.2011 (20)
  15. Malwarebytes Scan-Bericht nach Problem mit Malware Defense
    Log-Analyse und Auswertung - 20.01.2010 (1)
  16. Fehlermeldung MFC71.DLL und Malware bei Avira Scan
    Log-Analyse und Auswertung - 04.01.2009 (0)
  17. Avira sagt Trojaner, die anderen sagen nichts
    Plagegeister aller Art und deren Bekämpfung - 04.11.2008 (26)

Zum Thema Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein - Hi! Ich hoffe, Ihr konnt mir weiterhelfen. Gestern habe ich auf meinem Laptop ein Fenster entdeckt, welches mir freundlicherweise mitteilte, dass ich zu lange auf pornoseiten unterwegs war und jetzt - Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein...
Archiv
Du betrachtest: Bin ich den Ukash 100 EUR Trojaner los? Avira und Malwarebytes Malware sagen-ja, Scan Spyware-nein auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.