Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Virus Big Fish Games TR/Agent.2409800

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 06.01.2013, 18:33   #1
Heidi123
 
Virus Big Fish Games TR/Agent.2409800 - Standard

Virus Big Fish Games TR/Agent.2409800



Hallo Leute.

Avira hat beim letzten Suchlauf einen Virus entdeckt und in Quarantäne verschoben. MWB hat ihn aber komischerweise nicht gefunden.
Habe auch nie was von Big Fish Games installiert, keine Ahnung wo das auf einmal herkommt.
Poste euch mal die Log-Dateien und wäre für eure Hilfe sehr dankbar.

Code:
ATTFilter

Avira Antivirus Premium
Erstellungsdatum der Reportdatei: Freitag, 4. Januar 2013  12:20


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : xxx
Seriennummer   : xxx
Plattform      : Windows Vista (TM) Home Premium
Windowsversion : (Service Pack 2)  [6.0.6002]
Boot Modus     : Normal gebootet
Benutzername   : SYSTEM
Computername   : xxx-PC

Versionsinformationen:
BUILD.DAT      : 13.0.0.2890    50871 Bytes  05.12.2012 17:14:00
AVSCAN.EXE     : 13.6.0.402    639264 Bytes  22.12.2012 19:03:45
AVSCANRC.DLL   : 13.4.0.360     64800 Bytes  22.12.2012 19:03:45
LUKE.DLL       : 13.6.0.400     67360 Bytes  22.12.2012 19:04:21
AVSCPLR.DLL    : 13.6.0.402     93984 Bytes  22.12.2012 19:05:20
AVREG.DLL      : 13.6.0.406    248096 Bytes  22.12.2012 19:05:19
avlode.dll     : 13.6.1.402    428832 Bytes  22.12.2012 19:05:21
avlode.rdf     : 13.0.0.26       7958 Bytes  22.11.2012 10:59:16
VBASE000.VDF   : 7.10.0.0    19875328 Bytes  06.11.2009 13:50:29
VBASE001.VDF   : 7.11.0.0    13342208 Bytes  14.12.2010 13:50:31
VBASE002.VDF   : 7.11.19.170 14374912 Bytes  20.12.2011 13:50:34
VBASE003.VDF   : 7.11.21.238  4472832 Bytes  01.02.2012 13:50:36
VBASE004.VDF   : 7.11.26.44   4329472 Bytes  28.03.2012 13:50:37
VBASE005.VDF   : 7.11.34.116  4034048 Bytes  29.06.2012 13:42:40
VBASE006.VDF   : 7.11.41.250  4902400 Bytes  06.09.2012 13:42:40
VBASE007.VDF   : 7.11.50.230  3904512 Bytes  22.11.2012 12:43:11
VBASE008.VDF   : 7.11.55.142  2214912 Bytes  03.01.2013 12:27:51
VBASE009.VDF   : 7.11.55.143     2048 Bytes  03.01.2013 12:27:51
VBASE010.VDF   : 7.11.55.144     2048 Bytes  03.01.2013 12:27:51
VBASE011.VDF   : 7.11.55.145     2048 Bytes  03.01.2013 12:27:51
VBASE012.VDF   : 7.11.55.146     2048 Bytes  03.01.2013 12:27:51
VBASE013.VDF   : 7.11.55.196   260096 Bytes  04.01.2013 11:17:15
VBASE014.VDF   : 7.11.55.197     2048 Bytes  04.01.2013 11:17:15
VBASE015.VDF   : 7.11.55.198     2048 Bytes  04.01.2013 11:17:15
VBASE016.VDF   : 7.11.55.199     2048 Bytes  04.01.2013 11:17:15
VBASE017.VDF   : 7.11.55.200     2048 Bytes  04.01.2013 11:17:15
VBASE018.VDF   : 7.11.55.201     2048 Bytes  04.01.2013 11:17:16
VBASE019.VDF   : 7.11.55.202     2048 Bytes  04.01.2013 11:17:16
VBASE020.VDF   : 7.11.55.203     2048 Bytes  04.01.2013 11:17:16
VBASE021.VDF   : 7.11.55.204     2048 Bytes  04.01.2013 11:17:16
VBASE022.VDF   : 7.11.55.205     2048 Bytes  04.01.2013 11:17:16
VBASE023.VDF   : 7.11.55.206     2048 Bytes  04.01.2013 11:17:16
VBASE024.VDF   : 7.11.55.207     2048 Bytes  04.01.2013 11:17:16
VBASE025.VDF   : 7.11.55.208     2048 Bytes  04.01.2013 11:17:16
VBASE026.VDF   : 7.11.55.209     2048 Bytes  04.01.2013 11:17:16
VBASE027.VDF   : 7.11.55.210     2048 Bytes  04.01.2013 11:17:16
VBASE028.VDF   : 7.11.55.211     2048 Bytes  04.01.2013 11:17:16
VBASE029.VDF   : 7.11.55.212     2048 Bytes  04.01.2013 11:17:16
VBASE030.VDF   : 7.11.55.213     2048 Bytes  04.01.2013 11:17:16
VBASE031.VDF   : 7.11.55.216     3584 Bytes  04.01.2013 11:17:17
Engineversion  : 8.2.10.224
AEVDF.DLL      : 8.1.2.10      102772 Bytes  19.09.2012 13:42:55
AESCRIPT.DLL   : 8.1.4.78      467323 Bytes  20.12.2012 18:29:37
AESCN.DLL      : 8.1.10.0      131445 Bytes  14.12.2012 19:43:23
AESBX.DLL      : 8.2.5.12      606578 Bytes  28.08.2012 15:58:06
AERDL.DLL      : 8.2.0.74      643445 Bytes  07.11.2012 10:09:14
AEPACK.DLL     : 8.3.1.2       819574 Bytes  20.12.2012 18:29:36
AEOFFICE.DLL   : 8.1.2.50      201084 Bytes  05.11.2012 14:00:38
AEHEUR.DLL     : 8.1.4.168    5628280 Bytes  20.12.2012 18:29:34
AEHELP.DLL     : 8.1.25.2      258423 Bytes  12.10.2012 14:52:32
AEGEN.DLL      : 8.1.6.12      434549 Bytes  14.12.2012 19:43:20
AEEXP.DLL      : 8.3.0.4       184692 Bytes  20.12.2012 18:29:37
AEEMU.DLL      : 8.1.3.2       393587 Bytes  19.09.2012 13:42:55
AECORE.DLL     : 8.1.30.0      201079 Bytes  14.12.2012 19:43:19
AEBB.DLL       : 8.1.1.4        53619 Bytes  05.11.2012 14:00:38
AVWINLL.DLL    : 13.4.0.163     25888 Bytes  22.12.2012 19:01:51
AVPREF.DLL     : 13.4.0.360     50464 Bytes  22.12.2012 19:03:44
AVREP.DLL      : 13.4.0.360    177952 Bytes  22.12.2012 19:05:19
AVARKT.DLL     : 13.6.0.402    260384 Bytes  22.12.2012 19:03:28
AVEVTLOG.DLL   : 13.6.0.400    167200 Bytes  22.12.2012 19:03:32
SQLITE3.DLL    : 3.7.0.1       397088 Bytes  22.12.2012 19:04:48
AVSMTP.DLL     : 13.4.0.163     62752 Bytes  22.12.2012 19:03:47
NETNT.DLL      : 13.4.0.360     15648 Bytes  22.12.2012 19:04:32
RCIMAGE.DLL    : 13.4.0.360   4826400 Bytes  22.12.2012 19:01:54
RCTEXT.DLL     : 13.4.0.360     68384 Bytes  22.12.2012 19:01:54

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, 
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert

Beginn des Suchlaufs: Freitag, 4. Januar 2013  12:20

Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf nach versteckten Objekten wird begonnen.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '108' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'mobsync.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'notepad.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'SPMgr.exe' - '91' Modul(e) wurden durchsucht
Durchsuche Prozess 'SPMService.exe' - '95' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'conime.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'Apntex.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'ApMsgFwd.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'BtStackServer.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCSW.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'AVWEBGRD.EXE' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'avmailc.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'CCC.exe' - '165' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'VESMgrSub.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '7' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'VzCdbSvc.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCFw.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'VESMgr.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'uCamMonitor.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'NSUService.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'MWLaMaS.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'ehmsas.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'BTTray.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'ehtray.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'ToWLaAcF.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'SUPERANTISPYWARE.EXE' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'LANUtil.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'AgentMonitor.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'Updater.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'CNMNSUT.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'BJMYPRT.EXE' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'MOM.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'MarketingTools.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'ISBMgr.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'acrotray.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'Apoint.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'VAIOUpdt.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '148' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'PresentationFontCache.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '88' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '90' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLANExt.exe' - '87' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '98' Modul(e) wurden durchsucht
Durchsuche Prozess 'RtkAudioService.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '87' Modul(e) wurden durchsucht
Durchsuche Prozess 'SLsvc.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '156' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '116' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '2614' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\'
C:\Program Files\Big Fish Games Spiel-Suite\installers\atlantisskypatrol_s2_l2_gF1130T1L2_d0_xcd.exe
    [0] Archivtyp: NSIS
    --> [UnknownDir]/[UnknownDir]
        [FUND]      Ist das Trojanische Pferd TR/Agent.2409800
        [WARNUNG]   Infizierte Dateien in Archiven können nicht repariert werden

Beginne mit der Desinfektion:
C:\Program Files\Big Fish Games Spiel-Suite\installers\atlantisskypatrol_s2_l2_gF1130T1L2_d0_xcd.exe
  [FUND]      Ist das Trojanische Pferd TR/Agent.2409800
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '56807e9c.qua' verschoben!


Ende des Suchlaufs: Freitag, 4. Januar 2013  14:56
Benötigte Zeit:  2:31:40 Stunde(n)

Der Suchlauf wurde vollständig durchgeführt.

  37306 Verzeichnisse wurden überprüft
 598757 Dateien wurden geprüft
      1 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      1 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
 598756 Dateien ohne Befall
   5976 Archive wurden durchsucht
      1 Warnungen
      1 Hinweise
 700960 Objekte wurden beim Rootkitscan durchsucht
      0 Versteckte Objekte wurden gefunden
         

Code:
ATTFilter
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.01.04.04

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Kögler :: xxxx-PC [Administrator]

04.01.2013 09:23:09
mbam-log-2013-01-04 (09-23-09).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 454114
Laufzeit: 1 Stunde(n), 59 Minute(n), 56 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         

Geändert von Heidi123 (06.01.2013 um 18:38 Uhr)

Alt 06.01.2013, 18:50   #2
markusg
/// Malware-holic
 
Virus Big Fish Games TR/Agent.2409800 - Standard

Virus Big Fish Games TR/Agent.2409800



Hi
evtl. schon vor instaliert, wir gucken mal.
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 08.01.2013, 08:45   #3
Heidi123
 
Virus Big Fish Games TR/Agent.2409800 - Standard

Virus Big Fish Games TR/Agent.2409800



Hallo Guten Morgen,
habe deinen Auftrag ausgeführt
anbei die log-Datein

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 07.01.2013 13:42:41 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\xxx\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,97 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 42,03% Memory free
6,13 Gb Paging File | 4,33 Gb Available in Paging File | 70,57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 359,62 Gb Total Space | 210,32 Gb Free Space | 58,48% Space Free | Partition Type: NTFS
 
Computer Name: xxx-PC | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.01.07 13:39:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Downloads\OTL(1).exe
PRC - [2012.12.22 20:04:41 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.12.22 20:03:48 | 000,565,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012.12.22 20:03:46 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.12.22 20:03:36 | 000,400,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe
PRC - [2012.12.22 20:03:34 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.12.22 20:03:33 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.11.08 03:26:52 | 000,377,800 | ---- | M] () -- C:\Programme\VTech\DownloadManager\System\AgentMonitor.exe
PRC - [2012.11.05 20:00:19 | 004,763,008 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2012.10.29 17:33:28 | 001,573,584 | ---- | M] (Ask) -- C:\Programme\Ask.com\Updater\Updater.exe
PRC - [2012.07.03 18:40:24 | 000,024,576 | ---- | M] (Sony Corporation) -- C:\Programme\sony\Marketing Tools\MarketingTools.exe
PRC - [2011.11.09 12:01:58 | 000,671,796 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) -- C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe
PRC - [2011.11.09 11:31:48 | 000,487,489 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) -- C:\Programme\Common Files\Marmiko Shared\MWLaMaS.exe
PRC - [2009.11.01 18:30:00 | 002,508,104 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.09.28 16:56:18 | 000,140,640 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.11.22 03:33:20 | 000,303,104 | ---- | M] (Sony Corporation) -- C:\Programme\sony\Network Utility\NSUService.exe
PRC - [2008.11.22 03:33:20 | 000,270,336 | ---- | M] (Sony Corporation) -- C:\Programme\sony\Network Utility\LANUtil.exe
PRC - [2008.11.05 17:32:28 | 000,203,624 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Event Service\VESMgr.exe
PRC - [2008.11.05 17:32:28 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Event Service\VESMgrSub.exe
PRC - [2008.10.17 18:16:54 | 000,415,584 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Power Management\SPMService.exe
PRC - [2008.10.17 11:28:57 | 000,102,400 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RTKAUDIOSERVICE.EXE
PRC - [2008.10.14 16:07:30 | 002,300,456 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2008.10.14 16:07:30 | 000,776,744 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.09.30 01:04:57 | 000,122,880 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\Apoint.exe
PRC - [2008.09.30 01:04:57 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\ApntEx.exe
PRC - [2008.09.30 01:04:55 | 000,050,472 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\ApMsgFwd.exe
PRC - [2008.09.18 09:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Programme\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2008.09.11 18:28:26 | 000,446,464 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2008.09.08 08:59:54 | 000,192,512 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2008.09.08 08:59:52 | 000,279,848 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2008.09.05 11:54:58 | 001,771,360 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Power Management\SPMgr.exe
PRC - [2008.08.28 19:21:36 | 000,870,240 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Update 4\VAIOUpdt.exe
PRC - [2008.06.11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Programme\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2008.04.03 19:32:48 | 000,317,280 | ---- | M] (Sony Corporation) -- C:\Programme\sony\ISB Utility\ISBMgr.exe
PRC - [2006.10.30 09:43:02 | 002,461,696 | ---- | M] (STOIK Imaging (www.stoik.com)) -- C:\Programme\Samsung\Digimax Master\DigimaxMaster.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.11.18 20:40:49 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\eca677743544906340bc26d89c2538e4\System.IdentityModel.Selectors.ni.dll
MOD - [2012.11.18 20:40:48 | 001,070,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\6be544795f68114304a2efdd502a52f0\System.IdentityModel.ni.dll
MOD - [2012.11.18 20:40:46 | 002,346,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\68c89abe0ec8381863d6bb18539504f9\System.Runtime.Serialization.ni.dll
MOD - [2012.11.18 20:40:44 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\949339bed597380b8fb6dd2dc97d8006\SMDiagnostics.ni.dll
MOD - [2012.11.18 20:40:41 | 017,404,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\2d737eebab3321e31bf20296d04a0e1a\System.ServiceModel.ni.dll
MOD - [2012.11.18 20:40:24 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6525d5b1a3b2cbea3301959a47b353c2\System.ServiceProcess.ni.dll
MOD - [2012.11.18 20:40:18 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ac05afefb5b28893d44ec451da0e6d4e\System.Web.ni.dll
MOD - [2012.11.18 20:40:10 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2633dbf77be293b3a8693b6b062fd787\System.Runtime.Remoting.ni.dll
MOD - [2012.11.18 20:39:58 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7f15d0cb7e4f87f86e425d5ffe7e8280\System.Configuration.ni.dll
MOD - [2012.11.18 20:39:55 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\79f3661da2402c72b0bba0de1e55f4d1\Accessibility.ni.dll
MOD - [2012.11.16 19:40:35 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll
MOD - [2012.11.16 19:40:17 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\22e554f2c4da53c07e4815a24e2d50e2\System.Windows.Forms.ni.dll
MOD - [2012.11.16 19:40:09 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2c6cd37f29fc76d6c2ed6bbed202d82c\System.Drawing.ni.dll
MOD - [2012.11.16 19:38:46 | 007,976,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll
MOD - [2012.11.16 19:38:29 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll
MOD - [2012.11.08 03:26:52 | 000,377,800 | ---- | M] () -- C:\Programme\VTech\DownloadManager\System\AgentMonitor.exe
MOD - [2012.10.24 19:10:20 | 000,065,024 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012.08.06 10:54:24 | 009,843,640 | ---- | M] () -- C:\Programme\VTech\DownloadManager\System\QtWebKit4.dll
MOD - [2012.07.03 18:12:36 | 001,687,552 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3120.40644__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2012.07.03 18:12:36 | 000,270,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3120.40600__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2012.07.03 18:12:36 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3120.40658__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2012.07.03 18:12:36 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3120.40816__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2012.07.03 18:12:36 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3120.40636__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2012.07.03 18:12:36 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3120.40744__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2012.07.03 18:12:36 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3120.40622__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2012.07.03 18:12:35 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3120.40780__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2012.07.03 18:12:34 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3120.40847__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2012.07.03 18:12:22 | 000,348,160 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3120.40788__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2012.07.03 18:12:22 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3120.40854__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2012.07.03 18:12:22 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3120.40794__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2012.07.03 18:12:22 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3120.40615__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2012.07.03 18:12:22 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3120.40787__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2012.07.03 18:12:20 | 000,806,912 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3120.40747__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2012.07.03 18:12:20 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3120.40669__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2012.07.03 18:12:20 | 000,450,560 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3120.40739__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2012.07.03 18:12:20 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3120.40623__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2012.07.03 18:12:20 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3120.40806__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2012.07.03 18:12:20 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3120.40774__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2012.07.03 18:12:20 | 000,376,832 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3120.40745__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2012.07.03 18:12:20 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3120.40675__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2012.07.03 18:12:20 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3120.40664__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2012.07.03 18:12:20 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3120.40762__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2012.07.03 18:12:20 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3120.40746__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2012.07.03 18:12:20 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3120.40744__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2012.07.03 18:12:20 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3120.40675__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2012.07.03 18:12:20 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3120.40745__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2012.07.03 18:12:20 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3120.40761__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2012.07.03 18:12:20 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3120.40773__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2012.07.03 18:12:20 | 000,008,192 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3120.40587__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2012.07.03 18:12:20 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3120.40582__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2012.07.03 18:12:20 | 000,006,144 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3120.40587__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2012.07.03 18:12:20 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3120.40588__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2012.07.03 18:12:19 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3120.40581__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2012.07.03 18:12:19 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3120.40583__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2012.07.03 18:12:19 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3120.40786__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2012.07.03 18:12:19 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2012.07.03 18:12:19 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3120.40846__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2012.07.03 18:12:19 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3120.40837__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2012.07.03 18:12:19 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3120.40583__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2012.07.03 18:12:19 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3120.40583__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2012.07.03 18:12:19 | 000,019,968 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3120.40580__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2012.07.03 18:12:19 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2012.07.03 18:12:19 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2012.07.03 18:12:19 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3120.40636__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2012.07.03 18:12:19 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3120.40614__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2012.07.03 18:12:19 | 000,015,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3120.40582__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2012.07.03 18:12:19 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3120.40582__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2012.07.03 18:12:19 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3120.40598__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2012.07.03 18:12:19 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3120.40599__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2012.07.03 18:12:19 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2012.07.03 18:12:19 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3120.40845__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2012.07.03 18:12:19 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3120.40584__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2012.07.03 18:12:19 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3120.40585__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2012.07.03 18:12:19 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3120.40600__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2012.07.03 18:12:19 | 000,005,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3120.40599__90ba9c70f846762e\DEM.OS.dll
MOD - [2012.07.03 18:12:18 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3120.40746__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2012.07.03 18:12:18 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3120.40599__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2012.07.03 18:12:17 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3120.40816__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2012.07.03 18:12:17 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3120.40745__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2012.07.03 18:12:17 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3120.40642__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2012.07.03 18:12:17 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3120.40780__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2012.07.03 18:12:17 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3120.40621__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2012.07.03 18:12:17 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3120.40621__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2012.07.03 18:12:17 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3120.40621__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2012.07.03 18:12:17 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3120.40642__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2012.07.03 18:12:17 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3120.40761__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2012.07.03 18:12:17 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2012.07.03 18:12:17 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3120.40582__90ba9c70f846762e\APM.Foundation.dll
MOD - [2012.07.03 18:12:17 | 000,006,144 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3120.40589__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2012.07.03 18:12:13 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory.resources\2.0.3120.40592_de_90ba9c70f846762e\CLI.Component.SkinFactory.resources.dll
MOD - [2012.07.03 18:12:13 | 000,005,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.3120.40829_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll
MOD - [2012.07.03 18:12:12 | 000,995,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3120.40608__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2012.07.03 18:12:12 | 000,417,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3120.40829__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2012.07.03 18:12:12 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3120.40629__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2012.07.03 18:12:12 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3120.40837__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2012.07.03 18:12:12 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3120.40836__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2012.07.03 18:12:12 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3120.40592__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2012.07.03 18:12:12 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3120.40591__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2012.07.03 18:12:12 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3120.40587__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2012.07.03 18:12:12 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3120.40867__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2012.07.03 18:12:12 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3120.40586__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2012.07.03 18:12:12 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3120.40607__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2012.07.03 18:12:12 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3120.40585__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2012.07.03 18:12:12 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3120.40584__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2012.07.03 18:12:12 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2012.07.03 18:12:12 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2012.07.03 18:12:12 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3120.40629__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2012.07.03 18:12:12 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3120.40878__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2012.07.03 18:12:12 | 000,010,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3120.40607__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2012.07.03 18:12:12 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3120.40650__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2012.07.03 18:12:12 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3120.40588__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2012.07.03 18:12:12 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3120.40591__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2012.07.03 18:12:11 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3120.40599__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2012.07.03 18:12:11 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3120.40590__90ba9c70f846762e\APM.Server.dll
MOD - [2012.07.03 18:12:11 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3120.40589__90ba9c70f846762e\AEM.Server.dll
MOD - [2012.07.03 18:12:11 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2012.07.03 18:12:11 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3120.40837__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2010.11.11 10:24:31 | 000,028,160 | ---- | M] () -- C:\Programme\VTech\DownloadManager\System\DACommCenter.dll
MOD - [2010.07.13 14:07:23 | 007,826,432 | ---- | M] () -- C:\Programme\VTech\DownloadManager\System\QtGui4.dll
MOD - [2010.07.05 10:19:39 | 000,116,736 | ---- | M] () -- C:\Programme\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
MOD - [2010.06.24 02:16:19 | 002,150,400 | ---- | M] () -- C:\Programme\VTech\DownloadManager\System\QtCore4.dll
MOD - [2010.06.02 06:05:40 | 000,119,808 | ---- | M] () -- C:\Programme\VTech\DownloadManager\System\imageformats\qjpeg4.dll
MOD - [2010.06.02 03:56:04 | 000,232,960 | ---- | M] () -- C:\Programme\VTech\DownloadManager\System\phonon4.dll
MOD - [2010.06.02 03:54:24 | 002,530,816 | ---- | M] () -- C:\Programme\VTech\DownloadManager\System\QtXmlPatterns4.dll
MOD - [2010.06.02 03:29:22 | 000,934,912 | ---- | M] () -- C:\Programme\VTech\DownloadManager\System\QtNetwork4.dll
MOD - [2010.06.02 03:28:00 | 000,335,360 | ---- | M] () -- C:\Programme\VTech\DownloadManager\System\QtXml4.dll
MOD - [2009.12.09 07:54:50 | 000,495,616 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll
MOD - [2009.03.30 05:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.03.30 05:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.11.25 13:41:44 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SPMDam\3.1.0.6020__1b3c579b6925895f\SPMDam.dll
MOD - [2008.11.25 13:41:39 | 000,086,016 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SPMCommon\3.1.0.6020__e3c7096ba83f9295\SPMCommon.dll
MOD - [2008.10.14 15:56:08 | 000,126,976 | ---- | M] () -- C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2008.09.25 01:44:18 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008.08.26 10:41:42 | 000,016,384 | R--- | M] () -- c:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2006.10.30 08:31:48 | 000,170,496 | ---- | M] () -- C:\Programme\Samsung\Digimax Master\ToolPanel.dll
MOD - [2006.07.26 14:32:28 | 000,053,248 | ---- | M] () -- C:\Programme\Samsung\Digimax Master\AnimGIFWA.dll
MOD - [2006.06.15 09:29:24 | 000,274,432 | R--- | M] () -- C:\Programme\Samsung\Digimax Master\Stwablt2002.dll
MOD - [2006.01.24 14:40:06 | 000,274,432 | ---- | M] () -- C:\Programme\Samsung\Digimax Master\impexp2002.dll
MOD - [2005.06.29 14:54:02 | 000,036,864 | ---- | M] () -- C:\Programme\Samsung\Digimax Master\QTGrabber.dll
MOD - [2003.11.26 09:57:20 | 000,143,360 | ---- | M] () -- C:\Programme\Samsung\Digimax Master\InterfaceRes1.dll
MOD - [2003.05.15 14:06:34 | 000,458,830 | ---- | M] () -- C:\Programme\Samsung\Digimax Master\Stapi2002.dll
MOD - [2003.02.14 17:09:24 | 000,081,920 | ---- | M] () -- C:\Programme\Samsung\Digimax Master\Stxform.dll
MOD - [2002.09.06 11:17:42 | 000,270,414 | ---- | M] () -- C:\Programme\Samsung\Digimax Master\Stfrg2002.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2012.12.22 20:04:41 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.12.22 20:03:48 | 000,565,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012.12.22 20:03:36 | 000,400,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2012.12.22 20:03:34 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.12.06 20:47:46 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.09.10 11:14:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Disabled | Stopped] -- C:\Programme\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2008.11.25 13:40:16 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [Disabled | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.11.22 03:33:20 | 000,303,104 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\sony\Network Utility\NSUService.exe -- (NSUService)
SRV - [2008.11.05 17:32:28 | 000,203,624 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2008.10.21 09:52:38 | 000,353,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\sony\VAIO Media plus\SOHDms.exe -- (SOHDms)
SRV - [2008.10.21 09:52:38 | 000,062,752 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\sony\VAIO Media plus\SOHDs.exe -- (SOHDs)
SRV - [2008.10.21 09:52:36 | 000,103,712 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\sony\VAIO Media plus\SOHCImp.exe -- (SOHCImp)
SRV - [2008.10.17 18:16:54 | 000,415,584 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV - [2008.10.17 11:28:57 | 000,102,400 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Windows\RTKAUDIOSERVICE.EXE -- (RtkAudioService)
SRV - [2008.10.01 17:18:48 | 000,369,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2008.09.19 09:06:22 | 000,083,232 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2008.09.18 09:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Programme\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2008.09.11 18:28:26 | 000,446,464 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2008.09.08 08:59:56 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2008.09.08 08:59:54 | 000,192,512 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2008.09.08 08:59:52 | 000,279,848 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2008.08.20 15:38:30 | 000,860,160 | ---- | M] (Intel(R) Corporation) [Disabled | Stopped] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008.08.20 15:08:02 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Disabled | Stopped] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008.08.01 13:31:00 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008.05.20 00:51:34 | 000,077,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2008.05.20 00:49:04 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2008.05.20 00:29:06 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2008.01.21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.09.10 23:45:04 | 000,124,832 | ---- | M] () [Disabled | Stopped] -- c:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007.08.24 02:19:12 | 000,443,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2007.01.04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) [Disabled | Stopped] -- c:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006.10.26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.12.22 20:05:17 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.12.22 20:05:16 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.12.22 20:05:15 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.08.27 14:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2011.07.22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.08.27 12:23:08 | 000,019,200 | ---- | M] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\MTOnlPktAlyx.sys -- (MTOnlPktAlyX)
DRV - [2008.10.24 01:06:27 | 000,150,560 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008.10.23 01:02:23 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\risdptsk.sys -- (risdptsk)
DRV - [2008.10.23 01:02:02 | 000,068,608 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008.09.30 01:04:57 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008.09.25 01:44:13 | 003,847,168 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.08.28 22:48:46 | 003,664,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2008.08.22 16:22:42 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2008.08.22 01:06:22 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2008.06.07 01:02:55 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2008.04.24 13:06:40 | 000,017,920 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2008.01.25 03:14:25 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.04.17 19:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
IE - HKLM\..\SearchScopes,DefaultScope = {E0775E9E-5DDC-4C12-B58D-79B2B5918CE9}
IE - HKLM\..\SearchScopes\{E0775E9E-5DDC-4C12-B58D-79B2B5918CE9}: "URL" = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope = {E0775E9E-5DDC-4C12-B58D-79B2B5918CE9}
IE - HKCU\..\SearchScopes\{37D5F3A9-D090-4997-BBF7-207DD06165E8}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=3d4e2a87-205b-4d04-ab52-56a08c7cf486&apn_sauid=4D20FB5B-EAF0-4D15-AFB5-A868A46084A2
IE - HKCU\..\SearchScopes\{E0775E9E-5DDC-4C12-B58D-79B2B5918CE9}: "URL" = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=&rlz=1I7SNYK_de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE"
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0037-ABCDEFFEDCBA%7D:6.0.37
FF - prefs.js..extensions.enabledAddons: totbff01%40telekom.de:3.0.42
FF - prefs.js..extensions.enabledAddons: toolbar%40ask.com:3.15.11.100015
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..extensions.enabledItems: totbff01@telekom.de:3.0.38
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:10.1.0.68 - 1
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10261&locale=de_DE&apn_uid=3d4e2a87-205b-4d04-ab52-56a08c7cf486&apn_ptnrs=^AGS&apn_sauid=4D20FB5B-EAF0-4D15-AFB5-A868A46084A2&apn_dtid=^YYYYYY^YY^DE&&q="
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.06 20:47:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.06 20:47:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2012.07.03 19:23:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Extensions
[2012.12.19 14:05:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\3k3t80pt.default\extensions
[2012.12.12 10:31:49 | 000,000,000 | ---D | M] ("Avira SearchFree Toolbar plus Web Protection") -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\3k3t80pt.default\extensions\toolbar@ask.com
[2012.12.19 14:05:04 | 000,000,000 | ---D | M] (Telekom Toolbar 3.0) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\3k3t80pt.default\extensions\totbff01@telekom.de
[2012.08.21 09:11:52 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\3k3t80pt.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2012.08.07 00:53:50 | 000,007,915 | ---- | M] () (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\3k3t80pt.default\extensions\toolbar@ask.com\chrome\content\Abine\chrome\content\ff\view_expiry.js
[2012.07.03 19:24:18 | 000,002,101 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\3k3t80pt.default\searchplugins\amazonde.xml
[2013.01.06 20:05:57 | 000,002,413 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\3k3t80pt.default\searchplugins\askcom.xml
[2012.07.03 19:24:18 | 000,001,544 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\3k3t80pt.default\searchplugins\einkaufswelt.xml
[2012.07.03 19:24:18 | 000,002,121 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\3k3t80pt.default\searchplugins\leo-franzsisch.xml
[2012.07.03 19:24:18 | 000,002,099 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\3k3t80pt.default\searchplugins\leo-spanisch.xml
[2012.07.03 19:24:19 | 000,001,207 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\3k3t80pt.default\searchplugins\t-onlinede-portalsuche.xml
[2012.07.03 19:24:19 | 000,001,810 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\3k3t80pt.default\searchplugins\t-onlinede-websuche.xml
[2012.12.06 20:47:40 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.12.06 20:47:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2012.12.06 20:47:40 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
File not found (No name found) -- C:\USERS\KöGLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3K3T80PT.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM
File not found (No name found) -- C:\USERS\KöGLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3K3T80PT.DEFAULT\EXTENSIONS\TOTBFF01@TELEKOM.DE
[2012.12.06 20:47:47 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.10.24 23:03:12 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.24 23:03:11 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.10.24 23:03:12 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.24 23:03:12 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.24 23:03:12 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.24 23:03:11 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AgentMonitor] C:\Programme\VTech\DownloadManager\System\AgentMonitor.exe ()
O4 - HKLM..\Run: [AML] C:\Program Files\Sony\VAIO Launcher\AML.exe (Sony)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Programme\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Programme\sony\Marketing Tools\MarketingTools.exe (Sony Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [T-Online_Software_6\WLAN-Access Finder] C:\Program Files\T-Online\WLAN-Access Finder\ToWLaAcF.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{662807F0-7763-4043-9EFF-AE2662A51650}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FCC53B37-DB83-4EF0-93BB-492333932B22}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\xxx\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\xxx\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - State: "services" - 2
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.01.06 18:57:39 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\Macromedia
[2013.01.06 18:55:56 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\vlc
[2013.01.06 18:54:40 | 000,000,000 | ---D | C] -- C:\Update
[2013.01.04 09:19:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.01.04 09:19:04 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.01.04 09:19:04 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.12.24 19:29:04 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\cache
[2012.12.24 19:25:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VTech
[2012.12.24 19:24:03 | 000,000,000 | ---D | C] -- C:\ProgramData\VTech
[2012.12.24 19:24:03 | 000,000,000 | ---D | C] -- C:\Program Files\VTech
[2012.12.22 20:11:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.12.11 22:20:08 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Avira
[2012.12.11 22:14:20 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2012.12.11 22:13:51 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.12.11 22:13:50 | 000,134,336 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.12.11 22:13:50 | 000,083,944 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.12.11 22:13:50 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.12.11 22:13:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.12.11 22:13:50 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.01.07 13:43:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.07 13:40:43 | 000,001,248 | ---- | M] () -- C:\Users\xxx\Desktop\OTL(1) - Verknüpfung.lnk
[2013.01.07 13:30:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.07 11:18:45 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.07 06:49:11 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.07 06:49:11 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.06 18:56:46 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.01.06 18:56:46 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.01.06 18:56:46 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.01.06 18:56:46 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.01.06 18:48:59 | 3186,663,424 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.06 18:47:58 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013.01.04 09:19:05 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.01.03 22:19:42 | 000,033,337 | ---- | M] () -- C:\Users\xxx\Documents\westernsattel.odt
[2012.12.24 21:01:02 | 000,000,662 | ---- | M] () -- C:\Users\xxx\AppData\Local\cookies.ini
[2012.12.24 19:25:09 | 000,001,006 | ---- | M] () -- C:\Users\xxx\Desktop\VTech Download Manager.lnk
[2012.12.24 19:23:28 | 000,006,144 | ---- | M] () -- C:\Users\xxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.23 14:05:14 | 000,001,748 | -H-- | M] () -- C:\Users\xxx\Documents\Default.rdp
[2012.12.22 20:20:24 | 000,384,400 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.12.22 20:11:07 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.12.22 20:05:17 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.12.22 20:05:16 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.12.22 20:05:15 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.12.08 17:06:01 | 000,026,797 | ---- | M] () -- C:\Users\xxx\Documents\Innenseite Programm 2012 neu.pdf
[2012.12.08 17:05:22 | 000,134,586 | ---- | M] () -- C:\Users\xxx\Documents\Deckblatt Programm 2012 neu.pdf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.01.07 13:40:38 | 000,001,248 | ---- | C] () -- C:\Users\xxx\Desktop\OTL(1) - Verknüpfung.lnk
[2013.01.04 09:19:05 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.01.03 22:19:39 | 000,033,337 | ---- | C] () -- C:\Users\xxx\Documents\westernsattel.odt
[2012.12.24 19:29:16 | 000,000,662 | ---- | C] () -- C:\Users\xxx\AppData\Local\cookies.ini
[2012.12.24 19:25:09 | 000,001,006 | ---- | C] () -- C:\Users\xxx\Desktop\VTech Download Manager.lnk
[2012.12.23 13:07:07 | 000,001,748 | -H-- | C] () -- C:\Users\xxx\Documents\Default.rdp
[2012.12.14 22:25:38 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.12.14 22:25:38 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.12.11 22:14:38 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.12.08 17:05:59 | 000,026,797 | ---- | C] () -- C:\Users\xxx\Documents\Innenseite Programm 2012 neu.pdf
[2012.12.08 17:05:19 | 000,134,586 | ---- | C] () -- C:\Users\xxx\Documents\Deckblatt Programm 2012 neu.pdf
[2012.12.06 20:32:25 | 000,019,170 | ---- | C] () -- C:\Users\xxx\November2012.elfo
[2012.11.19 09:54:00 | 000,004,661 | ---- | C] () -- C:\Users\xxx\November 2012.elfo
[2012.11.19 09:52:38 | 000,019,214 | ---- | C] () -- C:\Users\xxx\Oktober 2012.elfo
[2012.10.15 19:39:41 | 000,000,005 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\mbam.context.scan
[2012.10.15 18:58:32 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2012.10.10 13:07:58 | 000,019,218 | ---- | C] () -- C:\Users\xxx\September 2012.elfo
[2012.09.01 20:31:13 | 000,019,214 | ---- | C] () -- C:\Users\xxx\Aug.2012.elfo
[2012.08.16 10:59:14 | 000,033,400 | ---- | C] () -- C:\Users\xxx\Umsatzsteuer-Jahresmeldung 2011.elfo
[2012.08.06 10:37:28 | 000,019,210 | ---- | C] () -- C:\Users\xxx\Juli 2012.elfo
[2012.07.08 19:06:01 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012.07.08 19:06:01 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012.07.06 16:35:08 | 000,019,254 | ---- | C] () -- C:\Users\xxx\Juni 2012.elfo
[2012.07.06 16:30:52 | 000,018,774 | ---- | C] () -- C:\Users\xxx\Mai 2012.elfo
[2012.07.03 18:51:57 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2012.07.03 18:42:29 | 000,344,064 | ---- | C] () -- C:\Windows\System32\SSMSIppCustom.dll
[2012.07.03 18:32:42 | 000,000,196 | ---- | C] () -- C:\Windows\ulead32.ini
[2012.07.03 18:17:27 | 000,552,960 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2012.07.03 18:17:27 | 000,159,744 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2012.07.03 18:17:26 | 000,008,704 | ---- | C] () -- C:\Windows\System32\vidccleaner.exe
[2012.07.03 18:16:05 | 000,006,144 | ---- | C] () -- C:\Users\xxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.03 18:15:50 | 000,040,960 | ---- | C] () -- C:\Windows\unS385_.dll
[2012.07.03 18:05:20 | 000,001,356 | ---- | C] () -- C:\Users\xxx\AppData\Local\d3d9caps.dat
[2012.07.03 17:57:30 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
 
========== ZeroAccess Check ==========
 
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.07.04 18:58:42 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Canon
[2012.07.06 16:26:42 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\elsterformular
[2012.07.03 18:49:44 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\InfraRecorder
[2012.07.03 19:32:02 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\OpenOffice.org
[2012.07.11 20:29:45 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\RavensburgerTipToi
[2012.07.03 18:57:56 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\T-Online
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.07.03 18:06:20 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2012.11.01 18:36:01 | 000,000,000 | -HSD | M] -- C:\Boot
[2012.07.03 18:52:02 | 000,000,000 | ---D | M] -- C:\Documentation
[2006.11.02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012.07.03 18:01:36 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012.09.12 12:19:49 | 000,000,000 | -HSD | M] -- C:\found.000
[2012.07.03 18:27:44 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2012.07.06 10:36:08 | 000,000,000 | ---D | M] -- C:\N360_BACKUP
[2008.01.21 03:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2013.01.06 18:48:55 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.12.24 19:24:03 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012.07.03 18:01:36 | 000,000,000 | -HSD | M] -- C:\Programme
[2013.01.07 13:45:23 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2013.01.06 18:54:40 | 000,000,000 | ---D | M] -- C:\Update
[2012.07.03 18:05:13 | 000,000,000 | R--D | M] -- C:\Users
[2012.12.15 10:34:05 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2006.11.02 10:44:49 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2006.11.02 10:44:49 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2006.11.02 10:44:49 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2006.11.02 10:44:49 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2009.04.11 07:27:17 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2006.11.02 14:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006.11.02 14:01:49 | 000,032,582 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.07.09 19:23:39 | 000,001,094 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.07.09 19:23:40 | 000,001,098 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
 
< MD5 for: AGP440.SYS  >
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2008.10.17 03:16:55 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\Windows\Drivers\INF\SATA Driver (Intel) (Non-RAID)\IaStor.sys
[2008.10.17 03:16:55 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\Windows\System32\drivers\iaStor.sys
[2008.10.17 03:16:55 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_3c4af4a0\iaStor.sys
[2008.10.17 03:16:55 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_976b5a8f\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.12.14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\system32\*.dll /lockedfiles >
[2008.09.25 01:44:10 | 000,421,888 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll
 
< %USERPROFILE%\*.* >
[2012.09.01 20:31:39 | 000,019,214 | ---- | M] () -- C:\Users\xxx\Aug.2012.elfo
[2012.08.06 10:37:46 | 000,019,210 | ---- | M] () -- C:\Users\xxx\Juli 2012.elfo
[2012.07.06 16:35:23 | 000,019,254 | ---- | M] () -- C:\Users\xxx\Juni 2012.elfo
[2012.07.06 16:31:17 | 000,018,774 | ---- | M] () -- C:\Users\xxx\Mai 2012.elfo
[2012.11.19 09:54:04 | 000,004,661 | ---- | M] () -- C:\Users\xxx\November 2012.elfo
[2012.12.06 20:33:28 | 000,019,170 | ---- | M] () -- C:\Users\xxx\November2012.elfo
[2013.01.07 14:03:55 | 002,359,296 | -HS- | M] () -- C:\Users\xxx\ntuser.dat
[2013.01.07 14:03:55 | 000,262,144 | -H-- | M] () -- C:\Users\xxx\ntuser.dat.LOG1
[2012.07.03 18:05:22 | 000,000,000 | -H-- | M] () -- C:\Users\xxx\ntuser.dat.LOG2
[2012.07.26 14:31:58 | 000,065,536 | -HS- | M] () -- C:\Users\xxx\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2012.07.26 14:31:58 | 000,524,288 | -HS- | M] () -- C:\Users\xxx\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2012.07.03 19:16:15 | 000,524,288 | -HS- | M] () -- C:\Users\xxx\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2012.10.11 21:07:57 | 000,065,536 | -HS- | M] () -- C:\Users\xxx\ntuser.dat{a59289b9-db3f-11e1-add1-00214fb8114a}.TM.blf
[2012.10.11 21:07:57 | 000,524,288 | -HS- | M] () -- C:\Users\xxx\ntuser.dat{a59289b9-db3f-11e1-add1-00214fb8114a}.TMContainer00000000000000000001.regtrans-ms
[2012.07.31 20:32:41 | 000,524,288 | -HS- | M] () -- C:\Users\xxx\ntuser.dat{a59289b9-db3f-11e1-add1-00214fb8114a}.TMContainer00000000000000000002.regtrans-ms
[2013.01.06 18:47:54 | 000,065,536 | -HS- | M] () -- C:\Users\xxx\ntuser.dat{dbd4dc1e-1499-11e2-85b5-00214fb8114a}.TM.blf
[2013.01.06 18:47:54 | 000,524,288 | -HS- | M] () -- C:\Users\xxx\ntuser.dat{dbd4dc1e-1499-11e2-85b5-00214fb8114a}.TMContainer00000000000000000001.regtrans-ms
[2012.10.12 21:27:22 | 000,524,288 | -HS- | M] () -- C:\Users\xxx\ntuser.dat{dbd4dc1e-1499-11e2-85b5-00214fb8114a}.TMContainer00000000000000000002.regtrans-ms
[2008.01.21 02:42:57 | 000,000,020 | -HS- | M] () -- C:\Users\xxx\ntuser.ini
[2012.11.19 09:52:57 | 000,019,214 | ---- | M] () -- C:\Users\xxx\Oktober 2012.elfo
[2012.10.10 13:08:17 | 000,019,218 | ---- | M] () -- C:\Users\xxx\September 2012.elfo
[2012.08.16 10:59:41 | 000,033,400 | ---- | M] () -- C:\Users\xxx\Umsatzsteuer-Jahresmeldung 2011.elfo
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
 
<           >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 280 bytes -> C:\Windows\System32\msln.exe:139bb1fd047c6491d733cd2281a06101

< End of report >
         
--- --- ---

[/code]


OTL Logfile:
Code:
ATTFilter
oTL Extras logfile created on: 07.01.2013 13:42:41 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\xxx\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,97 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 42,03% Memory free
6,13 Gb Paging File | 4,33 Gb Available in Paging File | 70,57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 359,62 Gb Total Space | 210,32 Gb Free Space | 58,48% Space Free | Partition Type: NTFS
 
Computer Name: xxx-PC | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- 
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [open] -- 
htmlfile [opennew] -- 
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Program Files\dm\dm-Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [dm-Fotowelt] -- "C:\Program Files\dm\dm-Fotowelt\dm-Fotowelt.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Telekom Fotoservice] -- "C:\Program Files\Deutsche Telekom\Telekom Fotoservice\Telekom Fotoservice.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{16A4E04A-8C42-4374-9F6A-E87D277F8661}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{1E718CF5-E7DF-4D50-A24F-DB91990B6779}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{3D7F5A22-A0E1-4BBA-A429-131A4181F20A}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{6E75F2CC-1AAD-4010-ACE7-3B350A6D794E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{DC7E132A-E454-46E6-A9B6-7A63757227DE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{E0E1F275-7D66-4AE4-BFA5-EF59285D3C2A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{E6CCC1CF-B891-4082-B930-8B73979536A1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{F1C4CA35-8322-433A-995C-F9B65A08D6BA}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{067458B4-0D42-47FC-870D-E791D2772596}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{16275015-D5CC-4F8A-9E9C-9DF200D41671}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{385D583F-C77E-4A8D-A18E-AFDE6B4320B6}" = protocol=17 | dir=in | app=c:\users\xxx\appdata\local\temp\7zs1f63.tmp\symnrt.exe | 
"{626E310C-2EB2-4962-9780-DDA4444C75AF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{87E5CDAF-FBC8-4CD8-AB79-382839AF409D}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe | 
"{8DBF1517-1527-4FDA-847D-D94BC62B8380}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9229E2F0-0C53-4ECB-A112-18DF65090B7A}" = protocol=6 | dir=in | app=c:\users\xxx\appdata\local\temp\7zs1f63.tmp\symnrt.exe | 
"{9B2DB6BD-3BDC-4FB6-B2C7-452B7FA732D4}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{018F8F57-B46B-B9B9-C452-DE8F5618434F}" = Catalyst Control Center Graphics Full Existing
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{025C3792-E9C6-432A-92C1-661F99D021CA}" = Ulead Photo Explorer 8.5
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07C93E59-2DE3-1565-28A9-8C848B26D0F5}" = CCC Help German
"{088C7311-A3BB-43C5-B046-C114D2F9728C}" = VAIO Media plus
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{0A6F9244-8C79-1296-3A43-097F67EB666A}" = Catalyst Control Center Localization Dutch
"{0E3C2706-59A3-426E-A0EA-65BFF05048C7}" = VAIO Content Metadata Intelligent Analyzing Manager
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series" = Canon MX870 series MP Drivers
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{1790FDA2-938F-C886-8988-1ECB74E45517}" = Catalyst Control Center Localization Norwegian
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1C815731-19F3-0770-8776-D78D6BEBC291}" = Catalyst Control Center Localization Hungarian
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1EC06E70-BE43-DAAA-A217-E5C98869B1F8}" = Catalyst Control Center Localization Greek
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{2018C019-30D9-4240-8C01-0865C10DCF5A}" = Unterstützung für VAIO-Präsentation
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"{2217B0B4-35CB-48C6-B640-864DF2F30F99}" = OpenOffice.org 3.2
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{252E50FD-F27C-C8DD-C9E2-D2845A2DC399}" = ATI Catalyst Install Manager
"{25BA8D5A-228A-7192-6FA1-890D9F1C679F}" = CCC Help Korean
"{26A24AE4-039D-4CA4-87B4-2F83216037FF}" = Java(TM) 6 Update 37
"{295C31E5-3F91-498E-9623-DA24D2FA2B6A}" = T-Online WLAN-Access Finder
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{327B75F0-92AF-420A-988F-FA596A218E0B}" = VAIO Content Folder Watcher
"{36557787-E9BE-40E0-8627-C6C3486FF1CF}" = VAIO Content Metadata Intelligent Analyzing Manager
"{36BDB1C2-CC66-41EB-B7DD-76339A7BB046}" = VAIO Edit Components
"{3B311FB9-5B6A-328C-D7AE-2445D639D886}" = CCC Help Norwegian
"{3B659FAD-E772-44A3-B7E7-560FF084669F}" = VAIO Smart Network
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CEA4CA8-CDD4-451C-B673-E8F17BE01B15}" = Ulead COOL 360 1.0
"{3D333C7C-102B-F474-9524-72AAA3F292B8}" = Catalyst Control Center Localization Danish
"{3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}" = Adobe Premiere Elements 4.0
"{40C4903E-EDFB-4CAE-A611-41FEBA585921}" = VTech Download Agent Library
"{4529BC6B-16AE-6829-4946-36C33DBF8DD1}" = Catalyst Control Center Localization French
"{46D7A7FB-305B-F77D-60F8-8FAE1C432374}" = Catalyst Control Center InstallProxy
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{527EB2A4-BF51-B1B6-3F09-2032A861548E}" = Catalyst Control Center Graphics Light
"{52A7C6A6-6B88-47D1-922E-9F8A7E089E6A}" = Intel(R) PROSet/Wireless WiFi-Software
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{55AF809F-BD6D-45AF-A2C2-833308FA432A}" = VAIO Content Metadata XML Interface Library
"{55C0F7C1-8B6D-CBBD-2B88-EE7261A87254}" = CCC Help Greek
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" = 
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Energie Verwaltung
"{629FD96D-5877-0832-2D31-0EFE781F870D}" = CCC Help Portuguese
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio
"{652C5DED-9B9F-93D0-5E94-931B8C38EF0E}" = Catalyst Control Center Localization Thai
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{69C8B1E3-2665-4A0F-B049-67746E5C4CE3}" = Software Info for Me&My VAIO
"{6A54CB6A-59D1-6A3A-08F3-E34ECF8905A9}" = Catalyst Control Center Graphics Previews Vista
"{6AA6EEA5-BF09-932B-AC25-0E9CCA4B709A}" = CCC Help Danish
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6C4EF0CA-A9DD-96CF-B722-CCDEB589DD26}" = Catalyst Control Center Localization Chinese Traditional
"{6D4673B7-A982-43E5-82E9-13E037681478}" = Click to Disc
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{711D43D7-24FE-A2B7-CC52-A48BCAAF3926}" = Catalyst Control Center Graphics Previews Common
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73496381-83C9-7BE6-6EB6-4CF97C00E5FD}" = CCC Help Polish
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{75F52FAC-16CE-4A2A-B89A-9742F39A1864}" = VAIO Movie Story
"{76D7CCD6-8369-405C-B494-5F34FAE67249}" = Me&My VAIO
"{79BBD55C-9FF6-D496-8AE6-E2EC2829F974}" = Catalyst Control Center Localization Czech
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{7CC28423-465C-F4B9-9379-343DF715BE62}" = CCC Help Swedish
"{80828DF5-270E-F8E6-6274-55ACA4C7E229}" = Catalyst Control Center Localization Japanese
"{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}" = VAIO Update 4
"{84037798-D63A-F5CA-9FB2-829B362BF712}" = CCC Help Finnish
"{8470A1D9-536E-C7C1-AE2D-24B739B1665A}" = Catalyst Control Center Localization Russian
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{882683C6-8B60-5CBC-38A8-55ED185FD975}" = CCC Help Turkish
"{8843C5E1-51E5-DFA6-1AD8-757C8DCA7E37}" = CCC Help Russian
"{88C023FB-E7F6-4415-ACEF-82372B8A05A8}" = Samsung USB Driver
"{88C596E4-6882-8E76-EBEF-AB739F5A3B69}" = Catalyst Control Center Localization Italian
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C467DE1-6E04-0888-B281-172909C96F37}" = Skins
"{8C7FB08D-7A84-22E0-F553-F6B827023E17}" = CCC Help Chinese Traditional
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{58FC5E37-DD28-4D4A-A549-125744C6763C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91F2D688-B8CB-4461-A92D-6B35279DAE8F}" = VAIO Content Folder Watcher
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{93F32124-BB54-C599-CF55-E1E57565BCE3}" = CCC Help Czech
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96C951BB-47C8-8497-78F0-7D8D328B58E3}" = Catalyst Control Center Localization Portuguese
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = 
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2
"{99D8CD4E-A5D2-A9DF-A152-B28EB5A71F85}" = Catalyst Control Center Localization German
"{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plugins
"{9EAC0E21-510E-4259-A9C6-F5D5B8969036}" = Catalyst Control Center - Branding
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A2052C95-48CC-4AC9-A8D4-FCD89DDD8F2C}" = VAIO Content Folder Watcher
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939F952-1C7E-CBF8-EE77-CFBD9C6A4ECC}" = ccc-core-static
"{AA75988E-9EC1-EECE-CE00-D5D935974528}" = CCC Help Dutch
"{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat  9 Standard - English, Français, Deutsch
"{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat  9 Standard - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{ACB5FD4A-6C58-972C-180C-9677C037E71D}" = Catalyst Control Center Localization Chinese Standard
"{ADBDB038-FF77-C672-04A1-7A0E67E8C73C}" = Catalyst Control Center Core Implementation
"{ADECE95F-585D-8B33-BF50-53C2BDA1E241}" = Catalyst Control Center Localization Korean
"{AE0FBCB5-3193-4583-C6CB-AA96F307EA70}" = ccc-utility
"{AEC0CEBC-0FC7-4716-8222-1C4A742719B1}" = Digimax Master
"{AFF10119-F154-4888-77F3-B149DE987976}" = Catalyst Control Center Localization Polish
"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7C03E84-AF46-42F4-809D-D4127D9086D0}" = VAIO Edit Components 6.5
"{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}" = OpenMG Secure Module 5.1.00
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C767EE67-9AA4-1CBF-8FD4-87F52CBB041D}" = CCC Help Italian
"{C8E57F8C-64FE-28D7-0F65-7BE87AF49745}" = Catalyst Control Center Graphics Full New
"{CAE07D54-A400-DAF9-912B-306DD941B61C}" = Catalyst Control Center Localization Finnish
"{CB6CF566-E06F-2556-55EF-EE149FC6EE7F}" = CCC Help French
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D035FBF6-FDEF-487D-89CA-6F9DD07B783F}" = Dolby Control Center
"{D355ECA7-DBF5-F22E-4E1A-BF69CFC5CED8}" = CCC Help Japanese
"{D44DF260-2D5A-3277-97D6-C97D1A806CF5}" = CCC Help Thai
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D5FBA9C1-21D3-4210-A604-CF9E38238F35}" = VAIO Entertainment Platform
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D7019E24-BF07-3690-18C7-3D0DE87D09AB}" = CCC Help Chinese Standard
"{D7FFE7EB-1A15-864C-B335-E768BF623B84}" = Catalyst Control Center Localization Swedish
"{DE1F799A-0A02-FF3B-8786-195E91D0DE94}" = CCC Help Spanish
"{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter
"{E31010F6-DE18-0E9F-E028-FC709306C6F1}" = Catalyst Control Center Localization Turkish
"{E3453B1B-C91B-4C48-B046-8DF635DD46F2}" = VAIO Content Metadata XML Interface Library
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E464702F-5433-46EC-8F65-159276C0A54F}" = WIDCOMM Bluetooth Software 6.2.0.5800
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5BD6683-301D-B224-FB7C-320299CD51F9}" = CCC Help Hungarian
"{E9730C7A-E5DA-8222-45FE-2D71E810BE46}" = Catalyst Control Center Localization Spanish
"{EA39F1F5-D4A1-C02A-0865-7F6A95A33A56}" = CCC Help English
"{EADE97A7-E7AA-43FD-A042-92A68E0187A6}" = VAIO Content Metadata Manager Setting
"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter
"{ECB5774A-A39B-4419-A7D3-92F49C0FCAB3}" = VAIO Content Metadata Intelligent Analyzing Manager
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EDF6A69E-967B-4F17-B537-647CA205EC1D}" = VAIO Content Metadata Manager Setting
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2D7A126-9648-4588-9C3E-7C1E7FD22C23}" = SonicStage Mastering Studio
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" = 
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}" = Adobe Premiere Elements 4.0 Templates
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"{FE58B892-3825-4610-A6A2-E6EFCA83BD97}" = Ulead PhotoImpact 10
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"Avira AntiVir Desktop" = Avira Antivirus Premium
"BFG-Big Fish Games Spiel-Suite" = Big Fish Games Spiel-Suite
"Canon MX870 series Benutzerregistrierung" = Canon MX870 series Benutzerregistrierung
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"dm-Fotowelt" = dm-Fotowelt
"dt icon module" = 
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ElsterFormular für Unternehmer 12.1.0.6164u" = ElsterFormular für Unternehmer
"FarmingSimulator2009GoldDE_is1" = Landwirtschafts-Simulator 2009 Gold
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InfraRecorder" = InfraRecorder
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}" = OpenMG Secure Module 5.1.00
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"MarketingTools" = VAIO Marketing Tools
"MFU Module" = 
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 3.1" = Canon MP Navigator EX 3.1
"Netzmanager" = Netzmanager
"Picasa2" = Picasa 2
"PremElem40" = Adobe Premiere Elements 4.0
"PremElem40Templates" = Adobe Premiere Elements 4.0 Templates
"ProInst" = Intel PROSet Wireless
"Ravensburger tiptoi" = Ravensburger tiptoi
"Speed Dial Utility" = Canon Kurzwahlprogramm
"Telekom Fotoservice" = Telekom Fotoservice
"VAIO Help and Support" = 
"VLC media player" = VLC media player 1.0.5
"VTechDownloadManager" = VTech Download Manager
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 10.12.2012 08:06:44 | Computer Name = xxx-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 10.12.2012 08:06:54 | Computer Name = xxx-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 11.12.2012 08:54:13 | Computer Name = xxx-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 11.12.2012 08:54:15 | Computer Name = xxx-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 12.12.2012 05:24:51 | Computer Name = xxx-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 12.12.2012 05:25:15 | Computer Name = xxx-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 14.12.2012 15:38:02 | Computer Name = xxx-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 14.12.2012 15:38:05 | Computer Name = xxx-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.12.2012 05:32:46 | Computer Name = xxx-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 15.12.2012 05:32:54 | Computer Name = xxx-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 06.01.2013 06:44:07 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 06.01.2013 06:44:07 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 06.01.2013 06:44:07 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 06.01.2013 06:54:46 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 06.01.2013 06:54:46 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 06.01.2013 12:25:26 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 06.01.2013 12:25:26 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 06.01.2013 12:25:26 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 06.01.2013 12:25:27 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 06.01.2013 13:50:39 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7000
Description = 
 
 
< End of report >
         
--- --- ---

[/code]
__________________

Alt 08.01.2013, 16:53   #4
markusg
/// Malware-holic
 
Virus Big Fish Games TR/Agent.2409800 - Standard

Virus Big Fish Games TR/Agent.2409800



Hi,
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 08.01.2013, 21:05   #5
Heidi123
 
Virus Big Fish Games TR/Agent.2409800 - Standard

Virus Big Fish Games TR/Agent.2409800



Hoffe ich hab alles richtig gemacht!

hier der Report des Suchlaufs:

Code:
ATTFilter
20:55:16.0079 3568  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
20:55:16.0406 3568  ============================================================
20:55:16.0406 3568  Current date / time: 2013/01/08 20:55:16.0406
20:55:16.0406 3568  SystemInfo:
20:55:16.0406 3568  
20:55:16.0406 3568  OS Version: 6.0.6002 ServicePack: 2.0
20:55:16.0406 3568  Product type: Workstation
20:55:16.0406 3568  ComputerName: xxx-PC
20:55:16.0406 3568  UserName: xxx
20:55:16.0406 3568  Windows directory: C:\Windows
20:55:16.0406 3568  System windows directory: C:\Windows
20:55:16.0406 3568  Processor architecture: Intel x86
20:55:16.0406 3568  Number of processors: 2
20:55:16.0406 3568  Page size: 0x1000
20:55:16.0406 3568  Boot type: Normal boot
20:55:16.0406 3568  ============================================================
20:55:17.0015 3568  Drive \Device\Harddisk0\DR0 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:55:17.0015 3568  ============================================================
20:55:17.0015 3568  \Device\Harddisk0\DR0:
20:55:17.0015 3568  MBR partitions:
20:55:17.0015 3568  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x19FB800, BlocksNum 0x2CF3D000
20:55:17.0015 3568  ============================================================
20:55:17.0046 3568  C: <-> \Device\Harddisk0\DR0\Partition1
20:55:17.0046 3568  ============================================================
20:55:17.0046 3568  Initialize success
20:55:17.0046 3568  ============================================================
20:56:36.0481 6012  ============================================================
20:56:36.0481 6012  Scan started
20:56:36.0481 6012  Mode: Manual; SigCheck; TDLFS; 
20:56:36.0481 6012  ============================================================
20:56:37.0230 6012  ================ Scan system memory ========================
20:56:37.0230 6012  System memory - ok
20:56:37.0230 6012  ================ Scan services =============================
20:56:37.0339 6012  [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
20:56:37.0558 6012  !SASCORE - ok
20:56:37.0698 6012  [ FEE588CDF60F2B541B5A3E803FA938A1 ] ACDaemon        C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
20:56:37.0745 6012  ACDaemon - ok
20:56:37.0948 6012  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
20:56:37.0994 6012  ACPI - ok
20:56:38.0104 6012  [ E8FE4FCE23D2809BD88BCC1D0F8408CE ] AdobeActiveFileMonitor6.0 c:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
20:56:38.0135 6012  AdobeActiveFileMonitor6.0 - ok
20:56:38.0197 6012  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:56:38.0275 6012  adp94xx - ok
20:56:38.0306 6012  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:56:38.0353 6012  adpahci - ok
20:56:38.0384 6012  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
20:56:38.0400 6012  adpu160m - ok
20:56:38.0416 6012  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:56:38.0431 6012  adpu320 - ok
20:56:38.0494 6012  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:56:38.0603 6012  AeLookupSvc - ok
20:56:38.0681 6012  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
20:56:38.0712 6012  AFD - ok
20:56:38.0774 6012  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:56:38.0790 6012  agp440 - ok
20:56:38.0806 6012  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
20:56:38.0821 6012  aic78xx - ok
20:56:38.0852 6012  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
20:56:38.0977 6012  ALG - ok
20:56:38.0977 6012  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:56:38.0993 6012  aliide - ok
20:56:39.0024 6012  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
20:56:39.0040 6012  amdagp - ok
20:56:39.0055 6012  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
20:56:39.0071 6012  amdide - ok
20:56:39.0086 6012  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
20:56:39.0118 6012  AmdK7 - ok
20:56:39.0133 6012  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
20:56:39.0164 6012  AmdK8 - ok
20:56:39.0289 6012  [ 94B415DF65DFCE569216F8276E8E9CBD ] AntiVirMailService C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
20:56:39.0336 6012  AntiVirMailService - ok
20:56:39.0398 6012  [ C321528276C59058A261616F7D1EA496 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
20:56:39.0430 6012  AntiVirSchedulerService - ok
20:56:39.0445 6012  [ 66AD3485D0AB5F9FDEF67928FD624A80 ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
20:56:39.0476 6012  AntiVirService - ok
20:56:39.0508 6012  [ EDD7AD5B5C003B7AB38C90508B055C25 ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
20:56:39.0601 6012  AntiVirWebService - ok
20:56:39.0679 6012  [ 9325E49D555D8F12CE1735227DBB3D80 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
20:56:39.0710 6012  ApfiltrService - ok
20:56:39.0773 6012  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
20:56:39.0835 6012  Appinfo - ok
20:56:39.0866 6012  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
20:56:39.0898 6012  arc - ok
20:56:39.0944 6012  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:56:39.0976 6012  arcsas - ok
20:56:40.0022 6012  [ 857B48965A0503B7AB795D4BFE7CBD8B ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
20:56:40.0054 6012  ArcSoftKsUFilter - ok
20:56:40.0085 6012  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:56:40.0147 6012  AsyncMac - ok
20:56:40.0178 6012  [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:56:40.0210 6012  atapi - ok
20:56:40.0241 6012  [ 6455100A6CDB1DEDC551E12FD41BC519 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
20:56:40.0366 6012  Ati External Event Utility - ok
20:56:40.0600 6012  [ 9F66D1BA97911731133E46212539A08D ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
20:56:40.0865 6012  atikmdag - ok
20:56:41.0005 6012  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:56:41.0068 6012  AudioEndpointBuilder - ok
20:56:41.0068 6012  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:56:41.0099 6012  Audiosrv - ok
20:56:41.0177 6012  [ D57E60FF40E858B653C404605BBDD6FC ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
20:56:41.0192 6012  avgntflt - ok
20:56:41.0224 6012  [ 0189056DDBF23C7DEF09D2B5999C5405 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
20:56:41.0224 6012  avipbb - ok
20:56:41.0239 6012  [ 5BE9B023D7917E6B51FC402DE06819B4 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
20:56:41.0255 6012  avkmgr - ok
20:56:41.0286 6012  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:56:41.0333 6012  Beep - ok
20:56:41.0426 6012  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
20:56:41.0489 6012  BFE - ok
20:56:41.0614 6012  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
20:56:41.0707 6012  BITS - ok
20:56:41.0738 6012  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
20:56:41.0816 6012  blbdrive - ok
20:56:41.0863 6012  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:56:41.0926 6012  bowser - ok
20:56:41.0972 6012  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
20:56:42.0019 6012  BrFiltLo - ok
20:56:42.0035 6012  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
20:56:42.0113 6012  BrFiltUp - ok
20:56:42.0175 6012  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
20:56:42.0253 6012  Browser - ok
20:56:42.0300 6012  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
20:56:42.0518 6012  Brserid - ok
20:56:42.0550 6012  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
20:56:42.0674 6012  BrSerWdm - ok
20:56:42.0721 6012  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
20:56:42.0830 6012  BrUsbMdm - ok
20:56:42.0862 6012  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
20:56:42.0940 6012  BrUsbSer - ok
20:56:43.0002 6012  [ 6D39C954799B63BA866910234CF7D726 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
20:56:43.0033 6012  BthEnum - ok
20:56:43.0080 6012  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
20:56:43.0189 6012  BTHMODEM - ok
20:56:43.0220 6012  [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
20:56:43.0252 6012  BthPan - ok
20:56:43.0330 6012  [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
20:56:43.0454 6012  BTHPORT - ok
20:56:43.0501 6012  [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ         C:\Windows\System32\bthserv.dll
20:56:43.0579 6012  BthServ - ok
20:56:43.0657 6012  [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
20:56:43.0720 6012  BTHUSB - ok
20:56:43.0766 6012  [ 14164C0CFD9D5A2704FDAB93A9688630 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
20:56:43.0798 6012  btwaudio - ok
20:56:43.0829 6012  [ 94DC6E5F3F532C5054F078D845714129 ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
20:56:43.0860 6012  btwavdt - ok
20:56:44.0032 6012  [ C832A3622A35CA7C595EA8CA385BA813 ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
20:56:44.0094 6012  btwdins - ok
20:56:44.0141 6012  [ B9920FB30BCAFF10C111654909B275C9 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
20:56:44.0156 6012  btwl2cap - ok
20:56:44.0188 6012  [ 61E29BA977B972C9BAA847CC11D48C3D ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
20:56:44.0203 6012  btwrchid - ok
20:56:44.0281 6012  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:56:44.0344 6012  cdfs - ok
20:56:44.0437 6012  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:56:44.0484 6012  cdrom - ok
20:56:44.0562 6012  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:56:44.0624 6012  CertPropSvc - ok
20:56:44.0671 6012  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\drivers\circlass.sys
20:56:44.0749 6012  circlass - ok
20:56:44.0812 6012  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
20:56:44.0827 6012  CLFS - ok
20:56:44.0921 6012  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:56:44.0952 6012  clr_optimization_v2.0.50727_32 - ok
20:56:45.0061 6012  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:56:45.0092 6012  clr_optimization_v4.0.30319_32 - ok
20:56:45.0139 6012  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:56:45.0202 6012  CmBatt - ok
20:56:45.0217 6012  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:56:45.0264 6012  cmdide - ok
20:56:45.0280 6012  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:56:45.0311 6012  Compbatt - ok
20:56:45.0326 6012  COMSysApp - ok
20:56:45.0342 6012  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:56:45.0389 6012  crcdisk - ok
20:56:45.0404 6012  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
20:56:45.0467 6012  Crusoe - ok
20:56:45.0529 6012  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:56:45.0560 6012  CryptSvc - ok
20:56:45.0623 6012  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:56:45.0716 6012  DcomLaunch - ok
20:56:45.0763 6012  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:56:45.0982 6012  DfsC - ok
20:56:46.0122 6012  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
20:56:46.0356 6012  DFSR - ok
20:56:46.0434 6012  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
20:56:46.0481 6012  Dhcp - ok
20:56:46.0543 6012  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
20:56:46.0574 6012  disk - ok
20:56:46.0621 6012  [ F206E28ED74C491FD5D7C0A1119CE37F ] DMICall         C:\Windows\system32\DRIVERS\DMICall.sys
20:56:46.0652 6012  DMICall - ok
20:56:46.0715 6012  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:56:46.0777 6012  Dnscache - ok
20:56:46.0824 6012  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:56:46.0902 6012  dot3svc - ok
20:56:46.0964 6012  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
20:56:47.0042 6012  DPS - ok
20:56:47.0089 6012  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:56:47.0136 6012  drmkaud - ok
20:56:47.0230 6012  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:56:47.0308 6012  DXGKrnl - ok
20:56:47.0354 6012  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
20:56:47.0417 6012  E1G60 - ok
20:56:47.0448 6012  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
20:56:47.0510 6012  EapHost - ok
20:56:47.0573 6012  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
20:56:47.0620 6012  Ecache - ok
20:56:47.0682 6012  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:56:47.0729 6012  ehRecvr - ok
20:56:47.0744 6012  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
20:56:47.0791 6012  ehSched - ok
20:56:47.0807 6012  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
20:56:47.0838 6012  ehstart - ok
20:56:47.0916 6012  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:56:47.0978 6012  elxstor - ok
20:56:48.0056 6012  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
20:56:48.0166 6012  EMDMgmt - ok
20:56:48.0197 6012  [ 3DB974F3935483555D7148663F726C61 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:56:48.0275 6012  ErrDev - ok
20:56:48.0353 6012  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
20:56:48.0415 6012  EventSystem - ok
20:56:48.0509 6012  [ BA6063E3375F9BC11A9C8450A7F61E70 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:56:48.0602 6012  EvtEng ( UnsignedFile.Multi.Generic ) - warning
20:56:48.0602 6012  EvtEng - detected UnsignedFile.Multi.Generic (1)
20:56:48.0680 6012  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
20:56:48.0758 6012  exfat - ok
20:56:48.0821 6012  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:56:48.0899 6012  fastfat - ok
20:56:48.0977 6012  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:56:49.0039 6012  fdc - ok
20:56:49.0055 6012  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
20:56:49.0117 6012  fdPHost - ok
20:56:49.0133 6012  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:56:49.0195 6012  FDResPub - ok
20:56:49.0242 6012  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:56:49.0258 6012  FileInfo - ok
20:56:49.0273 6012  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:56:49.0304 6012  Filetrace - ok
20:56:49.0367 6012  [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:56:49.0429 6012  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
20:56:49.0429 6012  FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
20:56:49.0445 6012  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:56:49.0507 6012  flpydisk - ok
20:56:49.0570 6012  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:56:49.0585 6012  FltMgr - ok
20:56:49.0710 6012  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
20:56:49.0850 6012  FontCache - ok
20:56:49.0944 6012  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:56:49.0975 6012  FontCache3.0.0.0 - ok
20:56:50.0038 6012  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:56:50.0069 6012  Fs_Rec - ok
20:56:50.0116 6012  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:56:50.0147 6012  gagp30kx - ok
20:56:50.0225 6012  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:56:50.0318 6012  gpsvc - ok
20:56:50.0412 6012  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
20:56:50.0443 6012  gupdate - ok
20:56:50.0459 6012  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
20:56:50.0474 6012  gupdatem - ok
20:56:50.0537 6012  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:56:50.0568 6012  gusvc - ok
20:56:50.0615 6012  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:56:50.0724 6012  HdAudAddService - ok
20:56:50.0802 6012  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:56:50.0864 6012  HDAudBus - ok
20:56:50.0896 6012  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:56:50.0942 6012  HidBth - ok
20:56:50.0974 6012  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
20:56:51.0067 6012  HidIr - ok
20:56:51.0114 6012  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
20:56:51.0130 6012  hidserv - ok
20:56:51.0176 6012  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:56:51.0208 6012  HidUsb - ok
20:56:51.0239 6012  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:56:51.0301 6012  hkmsvc - ok
20:56:51.0332 6012  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
20:56:51.0348 6012  HpCISSs - ok
20:56:51.0395 6012  [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL        C:\Windows\system32\DRIVERS\VSTAZL3.SYS
20:56:51.0426 6012  HSFHWAZL - ok
20:56:51.0488 6012  [ 7BC42C65B5C6281777C1A7605B253BA8 ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys
20:56:51.0582 6012  HSF_DPV - ok
20:56:51.0613 6012  [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E ] HSXHWAZL        C:\Windows\system32\DRIVERS\HSXHWAZL.sys
20:56:51.0629 6012  HSXHWAZL - ok
20:56:51.0707 6012  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:56:51.0800 6012  HTTP - ok
20:56:51.0847 6012  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
20:56:51.0878 6012  i2omp - ok
20:56:51.0956 6012  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:56:52.0003 6012  i8042prt - ok
20:56:52.0034 6012  [ 8EF427C54497C5F8A7A645990E4278C7 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
20:56:52.0066 6012  iaStor - ok
20:56:52.0112 6012  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
20:56:52.0144 6012  iaStorV - ok
20:56:52.0253 6012  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:56:52.0346 6012  idsvc - ok
20:56:52.0378 6012  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:56:52.0409 6012  iirsp - ok
20:56:52.0487 6012  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
20:56:52.0549 6012  IKEEXT - ok
20:56:52.0690 6012  [ 4A0F260DF9A5333C07F4AB40CA9D4F4B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:56:52.0846 6012  IntcAzAudAddService - ok
20:56:52.0877 6012  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:56:52.0924 6012  intelide - ok
20:56:52.0970 6012  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:56:53.0002 6012  intelppm - ok
20:56:53.0048 6012  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:56:53.0080 6012  IPBusEnum - ok
20:56:53.0111 6012  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:56:53.0142 6012  IpFilterDriver - ok
20:56:53.0173 6012  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:56:53.0220 6012  iphlpsvc - ok
20:56:53.0220 6012  IpInIp - ok
20:56:53.0251 6012  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
20:56:53.0282 6012  IPMIDRV - ok
20:56:53.0298 6012  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
20:56:53.0345 6012  IPNAT - ok
20:56:53.0360 6012  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:56:53.0392 6012  IRENUM - ok
20:56:53.0407 6012  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:56:53.0423 6012  isapnp - ok
20:56:53.0501 6012  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
20:56:53.0516 6012  iScsiPrt - ok
20:56:53.0548 6012  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
20:56:53.0563 6012  iteatapi - ok
20:56:53.0579 6012  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
20:56:53.0594 6012  iteraid - ok
20:56:53.0641 6012  [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr       c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
20:56:53.0657 6012  IviRegMgr - ok
20:56:53.0688 6012  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:56:53.0704 6012  kbdclass - ok
20:56:53.0766 6012  [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:56:53.0797 6012  kbdhid - ok
20:56:53.0844 6012  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
20:56:53.0891 6012  KeyIso - ok
20:56:53.0953 6012  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:56:53.0984 6012  KSecDD - ok
20:56:54.0047 6012  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:56:54.0078 6012  KtmRm - ok
20:56:54.0140 6012  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:56:54.0172 6012  LanmanServer - ok
20:56:54.0234 6012  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:56:54.0265 6012  LanmanWorkstation - ok
20:56:54.0296 6012  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:56:54.0328 6012  lltdio - ok
20:56:54.0359 6012  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:56:54.0406 6012  lltdsvc - ok
20:56:54.0421 6012  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:56:54.0468 6012  lmhosts - ok
20:56:54.0499 6012  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:56:54.0515 6012  LSI_FC - ok
20:56:54.0530 6012  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:56:54.0562 6012  LSI_SAS - ok
20:56:54.0577 6012  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:56:54.0593 6012  LSI_SCSI - ok
20:56:54.0608 6012  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
20:56:54.0640 6012  luafv - ok
20:56:54.0686 6012  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:56:54.0702 6012  Mcx2Svc - ok
20:56:54.0749 6012  [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
20:56:54.0780 6012  mdmxsdk - ok
20:56:54.0827 6012  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
20:56:54.0842 6012  megasas - ok
20:56:54.0889 6012  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
20:56:54.0983 6012  MegaSR - ok
20:56:55.0045 6012  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
20:56:55.0139 6012  MMCSS - ok
20:56:55.0170 6012  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
20:56:55.0248 6012  Modem - ok
20:56:55.0264 6012  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:56:55.0342 6012  monitor - ok
20:56:55.0357 6012  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:56:55.0388 6012  mouclass - ok
20:56:55.0435 6012  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:56:55.0466 6012  mouhid - ok
20:56:55.0482 6012  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
20:56:55.0498 6012  MountMgr - ok
20:56:55.0576 6012  [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:56:55.0591 6012  MozillaMaintenance - ok
20:56:55.0622 6012  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:56:55.0654 6012  mpio - ok
20:56:55.0685 6012  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:56:55.0732 6012  mpsdrv - ok
20:56:55.0810 6012  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:56:55.0903 6012  MpsSvc - ok
20:56:55.0950 6012  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
20:56:55.0981 6012  Mraid35x - ok
20:56:56.0044 6012  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:56:56.0075 6012  MRxDAV - ok
20:56:56.0137 6012  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:56:56.0168 6012  mrxsmb - ok
20:56:56.0200 6012  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:56:56.0246 6012  mrxsmb10 - ok
20:56:56.0262 6012  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:56:56.0293 6012  mrxsmb20 - ok
20:56:56.0340 6012  [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci          C:\Windows\system32\drivers\msahci.sys
20:56:56.0371 6012  msahci - ok
20:56:56.0449 6012  [ A99D2C7E30AD63EF920A894131CAF5F7 ] MSCSPTISRV      C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
20:56:56.0465 6012  MSCSPTISRV ( UnsignedFile.Multi.Generic ) - warning
20:56:56.0465 6012  MSCSPTISRV - detected UnsignedFile.Multi.Generic (1)
20:56:56.0480 6012  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:56:56.0512 6012  msdsm - ok
20:56:56.0543 6012  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
20:56:56.0621 6012  MSDTC - ok
20:56:56.0652 6012  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:56:56.0730 6012  Msfs - ok
20:56:56.0777 6012  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:56:56.0808 6012  msisadrv - ok
20:56:56.0855 6012  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:56:56.0902 6012  MSiSCSI - ok
20:56:56.0902 6012  msiserver - ok
20:56:56.0933 6012  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:56:56.0964 6012  MSKSSRV - ok
20:56:56.0995 6012  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:56:57.0042 6012  MSPCLOCK - ok
20:56:57.0058 6012  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:56:57.0104 6012  MSPQM - ok
20:56:57.0151 6012  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:56:57.0182 6012  MsRPC - ok
20:56:57.0198 6012  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
20:56:57.0214 6012  mssmbios - ok
20:56:57.0245 6012  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:56:57.0276 6012  MSTEE - ok
20:56:57.0323 6012  [ 036300114255B3C78BFB616CE8BC7AD9 ] MTOnlPktAlyX    C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS
20:56:57.0338 6012  MTOnlPktAlyX ( UnsignedFile.Multi.Generic ) - warning
20:56:57.0338 6012  MTOnlPktAlyX - detected UnsignedFile.Multi.Generic (1)
20:56:57.0354 6012  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
20:56:57.0370 6012  Mup - ok
20:56:57.0416 6012  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
20:56:57.0448 6012  napagent - ok
20:56:57.0510 6012  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:56:57.0526 6012  NativeWifiP - ok
20:56:57.0604 6012  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:56:57.0713 6012  NDIS - ok
20:56:57.0760 6012  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:56:57.0822 6012  NdisTapi - ok
20:56:57.0838 6012  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:56:57.0900 6012  Ndisuio - ok
20:56:57.0931 6012  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:56:57.0962 6012  NdisWan - ok
20:56:57.0978 6012  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:56:58.0009 6012  NDProxy - ok
20:56:58.0040 6012  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:56:58.0072 6012  NetBIOS - ok
20:56:58.0118 6012  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
20:56:58.0150 6012  netbt - ok
20:56:58.0181 6012  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
20:56:58.0196 6012  Netlogon - ok
20:56:58.0228 6012  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
20:56:58.0274 6012  Netman - ok
20:56:58.0290 6012  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
20:56:58.0337 6012  netprofm - ok
20:56:58.0399 6012  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:56:58.0415 6012  NetTcpPortSharing - ok
20:56:59.0600 6012  [ BA420E8EBFCAD35581FE8E4C64F71469 ] NETw5v32        C:\Windows\system32\DRIVERS\NETw5v32.sys
20:56:59.0866 6012  NETw5v32 - ok
20:56:59.0912 6012  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:56:59.0944 6012  nfrd960 - ok
20:56:59.0959 6012  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:57:00.0053 6012  NlaSvc - ok
20:57:00.0100 6012  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:57:00.0178 6012  Npfs - ok
20:57:00.0209 6012  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
20:57:00.0287 6012  nsi - ok
20:57:00.0302 6012  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:57:00.0365 6012  nsiproxy - ok
20:57:00.0427 6012  [ B30F5C423B45A6668EADAD883678E2D0 ] NSUService      C:\Program Files\sony\Network Utility\NSUService.exe
20:57:00.0443 6012  NSUService ( UnsignedFile.Multi.Generic ) - warning
20:57:00.0443 6012  NSUService - detected UnsignedFile.Multi.Generic (1)
20:57:00.0536 6012  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:57:00.0677 6012  Ntfs - ok
20:57:00.0724 6012  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
20:57:00.0833 6012  ntrigdigi - ok
20:57:00.0895 6012  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
20:57:00.0926 6012  Null - ok
20:57:00.0958 6012  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:57:00.0973 6012  nvraid - ok
20:57:00.0989 6012  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:57:01.0004 6012  nvstor - ok
20:57:01.0020 6012  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:57:01.0051 6012  nv_agp - ok
20:57:01.0051 6012  NwlnkFlt - ok
20:57:01.0051 6012  NwlnkFwd - ok
20:57:01.0176 6012  [ E54AA592A65F317390EEE386A8821692 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:57:01.0254 6012  odserv - ok
20:57:01.0332 6012  [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
20:57:01.0379 6012  ohci1394 - ok
20:57:01.0410 6012  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:57:01.0441 6012  ose - ok
20:57:01.0519 6012  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
20:57:01.0644 6012  p2pimsvc - ok
20:57:01.0675 6012  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:57:01.0738 6012  p2psvc - ok
20:57:01.0784 6012  [ 41C33FB4FD929FED732A00D2DAEF5BE0 ] PACSPTISVR      C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
20:57:01.0831 6012  PACSPTISVR ( UnsignedFile.Multi.Generic ) - warning
20:57:01.0831 6012  PACSPTISVR - detected UnsignedFile.Multi.Generic (1)
20:57:01.0878 6012  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
20:57:01.0987 6012  Parport - ok
20:57:02.0034 6012  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:57:02.0081 6012  partmgr - ok
20:57:02.0096 6012  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
20:57:02.0206 6012  Parvdm - ok
20:57:02.0252 6012  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:57:02.0315 6012  PcaSvc - ok
20:57:02.0377 6012  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
20:57:02.0424 6012  pci - ok
20:57:02.0440 6012  [ FC175F5DDAB666D7F4D17449A547626F ] pciide          C:\Windows\system32\drivers\pciide.sys
20:57:02.0471 6012  pciide - ok
20:57:02.0486 6012  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:57:02.0518 6012  pcmcia - ok
20:57:02.0564 6012  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:57:02.0705 6012  PEAUTH - ok
20:57:02.0783 6012  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
20:57:02.0923 6012  pla - ok
20:57:02.0986 6012  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:57:03.0017 6012  PlugPlay - ok
20:57:03.0064 6012  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
20:57:03.0126 6012  PNRPAutoReg - ok
20:57:03.0173 6012  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
20:57:03.0251 6012  PNRPsvc - ok
20:57:03.0282 6012  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:57:03.0329 6012  PolicyAgent - ok
20:57:03.0360 6012  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:57:03.0391 6012  PptpMiniport - ok
20:57:03.0422 6012  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys
20:57:03.0454 6012  Processor - ok
20:57:03.0500 6012  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:57:03.0516 6012  ProfSvc - ok
20:57:03.0532 6012  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
20:57:03.0563 6012  ProtectedStorage - ok
20:57:03.0610 6012  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
20:57:03.0641 6012  PSched - ok
20:57:03.0672 6012  [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
20:57:03.0688 6012  PxHelp20 - ok
20:57:03.0750 6012  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:57:03.0812 6012  ql2300 - ok
20:57:03.0828 6012  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:57:03.0844 6012  ql40xx - ok
20:57:03.0890 6012  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
20:57:03.0906 6012  QWAVE - ok
20:57:03.0922 6012  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:57:03.0937 6012  QWAVEdrv - ok
20:57:03.0968 6012  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:57:04.0000 6012  RasAcd - ok
20:57:04.0015 6012  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
20:57:04.0046 6012  RasAuto - ok
20:57:04.0062 6012  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:57:04.0124 6012  Rasl2tp - ok
20:57:04.0140 6012  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
20:57:04.0187 6012  RasMan - ok
20:57:04.0218 6012  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:57:04.0234 6012  RasPppoe - ok
20:57:04.0280 6012  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:57:04.0296 6012  RasSstp - ok
20:57:04.0343 6012  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:57:04.0405 6012  rdbss - ok
20:57:04.0436 6012  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:57:04.0468 6012  RDPCDD - ok
20:57:04.0483 6012  [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
20:57:04.0514 6012  rdpdr - ok
20:57:04.0530 6012  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:57:04.0561 6012  RDPENCDD - ok
20:57:04.0608 6012  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:57:04.0655 6012  RDPWD - ok
20:57:04.0686 6012  [ 001B4278407F4303EFC902A2B16F2453 ] regi            C:\Windows\system32\drivers\regi.sys
20:57:04.0702 6012  regi - ok
20:57:04.0764 6012  [ 7EEEEC28A34516E66137F355DCC15BDB ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:57:04.0811 6012  RegSrvc ( UnsignedFile.Multi.Generic ) - warning
20:57:04.0811 6012  RegSrvc - detected UnsignedFile.Multi.Generic (1)
20:57:04.0858 6012  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:57:04.0889 6012  RemoteAccess - ok
20:57:04.0936 6012  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:57:04.0967 6012  RemoteRegistry - ok
20:57:05.0029 6012  [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
20:57:05.0060 6012  RFCOMM - ok
20:57:05.0092 6012  [ F7D9ECF41EBD3CF6C65944368150F66B ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
20:57:05.0123 6012  rimsptsk - ok
20:57:05.0123 6012  [ 1BE6C42767A7C67BA31AE32B293B37A3 ] risdptsk        C:\Windows\system32\DRIVERS\risdptsk.sys
20:57:05.0154 6012  risdptsk - ok
20:57:05.0170 6012  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
20:57:05.0201 6012  RpcLocator - ok
20:57:05.0232 6012  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
20:57:05.0294 6012  RpcSs - ok
20:57:05.0341 6012  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:57:05.0372 6012  rspndr - ok
20:57:05.0466 6012  [ 065A51298212455584F1811B033B617E ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
20:57:05.0482 6012  RTHDMIAzAudService - ok
20:57:05.0560 6012  [ DF1970AB067B4BA4221F0AD0AB9EBB30 ] RtkAudioService C:\Windows\RtkAudioService.exe
20:57:05.0560 6012  RtkAudioService ( UnsignedFile.Multi.Generic ) - warning
20:57:05.0560 6012  RtkAudioService - detected UnsignedFile.Multi.Generic (1)
20:57:05.0591 6012  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
20:57:05.0606 6012  SamSs - ok
20:57:05.0669 6012  [ 39763504067962108505BFF25F024345 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
20:57:05.0684 6012  SASDIFSV - ok
20:57:05.0700 6012  [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
20:57:05.0716 6012  SASKUTIL - ok
20:57:05.0731 6012  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:57:05.0747 6012  sbp2port - ok
20:57:05.0794 6012  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:57:05.0825 6012  SCardSvr - ok
20:57:05.0872 6012  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
20:57:05.0965 6012  Schedule - ok
20:57:06.0028 6012  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:57:06.0043 6012  SCPolicySvc - ok
20:57:06.0090 6012  [ 126EA89BCC413EE45E3004FB0764888F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
20:57:06.0121 6012  sdbus - ok
20:57:06.0152 6012  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:57:06.0184 6012  SDRSVC - ok
20:57:06.0199 6012  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:57:06.0262 6012  secdrv - ok
20:57:06.0262 6012  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
20:57:06.0293 6012  seclogon - ok
20:57:06.0324 6012  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
20:57:06.0355 6012  SENS - ok
20:57:06.0371 6012  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
20:57:06.0433 6012  Serenum - ok
20:57:06.0449 6012  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
20:57:06.0511 6012  Serial - ok
20:57:06.0527 6012  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
20:57:06.0558 6012  sermouse - ok
20:57:06.0574 6012  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:57:06.0620 6012  SessionEnv - ok
20:57:06.0652 6012  [ 8B7C1768D2CDE2E02E09A66563DDFD16 ] SFEP            C:\Windows\system32\DRIVERS\SFEP.sys
20:57:06.0683 6012  SFEP - ok
20:57:06.0698 6012  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:57:06.0730 6012  sffdisk - ok
20:57:06.0761 6012  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:57:06.0792 6012  sffp_mmc - ok
20:57:06.0808 6012  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:57:06.0839 6012  sffp_sd - ok
20:57:06.0839 6012  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
20:57:06.0901 6012  sfloppy - ok
20:57:06.0932 6012  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:57:06.0979 6012  SharedAccess - ok
20:57:07.0042 6012  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:57:07.0073 6012  ShellHWDetection - ok
20:57:07.0088 6012  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
20:57:07.0104 6012  sisagp - ok
20:57:07.0120 6012  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
20:57:07.0135 6012  SiSRaid2 - ok
20:57:07.0151 6012  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:57:07.0166 6012  SiSRaid4 - ok
20:57:07.0322 6012  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
20:57:07.0634 6012  slsvc - ok
20:57:07.0697 6012  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
20:57:07.0775 6012  SLUINotify - ok
20:57:07.0822 6012  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:57:07.0884 6012  Smb - ok
20:57:07.0931 6012  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:57:07.0962 6012  SNMPTRAP - ok
20:57:08.0040 6012  [ 1A9DD46C547646A54CDB4065C1996A07 ] SOHCImp         C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe
20:57:08.0071 6012  SOHCImp - ok
20:57:08.0102 6012  [ 2E1B0D8278BB616148DDCA13DAE87544 ] SOHDms          C:\Program Files\Sony\VAIO Media plus\SOHDms.exe
20:57:08.0134 6012  SOHDms - ok
20:57:08.0149 6012  [ 892529EE03211C35AEA7132E119F4862 ] SOHDs           C:\Program Files\Sony\VAIO Media plus\SOHDs.exe
20:57:08.0180 6012  SOHDs - ok
20:57:08.0212 6012  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
20:57:08.0243 6012  spldr - ok
20:57:08.0305 6012  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
20:57:08.0352 6012  Spooler - ok
20:57:08.0383 6012  [ F63102F289AE2039940B22E9B2A8E0BD ] SPTISRV         C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
20:57:08.0399 6012  SPTISRV ( UnsignedFile.Multi.Generic ) - warning
20:57:08.0399 6012  SPTISRV - detected UnsignedFile.Multi.Generic (1)
20:57:08.0446 6012  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:57:08.0508 6012  srv - ok
20:57:08.0539 6012  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:57:08.0602 6012  srv2 - ok
20:57:08.0617 6012  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:57:08.0648 6012  srvnet - ok
20:57:08.0695 6012  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:57:08.0758 6012  SSDPSRV - ok
20:57:08.0820 6012  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
20:57:08.0836 6012  ssmdrv - ok
20:57:08.0898 6012  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:57:08.0960 6012  SstpSvc - ok
20:57:09.0023 6012  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
20:57:09.0085 6012  stisvc - ok
20:57:09.0148 6012  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
20:57:09.0179 6012  swenum - ok
20:57:09.0241 6012  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
20:57:09.0319 6012  swprv - ok
20:57:09.0335 6012  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
20:57:09.0366 6012  Symc8xx - ok
20:57:09.0382 6012  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
20:57:09.0397 6012  Sym_hi - ok
20:57:09.0413 6012  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
20:57:09.0428 6012  Sym_u3 - ok
20:57:09.0491 6012  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
20:57:09.0584 6012  SysMain - ok
20:57:09.0631 6012  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:57:09.0662 6012  TabletInputService - ok
20:57:09.0725 6012  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:57:09.0787 6012  TapiSrv - ok
20:57:09.0818 6012  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
20:57:09.0881 6012  TBS - ok
20:57:09.0974 6012  [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:57:10.0068 6012  Tcpip - ok
20:57:10.0146 6012  [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
20:57:10.0208 6012  Tcpip6 - ok
20:57:10.0255 6012  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:57:10.0271 6012  tcpipreg - ok
20:57:10.0302 6012  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:57:10.0333 6012  TDPIPE - ok
20:57:10.0349 6012  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:57:10.0380 6012  TDTCP - ok
20:57:10.0411 6012  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:57:10.0458 6012  tdx - ok
20:57:10.0489 6012  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
20:57:10.0505 6012  TermDD - ok
20:57:10.0536 6012  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
20:57:10.0598 6012  TermService - ok
20:57:10.0630 6012  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
20:57:10.0645 6012  Themes - ok
20:57:10.0661 6012  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
20:57:10.0692 6012  THREADORDER - ok
20:57:10.0723 6012  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
20:57:10.0754 6012  TrkWks - ok
20:57:10.0817 6012  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:57:10.0848 6012  TrustedInstaller - ok
20:57:10.0848 6012  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:57:10.0879 6012  tssecsrv - ok
20:57:10.0895 6012  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
20:57:10.0926 6012  tunmp - ok
20:57:10.0973 6012  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:57:10.0988 6012  tunnel - ok
20:57:11.0004 6012  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:57:11.0020 6012  uagp35 - ok
20:57:11.0066 6012  [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor     C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
20:57:11.0082 6012  uCamMonitor - ok
20:57:11.0098 6012  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:57:11.0129 6012  udfs - ok
20:57:11.0144 6012  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:57:11.0191 6012  UI0Detect - ok
20:57:11.0207 6012  UIUSys - ok
20:57:11.0222 6012  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:57:11.0238 6012  uliagpkx - ok
20:57:11.0269 6012  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
20:57:11.0300 6012  uliahci - ok
20:57:11.0332 6012  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
20:57:11.0347 6012  UlSata - ok
20:57:11.0378 6012  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
20:57:11.0394 6012  ulsata2 - ok
20:57:11.0410 6012  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:57:11.0441 6012  umbus - ok
20:57:11.0488 6012  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
20:57:11.0534 6012  upnphost - ok
20:57:11.0581 6012  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:57:11.0612 6012  usbccgp - ok
20:57:11.0628 6012  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:57:11.0690 6012  usbcir - ok
20:57:11.0706 6012  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
20:57:11.0737 6012  usbehci - ok
20:57:11.0800 6012  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:57:11.0831 6012  usbhub - ok
20:57:11.0846 6012  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:57:11.0893 6012  usbohci - ok
20:57:11.0909 6012  [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
20:57:11.0956 6012  usbprint - ok
20:57:11.0987 6012  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:57:12.0002 6012  USBSTOR - ok
20:57:12.0034 6012  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
20:57:12.0049 6012  usbuhci - ok
20:57:12.0096 6012  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
20:57:12.0127 6012  usbvideo - ok
20:57:12.0190 6012  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
20:57:12.0205 6012  UxSms - ok
20:57:12.0268 6012  [ 2A640DC735CB0112AC1DCD1E1549B27E ] VAIO Entertainment TV Device Arbitration Service C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
20:57:12.0283 6012  VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - warning
20:57:12.0283 6012  VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic (1)
20:57:12.0330 6012  [ 2C3DBB9B671AB95245DED1EFC5276CE9 ] VAIO Event Service C:\Program Files\sony\VAIO Event Service\VESMgr.exe
20:57:12.0346 6012  VAIO Event Service - ok
20:57:12.0408 6012  [ C1ED0F71D3B9EA8D774FC7C4CBF7EE7F ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
20:57:12.0455 6012  VAIO Power Management - ok
20:57:12.0502 6012  [ 7773EB681E99217FD92E5E8A5A199AE5 ] VCFw            C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
20:57:12.0517 6012  VCFw ( UnsignedFile.Multi.Generic ) - warning
20:57:12.0517 6012  VCFw - detected UnsignedFile.Multi.Generic (1)
20:57:12.0595 6012  [ 2686B87EDC54ED215CE479AC9B7675DE ] VcmIAlzMgr      C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
20:57:12.0658 6012  VcmIAlzMgr - ok
20:57:12.0736 6012  [ BB5781ED436D3E121F85617C3BBB7AD5 ] VcmXmlIfHelper  C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
20:57:12.0751 6012  VcmXmlIfHelper - ok
20:57:12.0782 6012  Vcsw - ok
20:57:12.0860 6012  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
20:57:12.0970 6012  vds - ok
20:57:13.0016 6012  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:57:13.0079 6012  vga - ok
20:57:13.0110 6012  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:57:13.0188 6012  VgaSave - ok
20:57:13.0235 6012  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
20:57:13.0266 6012  viaagp - ok
20:57:13.0297 6012  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
20:57:13.0360 6012  ViaC7 - ok
20:57:13.0375 6012  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
20:57:13.0406 6012  viaide - ok
20:57:13.0422 6012  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:57:13.0438 6012  volmgr - ok
20:57:13.0500 6012  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:57:13.0531 6012  volmgrx - ok
20:57:13.0578 6012  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:57:13.0609 6012  volsnap - ok
20:57:13.0640 6012  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:57:13.0672 6012  vsmraid - ok
20:57:13.0750 6012  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
20:57:13.0890 6012  VSS - ok
20:57:13.0937 6012  [ 071634532066C2E29350D450C3412837 ] VzCdbSvc        C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
20:57:13.0952 6012  VzCdbSvc ( UnsignedFile.Multi.Generic ) - warning
20:57:13.0952 6012  VzCdbSvc - detected UnsignedFile.Multi.Generic (1)
20:57:13.0984 6012  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
20:57:14.0046 6012  W32Time - ok
20:57:14.0077 6012  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
20:57:14.0186 6012  WacomPen - ok
20:57:14.0218 6012  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
20:57:14.0280 6012  Wanarp - ok
20:57:14.0280 6012  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:57:14.0296 6012  Wanarpv6 - ok
20:57:14.0358 6012  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:57:14.0389 6012  wcncsvc - ok
20:57:14.0420 6012  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:57:14.0452 6012  WcsPlugInService - ok
20:57:14.0467 6012  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
20:57:14.0483 6012  Wd - ok
20:57:14.0545 6012  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:57:14.0639 6012  Wdf01000 - ok
20:57:14.0686 6012  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:57:14.0764 6012  WdiServiceHost - ok
20:57:14.0764 6012  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:57:14.0842 6012  WdiSystemHost - ok
20:57:14.0904 6012  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
20:57:14.0951 6012  WebClient - ok
20:57:14.0982 6012  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:57:15.0029 6012  Wecsvc - ok
20:57:15.0044 6012  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:57:15.0107 6012  wercplsupport - ok
20:57:15.0169 6012  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:57:15.0232 6012  WerSvc - ok
20:57:15.0278 6012  [ 090A2B8F055343815556A01F725F6C35 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
20:57:15.0325 6012  WimFltr - ok
20:57:15.0372 6012  [ 5A77AC34A0FFB70CE8B35B524FEDE9BA ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
20:57:15.0466 6012  winachsf - ok
20:57:15.0575 6012  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
20:57:15.0606 6012  WinDefend - ok
20:57:15.0622 6012  WinHttpAutoProxySvc - ok
20:57:15.0715 6012  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:57:15.0778 6012  Winmgmt - ok
20:57:15.0856 6012  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
20:57:15.0996 6012  WinRM - ok
20:57:16.0074 6012  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:57:16.0168 6012  Wlansvc - ok
20:57:16.0199 6012  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:57:16.0246 6012  WmiAcpi - ok
20:57:16.0308 6012  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:57:16.0370 6012  wmiApSrv - ok
20:57:16.0448 6012  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
20:57:16.0573 6012  WMPNetworkSvc - ok
20:57:16.0589 6012  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:57:16.0682 6012  WPCSvc - ok
20:57:16.0745 6012  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:57:16.0792 6012  WPDBusEnum - ok
20:57:16.0916 6012  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:57:16.0994 6012  WPFFontCache_v0400 - ok
20:57:17.0026 6012  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:57:17.0088 6012  ws2ifsl - ok
20:57:17.0135 6012  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
20:57:17.0182 6012  wscsvc - ok
20:57:17.0197 6012  WSearch - ok
20:57:17.0322 6012  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
20:57:17.0509 6012  wuauserv - ok
20:57:17.0572 6012  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:57:17.0618 6012  WudfPf - ok
20:57:17.0634 6012  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:57:17.0681 6012  wudfsvc - ok
20:57:17.0712 6012  [ 88AF537264F2B818DA15479CEEAF5D7C ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
20:57:17.0743 6012  XAudio - ok
20:57:17.0774 6012  [ 15A317674A08DF26BE65164D959E9203 ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
20:57:17.0837 6012  XAudioService - ok
20:57:17.0899 6012  [ 67E3D2AF24C3873E6A0CAC89DE78D63B ] yukonwlh        C:\Windows\system32\DRIVERS\yk60x86.sys
20:57:17.0962 6012  yukonwlh - ok
20:57:17.0977 6012  ================ Scan global ===============================
20:57:18.0008 6012  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
20:57:18.0071 6012  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
20:57:18.0133 6012  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
20:57:18.0196 6012  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
20:57:18.0196 6012  [Global] - ok
20:57:18.0196 6012  ================ Scan MBR ==================================
20:57:18.0227 6012  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
20:57:18.0648 6012  \Device\Harddisk0\DR0 - ok
20:57:18.0648 6012  ================ Scan VBR ==================================
20:57:18.0648 6012  [ ED639B3A56570686C5638809A668B898 ] \Device\Harddisk0\DR0\Partition1
20:57:18.0648 6012  \Device\Harddisk0\DR0\Partition1 - ok
20:57:18.0648 6012  ============================================================
20:57:18.0648 6012  Scan finished
20:57:18.0664 6012  ============================================================
20:57:18.0679 5888  Detected object count: 12
20:57:18.0679 5888  Actual detected object count: 12
21:00:01.0223 5888  EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
21:00:01.0223 5888  EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:00:01.0223 5888  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:00:01.0223 5888  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:00:01.0223 5888  MSCSPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
21:00:01.0223 5888  MSCSPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:00:01.0239 5888  MTOnlPktAlyX ( UnsignedFile.Multi.Generic ) - skipped by user
21:00:01.0239 5888  MTOnlPktAlyX ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:00:01.0239 5888  NSUService ( UnsignedFile.Multi.Generic ) - skipped by user
21:00:01.0239 5888  NSUService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:00:01.0239 5888  PACSPTISVR ( UnsignedFile.Multi.Generic ) - skipped by user
21:00:01.0239 5888  PACSPTISVR ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:00:01.0239 5888  RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:00:01.0239 5888  RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:00:01.0254 5888  RtkAudioService ( UnsignedFile.Multi.Generic ) - skipped by user
21:00:01.0254 5888  RtkAudioService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:00:01.0254 5888  SPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
21:00:01.0254 5888  SPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:00:01.0254 5888  VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:00:01.0254 5888  VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:00:01.0254 5888  VCFw ( UnsignedFile.Multi.Generic ) - skipped by user
21:00:01.0254 5888  VCFw ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:00:01.0254 5888  VzCdbSvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:00:01.0254 5888  VzCdbSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
         


Alt 08.01.2013, 23:40   #6
markusg
/// Malware-holic
 
Virus Big Fish Games TR/Agent.2409800 - Standard

Virus Big Fish Games TR/Agent.2409800



Hi
sehr gut.
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
--> Virus Big Fish Games TR/Agent.2409800

Alt 10.01.2013, 19:46   #7
Heidi123
 
Virus Big Fish Games TR/Agent.2409800 - Standard

Virus Big Fish Games TR/Agent.2409800



Hi,
also hab heut den Suchlauf mit MWB gemacht. Es wurden keine Viren entdeckt.
Ich lass jetzt Avira heut Abend auch nochmal suchen.
hier sind die Log-Dateien

Code:
ATTFilter
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.01.10.04

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer xxx
Kögler :: xxx-PC [Administrator]

10.01.2013 13:46:53
mbam-log-2013-01-10 (13-46-53).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 456053
Laufzeit: 4 Stunde(n), 12 Minute(n), 31 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         

Alt 10.01.2013, 19:47   #8
markusg
/// Malware-holic
 
Virus Big Fish Games TR/Agent.2409800 - Standard

Virus Big Fish Games TR/Agent.2409800



Hi
kein Avira durchlauf, nur die angeforderten bitte.
lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 12.01.2013, 18:26   #9
Heidi123
 
Virus Big Fish Games TR/Agent.2409800 - Standard

Virus Big Fish Games TR/Agent.2409800



Hallo,
also ich habe die Liste. Hab einige Programme markiert die wir selbst inst. haben.
Bei dem Big Fish Games weiß ich allerdings net genau ob das nicht irgendwie scho vorinst.
war. Also wir haben es definitiv nicht inst. Was ich auch noch dazu sagen wolllte,
haben Anfang Juli 2012 den Pc komplett blatt gemacht und neu aufgezogen, da ich da auch scho mal Probleme mit einem Virus hatte. Die meisten Programme sind Sachen die standartmäßig drauf kommen wenn man alles neu macht. Ich hoffe du kannst mit der Liste etwas anfangen. Falls du noch was dazu wissen musst, meld dich!

Schönen Abend


Code:
ATTFilter

7-Zip 4.65		03.07.2012	3,13MB	nötig
Adobe Acrobat  9 Standard - English, Français, Deutsch	Adobe Systems	25.11.2008	759MB	9.0.0
Adobe Flash Player 11 Plugin	Adobe Systems Incorporated	06.01.2013		11.5.502.135
Adobe Flash Player ActiveX	Adobe Systems Incorporated	03.07.2012		9.0.124.0
Adobe Photoshop Elements 6.0	Adobe Systems, Inc.	03.07.2012	375MB	6.0
Adobe Premiere Elements 4.0	Ihr Firmenname	03.07.2012	1,71GB	4.0
Adobe Premiere Elements 4.0 Templates	Ihr Firmenname	03.07.2012	1,71GB	4.0.0
Adobe Reader 9.3 - Deutsch	Adobe Systems Incorporated	03.07.2012	239MB	9.3.0
Alps Pointing-device for VAIO		25.11.2008	2,82MB	
ArcSoft Magic-i Visual Effects 2	ArcSoft	03.07.2012	34,7MB	2.0.1.39
ArcSoft WebCam Companion 2	ArcSoft	03.07.2012	24,3MB	
ATI Catalyst Install Manager	ATI Technologies, Inc.	03.07.2012	13,6MB	3.0.682.0
Avira Antivirus Premium	Avira	22.12.2012	223MB	13.0.0.2890  nötig
Avira SearchFree Toolbar plus Web Protection	Ask.com	11.12.2012	10,2MB	1.15.11.0
Avira SearchFree Toolbar plus Web Protection Updater	Ask.com	11.12.2012	1,54MB	1.2.3.30498
Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter	Sony Corporation	03.07.2012	56,5MB	2.5
Big Fish Games Spiel-Suite		03.07.2012	160MB	                                                                                       unbekannt
Canon Easy-WebPrint EX		04.07.2012	6,81MB	notwendig
Canon IJ Network Scan Utility		04.07.2012	1,07MB	
Canon IJ Network Tool		04.07.2012	2,90MB	
Canon Kurzwahlprogramm		04.07.2012	8,52MB	
Canon MP Navigator EX 3.1		04.07.2012	72,4MB	
Canon MX870 series Benutzerregistrierung		04.07.2012	1,09MB	
Canon MX870 series MP Drivers		03.07.2012	339MB	
Canon Utilities Easy-PhotoPrint EX		04.07.2012	221MB	
Canon Utilities My Printer		04.07.2012	5,23MB	
Canon Utilities Solution Menu		04.07.2012	3,05MB	
CCleaner	Piriform	19.12.2012	5,08MB	3.26
Click to Disc	Sony Corporation	03.07.2012	70,6MB	1.2.52.09250
Click to Disc Editor	Sony Corporation	03.07.2012	186MB	1.2.51
Compatibility Pack für 2007 Office System	Microsoft Corporation	03.07.2012	5,86MB	12.0.4518.1014
DHTML Editing Component	Microsoft Corporation	03.07.2012	462KB	6.02.0001
Digimax Master	Samsung	03.07.2012	161MB	1.0.35   nötig
DivX Codec	DivX, Inc.	03.07.2012	1,40MB	6.8.4
DivX Converter	DivX, Inc.	03.07.2012	30,3MB	6.6.1
DivX Player		03.07.2012	15,4MB	6.8.2
DivX Web Player	DivX,Inc.	03.07.2012	2,92MB	1.4.0
dm-Fotowelt		31.08.2012	340MB										nötig
Dolby Control Center	Dolby	25.11.2008	46,9MB	1.2.0702
ElsterFormular für Unternehmer	Landesfinanzdirektion Thüringen	06.07.2012	231MB	13.2.0.8623u			nötig
Google Chrome	Google Inc.	11.01.2013	215MB	24.0.1312.52
Google Earth	Google	03.07.2012	33,2MB	4.2.205.5730
HDAUDIO SoftV92 Data Fax Modem with SmartCP		25.11.2008	1,01MB	                                       unbekannt?
InfraRecorder		03.07.2012	7,63MB	unbekannt
Intel(R) PROSet/Wireless WiFi-Software	Intel(R) Corporation	03.07.2012	78,4MB	12.01.1000
Java(TM) 6 Update 37	Oracle	01.12.2012	95,7MB	6.0.370
Java(TM) 6 Update 7	Sun Microsystems, Inc.	25.11.2008	171MB	1.6.0.70
Landwirtschafts-Simulator 2009 Gold	GIANTS Software	28.08.2012	274MB					nötig
Malwarebytes Anti-Malware Version 1.70.0.1100	Malwarebytes Corporation	04.01.2013	12,2MB	1.70.0.1100      nötig
Me&My VAIO	Sony Corporation	03.07.2012	69,8MB	1.0.0.11140
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU	Microsoft Corporation	02.11.2012	74,3MB	
Microsoft .NET Framework 3.5 SP1	Microsoft Corporation	03.07.2012	65,1MB	
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	06.07.2012	120MB	4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	06.07.2012	24,5MB	4.0.30319
Microsoft Office Home and Student 2007	Microsoft Corporation	03.07.2012	296MB	12.0.6215.1000
Microsoft Office PowerPoint Viewer 2007 (German)	Microsoft Corporation	03.07.2012	3,40MB	12.0.4518.1014
Microsoft Office Suite Activation Assistant	Microsoft Corporation	03.07.2012	8,36MB	2.9
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	03.07.2012	2,37MB	8.0.56336
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729	Microsoft Corporation	03.07.2012	602KB	9.0.30729
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219	Microsoft Corporation	11.12.2012	11,1MB	10.0.40219
Microsoft Works	Microsoft Corporation	03.07.2012	377MB	9.7.0621
Microsoft WSE 3.0 Runtime	Microsoft Corp.	03.07.2012	942KB	3.0.5305.0
Mozilla Firefox 17.0.1 (x86 de)	Mozilla	06.12.2012	41,2MB	17.0.1
Mozilla Maintenance Service	Mozilla	06.12.2012	224KB	17.0.1
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	04.07.2012	35,0KB	4.20.9870.0
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	04.07.2012	1,33MB	4.20.9876.0
Music Transfer	Sony Corporation	03.07.2012	40,7MB	1.2.00.17290
         

Alt 13.01.2013, 17:23   #10
markusg
/// Malware-holic
 
Virus Big Fish Games TR/Agent.2409800 - Standard

Virus Big Fish Games TR/Agent.2409800



ich möchte ja nicht wissen, was du selbst instaliert hast, bitte noch mal lesen, und liste entsprechend bearbeiten, danke
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 17.01.2013, 14:49   #11
Heidi123
 
Virus Big Fish Games TR/Agent.2409800 - Standard

Virus Big Fish Games TR/Agent.2409800



Hallo und sorry für die späte Antwort.
Hab jetzt die Liste nochmal überarbeitet und und mein Bestes gegeben.

Code:
ATTFilter
7-Zip 4.65, 03.07.2012, 3,13MB, nötig
Adobe Acrobat  9 Standard - English, Français, Deutsch, nötig
Adobe Systems, 25.11.2008,	759MB, 9.0.0, nötig
Adobe Flash Player 11 Plugin, nötig
Adobe Systems Incorporated, 06.01.2013, 11.5.502.135, nötig
Adobe Flash Player ActiveX, nötig
Adobe Systems Incorporated, 03.07.2012, 9.0.124.0, nötig
Adobe Photoshop Elements 6.0, nötig
Adobe Systems, Inc., 03.07.2012, 375MB, 6.0, 	nötig
Adobe Premiere Elements 4.0, 03.07.2012, 1,71GB, 4.0, nötig
Adobe Premiere Elements 4.0 Templates, 03.07.2012, 1,71GB, 4.0.0, nötig
Adobe Reader 9.3 - Deutsch, nötig
Adobe Systems Incorporated, 03.07.2012, 239MB, 9.3.0, 	nötig
Alps Pointing-device for VAIO, 25.11.2008, 2,82MB, nötig
ArcSoft Magic-i Visual Effects 2, nötig
ArcSoft, 03.07.2012, 34,7MB, 2.0.1.39, nötig
ArcSoft WebCam Companion 2, nötig
ArcSoft, 03.07.2012, 24,3MB, nötig
ATI Catalyst Install Manager	ATI Technologies, Inc., 03.07.2012,13,6MB, 3.0.682.0, nötig
Avira Antivirus Premium Avira, 22.12.2012, 223MB, 13.0.0.2890, nötig	
Avira SearchFree Toolbar plus Web Protection	Ask.com	11.12.2012, 10,2MB, 1.15.11.0, nötig
Avira SearchFree Toolbar plus Web Protection Updater, Ask.com, 11.12.2012	1,54MB, 1.2.3.30498, nötig
Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter, Sony Corporation, 03.07.2012, 56,5MB, 2.5,nötig
Big Fish Games Spiel-Suite, 	03.07.2012, 160MB, unbekannt
Canon Easy-WebPrint EX, 04.07.2012, 6,81MB, 	nötig
Canon IJ Network Scan Utility, 04.07.2012, 1,07MB, nötig
Canon IJ Network Tool, 04.07.2012, 2,90MB, nötig
Canon Kurzwahlprogramm, 04.07.2012, 8,52MB, nötig
Canon MP Navigator EX 3.1, 04.07.2012, 72,4MB, nötig
Canon MX870 series Benutzerregistrierung, 04.07.2012, 1,09MB, nötig
Canon MX870 series MP Drivers, 03.07.2012, 339MB, nötig
Canon Utilities Easy-PhotoPrint EX, 04.07.2012, 221MB, nötig
Canon Utilities My Printer, 04.07.2012, 5,23MB, nötig
Canon Utilities Solution Menu, 04.07.2012, 3,05MB, nötig
CCleaner, Piriform, 19.12.2012, 5,08MB, ,3.26, nötig
Click to Disc, Sony Corporation, 03.07.2012, 70,6MB, 1.2.52.09250,nötig
Click to Disc Editor, Sony Corporation, 03.07.2012, 186MB, 1.2.51, nötig
Compatibility Pack für 2007 Office System, Microsoft Corporation, 03.07.2012, 5,86MB, 12.0.4518.1014, nötig
DHTML Editing Component, Microsoft Corporation, 03.07.2012, 462KB, 6.02.0001, nötig
Digimax Master, Samsung, 03.07.2012, 161MB,1.0.35, nötig
DivX Codec, DivX, Inc., 03.07.2012, 1,40MB, 6.8.4, nötig
DivX Converter, DivX, Inc., 03.07.2012, 30,3MB, 6.6.1, nötig
DivX Player, 03.07.2012, 15,4MB, 6.8.2, nötig
DivX Web Player, DivX,Inc., 03.07.2012, 2,92MB, 1.4.0, nötig
dm-Fotowelt, 31.08.2012, 340MB, nötig
Dolby Control Center, Dolby, 25.11.2008, 46,9MB, 1.2.0702, nötig
ElsterFormular für Unternehmer, Landesfinanzdirektion Thüringen,06.07.2012, 231MB, 13.2.0.8623,nötig
Google Chrome, Google Inc., 11.01.2013, 215MB, 24.0.1312.52, nötig
Google Earth,	Google, 03.07.2012, 33,2MB, 4.2.205.5730, nötig
HDAUDIO SoftV92 Data Fax Modem with SmartCP, 25.11.2008, 1,01MB, unbekannt
InfraRecorder,	 03.07.2012, 7,63MB,	 unbekannt
Intel(R) PROSet/Wireless WiFi-Software, Intel(R) Corporation, 03.07.2012, 78,4MB, 12.01.1000, nötig
Java(TM) 6 Update 37, Oracle  01.12.2012, 95,7MB, 6.0.370, evtl. nur das aktuellste
Java(TM) 6 Update 7	Sun Microsystems, Inc., 25.11.2008, 171MB,1.6.0.70, evtl. nur das aktuellste
Landwirtschafts-Simulator 2009 Gold, GIANTS Software, 28.08.2012, 274MB, nötig
Malwarebytes Anti-Malware Version 1.70.0.1100, Malwarebytes Corporation, 04.01.2013, 12,2MB, 1.70.0.1100, nötig
Me&My VAIO	Sony Corporation, 03.07.2012, 69,8MB, 1.0.0.11140, nötig
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU, Microsoft Corporation, 02.11.2012, 74,3MB, 	nötig
Microsoft .NET Framework 3.5 SP1	Microsoft Corporation, 03.07.2012, 65,1MB, nötig
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation, 06.07.2012 ,120MB 4.0.30319 nötig
Microsoft .NET Framework 4 Client Profile DEU Language Pack,	Microsoft Corporation 06.07.2012, 24,5MB, 4.0.30319, nötig
Microsoft Office Home and Student 2007, Microsoft Corporation, 03.07.2012, 296MB, 12.0.6215.1000, nötig
Microsoft Office PowerPoint Viewer 2007 (German), Microsoft Corporation, 03.07.2012, 3,40MB, 12.0.4518.1014, nötig
Microsoft Office Suite Activation Assistant, Microsoft Corporation, 03.07.2012, 8,36MB, 2.9, nötig
Microsoft Visual C++ 2005 Redistributable,	Microsoft Corporation, 03.07.2012, 2,37MB, 8.0.56336, nötig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729, Microsoft Corporation, 03.07.2012, 602KB, 9.0.30729, nötig
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219, Microsoft Corporation, 11.12.2012, 11,1MB, 10.0.40219, nötig
Microsoft Works, Microsoft Corporation, 03.07.2012, 377MB,  9.7.0621, nötig
Microsoft WSE 3.0 Runtime	Microsoft Corp., 03.07.2012, 942KB, 3.0.5305.0, nötig
Mozilla Firefox 17.0.1 (x86 de), Mozilla, 06.12.2012, 41,2MB, 17.0.1, nötig
Mozilla Maintenance Service	Mozilla, 06.12.2012, 224KB, 17.0.1, nötig
MSXML 4.0 SP2 (KB954430), Microsoft Corporation, 04.07.2012, 35,0KB, 4.20.9870.0, nötig
MSXML 4.0 SP2 (KB973688), Microsoft Corporation, 04.07.2012, 1,33MB, 4.20.9876.0, nötig
Music Transfer, Sony Corporation, 03.07.2012, 40,7MB,1.2.00.17290, nötig
         

Alt 17.01.2013, 14:55   #12
markusg
/// Malware-holic
 
Virus Big Fish Games TR/Agent.2409800 - Standard

Virus Big Fish Games TR/Agent.2409800



deinstaliere:
Adobe Flash Player alle
Adobe - Install Adobe Flash Player
neueste version laden, instalieren.
adobe reader:
Adobe - Adobe Reader herunterladen - Alle Versionen
haken bei mcafee security scan raus nehmen

bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok



deinstaliere:
Avira SearchFree : beide bitte
Big Fish
InfraRecorder,
Java: alle
downloade Java jre:
Java-Downloads für alle Betriebssysteme
klicke:
Download der Java-Software für Windows Offline
laden, und instalieren
deinstaliere:
öffne CCleaner, analysieren, starten, Pc neustarten.
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste
    mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 21.01.2013, 11:15   #13
Heidi123
 
Virus Big Fish Games TR/Agent.2409800 - Standard

Virus Big Fish Games TR/Agent.2409800



Ich hoffe dass ich alles richtig gemacht habe.

Code:
ATTFilter
# AdwCleaner v2.106 - Datei am 21/01/2013 um 11:11:08 erstellt
# Aktualisiert am 17/01/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : xxx - xxx-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\xxx\Downloads\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gefunden : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\3k3t80pt.default\searchplugins\Askcom.xml
Ordner Gefunden : C:\Program Files\Ask.com
Ordner Gefunden : C:\Users\xxx\AppData\LocalLow\AskToolbar
Ordner Gefunden : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\3k3t80pt.default\extensions\toolbar@ask.com
Ordner Gefunden : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\APN
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gefunden : HKCU\Software\Ask.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gefunden : HKLM\Software\APN
Schlüssel Gefunden : HKLM\Software\AskToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gefunden : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gefunden : HKLM\SOFTWARE\Software
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE

-\\ Mozilla Firefox v18.0.1 (de)

Datei : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\3k3t80pt.default\prefs.js

Gefunden : user_pref("browser.search.defaultengine", "Ask.com");
Gefunden : user_pref("browser.search.defaultenginename", "Ask.com");
Gefunden : user_pref("browser.search.order.1", "Ask.com");
Gefunden : user_pref("browser.search.selectedEngine", "Ask.com");
Gefunden : user_pref("browser.startup.homepage", "hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale[...]
Gefunden : user_pref("extensions.asktb.FeaturePageVersion", "1");
Gefunden : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
Gefunden : user_pref("extensions.asktb.OOBEVersion", "1");
Gefunden : user_pref("extensions.asktb.apn_dbr", "ie_9.0.8112.16421");
Gefunden : user_pref("extensions.asktb.autofill-text-highlight-enabled", true);
Gefunden : user_pref("extensions.asktb.cbid", "^AGS");
Gefunden : user_pref("extensions.asktb.config-updated", false);
Gefunden : user_pref("extensions.asktb.crumb", "2012.12.11+13.13.17-toolbar001iad-DE-TXVuaWNoLEdlcm1hbnk%3D");
Gefunden : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://avira-int.ask.com/web?q={query}&qsrc=[...]
Gefunden : user_pref("extensions.asktb.domain", "avira-int.ask.com");
Gefunden : user_pref("extensions.asktb.domainName", "avira-int.ask.com");
Gefunden : user_pref("extensions.asktb.dtid", "^YYYYYY^YY^DE");
Gefunden : user_pref("extensions.asktb.ff-original-keyword-url", "");
Gefunden : user_pref("extensions.asktb.fresh-install", false);
Gefunden : user_pref("extensions.asktb.guid", "3d4e2a87-205b-4d04-ab52-56a08c7cf486");
Gefunden : user_pref("extensions.asktb.hpr", "YES");
Gefunden : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Gefunden : user_pref("extensions.asktb.if", "first");
Gefunden : user_pref("extensions.asktb.l", "dis");
Gefunden : user_pref("extensions.asktb.last-config-req", "1358704774210");
Gefunden : user_pref("extensions.asktb.locale", "de_DE");
Gefunden : user_pref("extensions.asktb.localePref", true);
Gefunden : user_pref("extensions.asktb.location", "Munich,Germany");
Gefunden : user_pref("extensions.asktb.nthp", "YES");
Gefunden : user_pref("extensions.asktb.nthp_prev", "2");
Gefunden : user_pref("extensions.asktb.o", "APN10261");
Gefunden : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Gefunden : user_pref("extensions.asktb.qsrc", "2871");
Gefunden : user_pref("extensions.asktb.r", "5");
Gefunden : user_pref("extensions.asktb.sa", "YES");
Gefunden : user_pref("extensions.asktb.saguid", "4D20FB5B-EAF0-4D15-AFB5-A868A46084A2");
Gefunden : user_pref("extensions.asktb.search-suggestions-enabled", true);
Gefunden : user_pref("extensions.asktb.silent-upgrade", true);
Gefunden : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Gefunden : user_pref("extensions.asktb.socialmini-first", true);
Gefunden : user_pref("extensions.asktb.socialmini-interval", "1200000");
Gefunden : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Gefunden : user_pref("extensions.asktb.socialmini-max-items", "30");
Gefunden : user_pref("extensions.asktb.socialmini-native-on", true);
Gefunden : user_pref("extensions.asktb.socialmini-speed", "5000");
Gefunden : user_pref("extensions.asktb.themeid", "");
Gefunden : user_pref("extensions.asktb.timeinstalled", "11.12.2012 22:14:29");
Gefunden : user_pref("extensions.asktb.to", "");
Gefunden : user_pref("extensions.asktb.v", "3.15.13.100015");
Gefunden : user_pref("extensions.asktb.version", "5.15.13.33021");
Gefunden : user_pref("extensions.enabledAddons", "totbff01%40telekom.de:3.0.42,toolbar%40ask.com:3.15.13.100015[...]
Gefunden : user_pref("extensions.totbff.homepage", "hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&loca[...]
Gefunden : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10261&loc[...]

-\\ Google Chrome v24.0.1312.52

Datei : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [11553 octets] - [21/01/2013 11:11:08]

########## EOF - C:\AdwCleaner[R1].txt - [11614 octets] ##########
         

Geändert von Heidi123 (21.01.2013 um 11:24 Uhr)

Alt 21.01.2013, 13:43   #14
markusg
/// Malware-holic
 
Virus Big Fish Games TR/Agent.2409800 - Standard

Virus Big Fish Games TR/Agent.2409800



Hi,

Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Schließe
    alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein
    Rechner wird neu gestartet, je nach Schwere der Infektion auch mehrmals - das ist normal. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den
    Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x = fortlaufende Nummer)

neustarten, teste bitte, wie der PC läuft, auch Programme wie browser.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 24.01.2013, 19:59   #15
Heidi123
 
Virus Big Fish Games TR/Agent.2409800 - Standard

Virus Big Fish Games TR/Agent.2409800



Hallo,
habe gerade adw Cleaner laufen lassen.
Programme läuft gut. Mir ist nichts aufgefallen.

Hier die Log-Dateien

Code:
ATTFilter
# AdwCleaner v2.106 - Datei am 24/01/2013 um 19:47:29 erstellt
# Aktualisiert am 17/01/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : xxx - xxx-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\xxx\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\3k3t80pt.default\searchplugins\Askcom.xml
Gelöscht mit Neustart : C:\Program Files\Ask.com
Ordner Gelöscht : C:\Users\xxx\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\3k3t80pt.default\extensions\toolbar@ask.com
Ordner Gelöscht : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\APN
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKLM\Software\APN
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Software
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE --> hxxp://www.google.com

-\\ Mozilla Firefox v18.0.1 (de)

Datei : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\3k3t80pt.default\prefs.js

Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Gelöscht : user_pref("browser.search.defaultenginename", "Ask.com");
Gelöscht : user_pref("browser.search.order.1", "Ask.com");
Gelöscht : user_pref("browser.search.selectedEngine", "Ask.com");
Gelöscht : user_pref("browser.startup.homepage", "hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale[...]
Gelöscht : user_pref("extensions.asktb.FeaturePageVersion", "1");
Gelöscht : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
Gelöscht : user_pref("extensions.asktb.OOBEVersion", "1");
Gelöscht : user_pref("extensions.asktb.apn_dbr", "ie_9.0.8112.16421");
Gelöscht : user_pref("extensions.asktb.autofill-text-highlight-enabled", true);
Gelöscht : user_pref("extensions.asktb.cbid", "^AGS");
Gelöscht : user_pref("extensions.asktb.config-updated", false);
Gelöscht : user_pref("extensions.asktb.crumb", "2012.12.11+13.13.17-toolbar001iad-DE-TXVuaWNoLEdlcm1hbnk%3D");
Gelöscht : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://avira-int.ask.com/web?q={query}&qsrc=[...]
Gelöscht : user_pref("extensions.asktb.domain", "avira-int.ask.com");
Gelöscht : user_pref("extensions.asktb.domainName", "avira-int.ask.com");
Gelöscht : user_pref("extensions.asktb.dtid", "^YYYYYY^YY^DE");
Gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");
Gelöscht : user_pref("extensions.asktb.fresh-install", false);
Gelöscht : user_pref("extensions.asktb.guid", "3d4e2a87-205b-4d04-ab52-56a08c7cf486");
Gelöscht : user_pref("extensions.asktb.hpr", "YES");
Gelöscht : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Gelöscht : user_pref("extensions.asktb.if", "first");
Gelöscht : user_pref("extensions.asktb.l", "dis");
Gelöscht : user_pref("extensions.asktb.last-config-req", "1358968485364");
Gelöscht : user_pref("extensions.asktb.locale", "de_DE");
Gelöscht : user_pref("extensions.asktb.localePref", true);
Gelöscht : user_pref("extensions.asktb.location", "Munich,Germany");
Gelöscht : user_pref("extensions.asktb.nthp", "YES");
Gelöscht : user_pref("extensions.asktb.nthp_prev", "2");
Gelöscht : user_pref("extensions.asktb.o", "APN10261");
Gelöscht : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Gelöscht : user_pref("extensions.asktb.qsrc", "2871");
Gelöscht : user_pref("extensions.asktb.r", "5");
Gelöscht : user_pref("extensions.asktb.sa", "YES");
Gelöscht : user_pref("extensions.asktb.saguid", "4D20FB5B-EAF0-4D15-AFB5-A868A46084A2");
Gelöscht : user_pref("extensions.asktb.search-suggestions-enabled", true);
Gelöscht : user_pref("extensions.asktb.silent-upgrade", true);
Gelöscht : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Gelöscht : user_pref("extensions.asktb.socialmini-first", true);
Gelöscht : user_pref("extensions.asktb.socialmini-interval", "1200000");
Gelöscht : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Gelöscht : user_pref("extensions.asktb.socialmini-max-items", "30");
Gelöscht : user_pref("extensions.asktb.socialmini-native-on", true);
Gelöscht : user_pref("extensions.asktb.socialmini-speed", "5000");
Gelöscht : user_pref("extensions.asktb.themeid", "");
Gelöscht : user_pref("extensions.asktb.timeinstalled", "11.12.2012 22:14:29");
Gelöscht : user_pref("extensions.asktb.to", "");
Gelöscht : user_pref("extensions.asktb.v", "3.15.13.100015");
Gelöscht : user_pref("extensions.asktb.version", "5.15.13.33021");
Gelöscht : user_pref("extensions.enabledAddons", "totbff01%40telekom.de:3.0.42,toolbar%40ask.com:3.15.13.100015[...]
Gelöscht : user_pref("extensions.totbff.homepage", "hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&loca[...]
Gelöscht : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10261&loc[...]

-\\ Google Chrome v24.0.1312.52

Datei : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [11660 octets] - [21/01/2013 11:11:08]
AdwCleaner[S1].txt - [11529 octets] - [24/01/2013 19:47:29]

########## EOF - C:\AdwCleaner[S1].txt - [11590 octets] ##########
         

Antwort

Themen zu Virus Big Fish Games TR/Agent.2409800
administrator, antivirus, autostart, avg, ccc.exe, csrss.exe, desktop, dllhost.exe, explorer.exe, home, infizierte, lsass.exe, modul, mom.exe, namen, programm, prozesse, registry, services.exe, spoolsv.exe, svchost.exe, virus, vista, warnung, windows, windows vista, winlogon.exe




Ähnliche Themen: Virus Big Fish Games TR/Agent.2409800


  1. Ads By Dr Games entfernen
    Anleitungen, FAQs & Links - 09.11.2015 (2)
  2. Ads By Princess Games entfernen
    Anleitungen, FAQs & Links - 02.10.2015 (2)
  3. Windows 8.1: Malware-Virus (eFix Pro/kong games)
    Log-Analyse und Auswertung - 23.04.2015 (5)
  4. Laptop sehr langsam und wird schnell heiß wenn man games zockt virus? internet spackt auch oft ab (nur laptop)
    Plagegeister aller Art und deren Bekämpfung - 06.12.2014 (3)
  5. 337 Games Virus entfernt
    Log-Analyse und Auswertung - 19.09.2014 (7)
  6. 337 games Virus deintsallieren
    Log-Analyse und Auswertung - 16.06.2014 (12)
  7. Virus bei WildTangent Games : TR/Buzy170.9
    Plagegeister aller Art und deren Bekämpfung - 25.04.2014 (2)
  8. Sparkassen Onlin Banking Virus (Zbot.HEEP, Agent.MIXC, Zbot, Agent.ED)
    Plagegeister aller Art und deren Bekämpfung - 18.05.2013 (21)
  9. Zuerst Facebook-Virus-Neu aufgesetzt,cpu Auslastung 100%,bei Facebook-Games extrem lahm!
    Log-Analyse und Auswertung - 03.02.2011 (11)
  10. TR/Agent.2409800 was mach ich jetzt?
    Plagegeister aller Art und deren Bekämpfung - 08.12.2010 (8)
  11. trojaner TR/Agent.2409800 firefox stürzt ab
    Plagegeister aller Art und deren Bekämpfung - 07.07.2010 (2)
  12. Alle Games laggen - Trojaner/Virus ?
    Plagegeister aller Art und deren Bekämpfung - 04.05.2010 (4)
  13. Firefox - keine Rückmeldung / Trojaner TR/Agent.2409800
    Log-Analyse und Auswertung - 20.04.2010 (14)
  14. Games aufzeichnen
    Alles rund um Windows - 06.03.2010 (3)
  15. Bluescreen bei Games und Videos
    Log-Analyse und Auswertung - 02.01.2008 (3)
  16. Paar Probs mit Games etc.
    Plagegeister aller Art und deren Bekämpfung - 04.11.2004 (1)

Zum Thema Virus Big Fish Games TR/Agent.2409800 - Hallo Leute. Avira hat beim letzten Suchlauf einen Virus entdeckt und in Quarantäne verschoben. MWB hat ihn aber komischerweise nicht gefunden. Habe auch nie was von Big Fish Games installiert, - Virus Big Fish Games TR/Agent.2409800...
Archiv
Du betrachtest: Virus Big Fish Games TR/Agent.2409800 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.