Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen"

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 13.06.2013, 16:47   #1
crusherxxx
 
Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen" - Icon27

Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen"



Hallo Forumteilnehmer,

Kaspersky Pure 3.0 fand auf meinem Laptop den Trojaner "HEUR:Exploit.Java.CVE-2012-1723.gen".

Aus einem älteren Threat entnahm ich, dass das Ding richtig übel ist. Ich habe nun mit "OldTimer" ein logfile erstellt und bitte die, die wissen, wie man den Trojaner rückstandsfrei wieder los wird, um Hilfe.

Ein Scan mit "Malwarebytes" (der läuft gerade noch) brachte schon mal mindestens 26 infizierte Objekte.... Aua...

Ich freue mich über Eure Hilfe, mit bestem Dank crusherxxx

Hier das OTL-logfile:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 13.06.2013 15:56:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bandick\Desktop\Systemgeschichten
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 2,07 Gb Available Physical Memory | 53,68% Memory free
7,71 Gb Paging File | 5,27 Gb Available in Paging File | 68,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,29 Gb Total Space | 279,72 Gb Free Space | 61,84% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 465,66 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
 
Computer Name: BANDICK-VAIO | User Name: Bandick | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.06.13 15:50:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bandick\Desktop\Systemgeschichten\OTL.exe
PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.03.25 22:41:31 | 019,721,728 | ---- | M] (Europe Support Ltd. N.V.) -- C:\Games\Game Alarm\gamealarm.exe
PRC - [2013.02.18 12:50:44 | 000,590,848 | ---- | M] (Blabbers Communications Ltd) -- C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe
PRC - [2013.02.08 15:55:20 | 001,644,680 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2013.01.10 11:02:16 | 000,844,144 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2013.01.10 11:02:12 | 000,310,128 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2013.01.10 11:02:08 | 001,475,952 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2012.12.21 14:32:50 | 000,819,040 | ---- | M] (Infowatch) -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
PRC - [2012.12.20 18:23:04 | 000,356,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
PRC - [2012.01.25 15:23:54 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe
PRC - [2011.12.29 17:10:08 | 000,960,160 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2011.12.21 14:15:06 | 000,550,128 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
PRC - [2011.11.29 17:50:40 | 000,182,576 | ---- | M] (Blabbers Communications LTD) -- C:\Program Files (x86)\BrowserCompanion\BCHelper.exe
PRC - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.07.11 11:46:10 | 000,491,520 | ---- | M] () -- C:\Games\Game Alarm\Updater.exe
PRC - [2011.02.14 14:23:50 | 000,044,736 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCService.exe
PRC - [2011.01.29 06:36:18 | 000,081,016 | ---- | M] (Sony of America Corporation) -- C:\Programme\Sony\VAIO Care\listener.exe
PRC - [2011.01.17 19:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011.01.17 19:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010.11.27 00:55:42 | 000,648,032 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2010.11.27 00:55:42 | 000,398,176 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2010.06.20 22:47:18 | 000,108,400 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
PRC - [2010.06.20 22:47:16 | 000,099,696 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
PRC - [2010.06.20 22:47:16 | 000,067,952 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
PRC - [2010.06.18 08:07:12 | 000,423,280 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
PRC - [2010.05.31 20:18:32 | 000,217,968 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2010.05.31 20:18:32 | 000,120,176 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2010.05.31 18:01:52 | 000,673,136 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2010.05.28 22:02:57 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.05.28 22:02:38 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.03.04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.03.04 05:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009.10.09 06:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
PRC - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008.09.18 11:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.03.25 22:41:25 | 000,159,744 | ---- | M] () -- C:\Games\Game Alarm\rt\jetrt\baseline720.dll
MOD - [2013.03.25 22:41:25 | 000,126,976 | ---- | M] () -- C:\Games\Game Alarm\rt\bin\zip.dll
MOD - [2013.03.25 22:41:24 | 000,069,632 | ---- | M] () -- C:\Games\Game Alarm\rt\bin\java.dll
MOD - [2013.03.25 22:41:24 | 000,020,480 | ---- | M] () -- C:\Games\Game Alarm\rt\bin\jetvm\jvm.dll
MOD - [2013.02.15 12:21:31 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7d8f6866864f78cf83d3701641c46178\System.ServiceProcess.ni.dll
MOD - [2013.02.14 22:13:30 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\05682429807d34d6ff05a77ea153935f\System.Windows.Forms.ni.dll
MOD - [2013.01.15 23:25:41 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll
MOD - [2013.01.13 21:14:31 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\dd2d0cf72eac6e5b113a0059aeb3cab5\IAStorUtil.ni.dll
MOD - [2013.01.13 21:05:41 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\01b47a246b4ec7bfec31bf4503aceda1\System.Runtime.Remoting.ni.dll
MOD - [2013.01.13 21:05:03 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\e2ee5d77ebe0bd025e7a7a317a43d677\System.Drawing.ni.dll
MOD - [2013.01.13 21:04:37 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\82a4c4666ad83c3a375210247e69646b\WindowsBase.ni.dll
MOD - [2013.01.13 21:04:29 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10aba2c167cc1119b80159fd9ac71ca8\System.Xml.ni.dll
MOD - [2013.01.13 21:04:26 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\96a3b737db1e72adaf32d2b350e50c23\System.Configuration.ni.dll
MOD - [2013.01.13 21:04:25 | 007,974,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c54750e64ba10d0fb7b6a636fb3695ca\System.ni.dll
MOD - [2013.01.13 21:04:20 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b0b8554c05f194f546a8ed531320760b\mscorlib.ni.dll
MOD - [2013.01.12 03:52:23 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b8e60f81fd56934c9f9da7b15bee3376\PresentationFramework.ni.dll
MOD - [2013.01.12 03:52:11 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\932901ff0ad5e365ffbe705d7459a37e\PresentationCore.ni.dll
MOD - [2013.01.12 03:52:04 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b519f42484e1d488662a9a8a87cb8849\System.Core.ni.dll
MOD - [2013.01.12 03:52:00 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll
MOD - [2013.01.12 03:51:59 | 003,883,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8abaedf6aecb073b22f8801aa0b8babf\WindowsBase.ni.dll
MOD - [2013.01.12 03:51:57 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7cd4aa51f6e6b9330b8f50bba8bb62c6\System.Configuration.ni.dll
MOD - [2013.01.12 03:51:55 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll
MOD - [2013.01.12 03:51:50 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll
MOD - [2012.12.20 18:19:26 | 000,479,752 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
MOD - [2012.03.11 17:11:00 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2012.03.11 17:11:00 | 000,170,496 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll
MOD - [2011.08.07 13:54:44 | 000,362,029 | ---- | M] () -- C:\Program Files (x86)\BrowserCompanion\sqlite3.dll
MOD - [2011.07.11 11:46:10 | 000,491,520 | ---- | M] () -- C:\Games\Game Alarm\Updater.exe
MOD - [2010.11.25 18:09:26 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.25 18:09:23 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2011.01.29 06:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2010.10.08 08:55:08 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2013.06.12 14:02:11 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.06.05 15:11:52 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.01.08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.21 14:32:50 | 000,819,040 | ---- | M] (Infowatch) [Auto | Running] -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe -- (CSObjectsSrv)
SRV - [2012.12.20 18:23:04 | 000,356,968 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe -- (AVP)
SRV - [2012.10.26 10:44:28 | 001,286,784 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Update\VUAgent.exe -- (VUAgent)
SRV - [2012.01.25 15:23:54 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe -- (BBUpdate)
SRV - [2012.01.25 15:23:54 | 000,192,792 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe -- (BBSvc)
SRV - [2011.12.29 17:10:08 | 000,960,160 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2011.12.21 14:15:06 | 000,550,128 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2011.12.11 11:44:18 | 000,114,000 | ---- | M] (Joosoft.com GmbH) [Auto | Running] -- C:\Windows\SysWOW64\UpdSvc.dll -- (Update-Service)
SRV - [2011.12.01 11:04:56 | 000,289,952 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.08.26 19:47:26 | 000,101,600 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV - [2011.03.28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011.02.14 14:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Care\VCService.exe -- (VCService)
SRV - [2010.11.27 00:55:42 | 000,398,176 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2010.11.25 09:36:47 | 000,332,272 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\ProgramData\Partner\Partner.exe -- (Partner Service)
SRV - [2010.11.25 09:27:27 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.06.21 19:00:52 | 000,575,856 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV - [2010.06.20 22:47:18 | 000,108,400 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2010.06.20 22:47:16 | 000,067,952 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2010.06.18 08:07:12 | 000,423,280 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2010.06.09 16:56:02 | 000,384,880 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV - [2010.06.09 00:55:14 | 000,952,096 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2010.06.08 18:00:04 | 000,836,608 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV - [2010.06.01 16:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010.05.31 20:18:32 | 000,217,968 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2010.05.28 22:02:57 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.05.28 22:02:38 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.03.04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.10.09 06:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008.09.18 11:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2008.08.07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.06.04 09:15:02 | 000,103,448 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013.06.04 09:15:00 | 000,203,672 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012.11.02 15:48:52 | 000,613,720 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2012.10.18 14:50:46 | 000,054,104 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi)
DRV:64bit: - [2012.09.03 18:23:58 | 000,029,528 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2012.09.03 17:57:00 | 000,029,016 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
DRV:64bit: - [2012.08.13 16:49:40 | 000,178,008 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
DRV:64bit: - [2012.06.19 17:28:12 | 000,458,584 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (Kl1)
DRV:64bit: - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011.06.02 14:39:44 | 000,084,536 | ---- | M] (Infowatch) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\CSCrySec.sys -- (CSCrySec)
DRV:64bit: - [2011.06.02 14:39:44 | 000,066,616 | ---- | M] (Infowatch) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys -- (CSVirtualDiskDrv)
DRV:64bit: - [2011.06.02 07:47:22 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011.06.02 07:47:22 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011.06.02 07:47:22 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011.04.01 10:23:04 | 000,045,160 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rsvcdwdr.sys -- (rsvcdwdr)
DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.10.08 08:55:08 | 006,661,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010.10.08 08:55:08 | 006,661,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.10.08 08:55:08 | 000,195,584 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.06.24 22:34:53 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010.06.24 22:33:43 | 010,326,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010.06.23 22:04:45 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.06.23 22:04:43 | 000,342,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010.06.23 22:04:43 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.06.23 22:04:43 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.06.23 22:04:09 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.06.23 22:03:07 | 000,078,848 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe)
DRV:64bit: - [2010.06.23 22:02:59 | 000,094,208 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)
DRV:64bit: - [2010.05.31 23:36:54 | 000,299,568 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2010.05.31 23:36:48 | 000,402,720 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2010.05.31 23:36:41 | 001,573,888 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.05.31 22:10:13 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2010.05.28 22:03:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010.05.28 22:02:36 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2010.04.26 22:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.10.10 04:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.09.14 14:46:42 | 000,027,152 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.26 15:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2008.06.16 04:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Bandick\Desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=101241&mntrId=a0c9eb560000000000004a0f6ed80f1b
IE - HKCU\..\SearchScopes\{65F5E014-2DCF-45A5-B288-8EE74DA8EA55}: "URL" = hxxp://de.shopping.com/?linkin_id=8056363
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SVEE_de
IE - HKCU\..\SearchScopes\{B8102FD8-6A6B-4E37-A599-0AE5FBA506C8}: "URL" = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
IE - HKCU\..\SearchScopes\{C8AFB312-20C2-4F2B-8AF2-5E7DD2193908}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}
IE - HKCU\..\SearchScopes\{E4F3CD3A-DF3D-403D-AE04-A0D1EBD4AA08}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=06311987-63FB-4024-9212-769F21BE9726&apn_sauid=9AFE8EC9-7E45-4510-A157-0F6D3849F425
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: anti_banner%40kaspersky.com:13.0.2.558
FF - prefs.js..extensions.enabledAddons: bbrs_002%40blabbers.com:1.0.5
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=06311987-63FB-4024-9212-769F21BE9726&apn_ptnrs=&apn_sauid=9AFE8EC9-7E45-4510-A157-0F6D3849F425&apn_dtid=OSJ000&&q="
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2013.06.13 13:41:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2013.06.13 13:41:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2013.06.13 13:41:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2013.06.13 13:41:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2013.06.13 13:41:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.12.02 15:48:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\Extensions
[2013.02.18 15:00:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\Firefox\Profiles\bsn6v8jn.default\extensions
[2013.06.12 20:06:39 | 000,000,000 | ---D | M] (Ginyas Browser Companion) -- C:\Users\Bandick\AppData\Roaming\mozilla\Firefox\Profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com
[2013.05.15 11:22:57 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire
[2013.04.01 20:30:26 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\1048fa0383ec8c1a4365d4bd4fed1de5_expire
[2013.06.13 15:44:26 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\10876caa9bcaa0af0fd1b75ae00f4aec_expire
[2013.03.01 20:01:23 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\1d8715bd00dbafbff504a0b9666c85e1_expire
[2013.06.12 16:08:27 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\1dd4a0fdeff86d7113af5bf9018092d1_expire
[2013.03.25 15:44:55 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\2328e1768b820b18ab2f301c9ff88e2c_expire
[2013.06.12 16:08:24 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\24779e9d2de93d13d7e07b527a1684d4_expire
[2013.04.01 12:47:24 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\292124057d00cb0fa73db6b90d079658_expire
[2013.02.19 14:10:28 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\2a86ac4f3322238b4f27d14a09839275_expire
[2013.03.25 15:44:43 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\38126fd00e0eb9d5ca912a5939b4755d_expire
[2013.03.22 13:03:18 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\3d7ac6206caeabc3e5955ad4ede73a32_expire
[2013.06.08 12:55:17 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4d3d10bd28ff623813254a49b26be41f_expire
[2013.06.12 16:08:27 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\530e52021dc20843b1aa62957edeb9f8_expire
[2013.06.12 16:08:22 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\5691d473cfba278d3447854176adcc42_expire
[2013.03.25 15:44:41 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\5c07ce6ac7fa7b9ff2f3fd7a4d77eef8_expire
[2013.06.12 16:08:27 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\5cdf8a7ef2ec84abac286c67587b78d9_expire
[2013.03.29 20:31:30 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\72891ec935a3d247f2da6562ef29a005_expire
[2013.02.19 14:10:29 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\9ef5e4c08312c8e6d81dfd42b7176e39_expire
[2013.03.25 15:44:43 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a2853631512ec717cfd936b9a1f41b5c_expire
[2013.03.29 20:31:30 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a38dbdd1af07f4236d43e8fd995f57a6_expire
[2013.03.29 20:31:29 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a7e0abb80dabcdbb6dbaec920aa126a0_expire
[2013.03.01 20:01:23 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\addabc0e1349eebead03532357f33ad8_expire
[2013.06.13 15:44:26 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\b4e6d346c3e211a88a4175dba0d9e052_expire
[2013.03.29 18:33:21 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\bf73732e1f0b76bac435293ba3880579_expire
[2013.06.13 15:44:26 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e440d29f88739418e905adc0a155a174_expire
[2013.04.01 20:30:26 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e7d8325da90d91d3c4e7720f0e629e17_expire
[2013.06.12 16:08:22 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e919434ec29526b28593c426e4264271_expire
[2013.04.01 12:47:25 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\f03527c67e08602d2e4c18ae7867300d_expire
[2013.03.22 13:03:18 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\f1586b879e32b889596b836c8855994f_expire
[2013.06.13 15:00:41 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\f6bac299a1c952b358a64e75e2e51dbd_expire
[2013.06.08 12:55:17 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire
[2013.03.22 13:03:18 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\fd884a02221ff58a33d44bd2b23a7ab9_expire
[2013.06.08 12:55:17 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Bandick\AppData\Roaming\mozilla\firefox\profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire
[2013.06.13 13:43:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.06.05 15:11:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.06.05 15:11:52 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.06.13 13:41:51 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY PURE 3.0\FFEXT\ANTI_BANNER@KASPERSKY.COM
 
========== Chrome ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SVEE_de
CHR - default_search_provider: suggest_url =
CHR - homepage: hxxp://www.google.de/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\gcswf32.dll
CHR - plugin: (Enabled) = C:\Users\Bandick\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej\1.0.5_0\chromeNPAPI.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Bandick\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\Bandick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.1_0\
CHR - Extension: YouTube = C:\Users\Bandick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Ginyas Browser Companion = C:\Users\Bandick\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\
CHR - Extension: Browser Companion Helper = C:\Users\Bandick\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej\1.0.5_1\
CHR - Extension: Google-Suche = C:\Users\Bandick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Modul zur Link-Untersuchung = C:\Users\Bandick\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.2.558_0\
CHR - Extension: Sicherer Zahlungsverkehr = C:\Users\Bandick\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.2.558_0\
CHR - Extension: Virtuelle Tastatur = C:\Users\Bandick\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.2.558_0\
CHR - Extension: Skype Click to Call = C:\Users\Bandick\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\
CHR - Extension: Google Mail = C:\Users\Bandick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: Anti-Banner = C:\Users\Bandick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.2.558_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Ginyas Browser Companion) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll ( )
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Kaspersky Passsword Manager Toolbar) - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\PROGRA~2\KASPER~1\KASPER~1.0\KASPER~2\spIEBho.dll (Kaspersky Lab)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)
O2 - BHO: (Ginyas Browser Companion Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll (Blabbers Communications Ltd)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Kaspersky Passsword Manager Toolbar) - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\PROGRA~2\KASPER~1\KASPER~1.0\KASPER~2\spIEBho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [Browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe (Blabbers Communications LTD)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [SHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [CAHeadless] C:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [HP Officejet Pro 8600 (NET)] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - Startup: C:\Users\Bandick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Game Alarm.lnk = C:\Games\Game Alarm\gamealarm.exe (Europe Support Ltd. N.V.)
O4 - Startup: C:\Users\Bandick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm ()
O9:64bit: - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://navigram.com/engine/v1026/Navigram.cab (Navigram Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{423D4F55-13A2-4D2E-BBDA-A1774A136043}: DhcpNameServer = 195.184.96.2 213.173.225.86
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F3593B11-7940-4EF9-BF6F-C86A919D5698}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\base64 - No CLSID value found
O18:64bit: - Protocol\Handler\chrome - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\prox - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 0
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} -
ActiveX:64bit: >{F65A5BD6-CBD5-44BB-92EE-7CD500DC5948} - RunDLL32 IEDKCS32.DLL,BrandIE4 CUSTOM
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {1CF85E3B-94DD-98BE-2745-CD83E96D0DAD} - Microsoft Windows Media Player
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {68CDBC7D-3B25-B622-3504-527BD5DF2B15} - Microsoft Windows Media Player
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.13 14:03:00 | 000,000,000 | ---D | C] -- C:\Users\Bandick\Desktop\Programmverknüpfungen
[2013.06.13 13:43:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky PURE 3.0
[2013.06.13 13:43:08 | 000,000,000 | --SD | C] -- C:\Users\Bandick\Documents\Passwords Database
[2013.06.13 13:42:45 | 000,064,856 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\klfphc.dll
[2013.06.13 13:42:06 | 000,066,616 | ---- | C] (Infowatch) -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys
[2013.06.13 13:42:01 | 000,084,536 | ---- | C] (Infowatch) -- C:\Windows\SysNative\drivers\CSCrySec.sys
[2013.06.13 13:41:53 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP
[2013.06.12 14:01:13 | 000,000,000 | ---D | C] -- C:\Users\Bandick\Desktop\Systemgeschichten
[2013.06.12 10:52:16 | 000,000,000 | -HSD | C] -- C:\found.000
[2013.06.10 16:21:35 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013.06.08 11:58:05 | 000,000,000 | ---D | C] -- C:\Users\Bandick\AppData\Local\{601B15EB-096C-4F37-AB46-86C1DAD9995D}
[2013.06.06 22:44:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2013.06.06 22:43:27 | 000,000,000 | ---D | C] -- C:\Users\Bandick\AppData\Roaming\HpUpdate
[2013.06.06 22:43:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2013.06.06 22:42:34 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2013.06.06 22:42:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2013.06.06 22:42:02 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2013.06.06 22:41:20 | 000,000,000 | ---D | C] -- C:\Users\Bandick\AppData\Local\HP
[2013.06.06 14:26:43 | 000,000,000 | ---D | C] -- C:\Users\Bandick\AppData\Local\{8F0C5B3B-F0D4-4050-8143-C131C751AD00}
[2013.06.05 15:11:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.06.04 09:15:02 | 000,103,448 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys
[2013.06.04 09:15:00 | 000,203,672 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2013.03.25 22:34:46 | 220,912,408 | ---- | C] (Greentube GmbH) -- C:\Users\Bandick\DE-SkiChallenge13.exe
[2012.07.25 08:44:09 | 009,226,440 | ---- | C] (Adobe Systems Incorporated) -- C:\Users\Bandick\install_flash_player_ax.exe
[77 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Users\Bandick\Desktop\*.tmp files -> C:\Users\Bandick\Desktop\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.13 16:00:00 | 000,000,994 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanion Runner.job
[2013.06.13 15:36:05 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanion Stats Report.job
[2013.06.13 15:31:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.13 15:24:25 | 000,361,664 | ---- | M] () -- C:\test.xml
[2013.06.13 15:02:07 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.13 14:26:34 | 000,000,162 | -H-- | M] () -- C:\Users\Bandick\Desktop\~$ DO Liste aktuell.rtf
[2013.06.13 14:25:43 | 000,000,700 | ---- | M] () -- C:\Users\Bandick\Desktop\TO DO Liste aktuell.rtf
[2013.06.13 14:24:27 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.13 14:24:27 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.13 14:23:52 | 001,500,294 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.06.13 14:23:52 | 000,654,852 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.06.13 14:23:52 | 000,616,694 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.06.13 14:23:52 | 000,130,434 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.06.13 14:23:52 | 000,106,816 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.06.13 14:17:01 | 000,000,994 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanion Chrome Watcher.job
[2013.06.13 14:17:00 | 000,000,926 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanion Update Checker.job
[2013.06.13 14:16:58 | 000,001,934 | ---- | M] () -- C:\Users\Bandick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk
[2013.06.13 14:16:57 | 000,000,994 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanion FireFox Watcher.job
[2013.06.13 14:16:55 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.13 14:16:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.13 14:16:15 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.13 13:47:21 | 000,002,216 | ---- | M] () -- C:\Users\Bandick\Desktop\Sicherer Zahlungsverkehr.lnk
[2013.06.13 13:42:46 | 000,001,078 | ---- | M] () -- C:\Users\Public\Desktop\Kaspersky PURE 3.0.lnk
[2013.06.06 22:43:25 | 000,002,200 | ---- | M] () -- C:\Users\Public\Desktop\HP Officejet Pro 8600.lnk
[2013.06.06 22:43:25 | 000,001,152 | ---- | M] () -- C:\Users\Public\Desktop\Shop für Zubehör - HP Officejet Pro 8600.lnk
[2013.06.06 22:41:56 | 000,000,057 | ---- | M] () -- C:\ProgramData\Ament.ini
[2013.06.04 09:15:02 | 000,103,448 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys
[2013.06.04 09:15:00 | 000,203,672 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2013.06.01 03:24:25 | 000,402,568 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[77 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Users\Bandick\Desktop\*.tmp files -> C:\Users\Bandick\Desktop\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.06.13 14:26:34 | 000,000,162 | -H-- | C] () -- C:\Users\Bandick\Desktop\~$ DO Liste aktuell.rtf
[2013.06.13 14:25:43 | 000,000,700 | ---- | C] () -- C:\Users\Bandick\Desktop\TO DO Liste aktuell.rtf
[2013.06.13 13:47:21 | 000,002,216 | ---- | C] () -- C:\Users\Bandick\Desktop\Sicherer Zahlungsverkehr.lnk
[2013.06.13 13:43:38 | 000,001,078 | ---- | C] () -- C:\Users\Public\Desktop\Kaspersky PURE 3.0.lnk
[2013.06.06 22:50:30 | 000,001,934 | ---- | C] () -- C:\Users\Bandick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk
[2013.06.06 22:43:40 | 000,000,968 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
[2013.06.06 22:43:25 | 000,002,200 | ---- | C] () -- C:\Users\Public\Desktop\HP Officejet Pro 8600.lnk
[2013.06.06 22:43:25 | 000,001,152 | ---- | C] () -- C:\Users\Public\Desktop\Shop für Zubehör - HP Officejet Pro 8600.lnk
[2013.06.06 22:41:56 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013.05.31 08:01:39 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.04.02 11:59:28 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2012.12.05 10:46:58 | 000,007,647 | ---- | C] () -- C:\Users\Bandick\AppData\Local\Resmon.ResmonCfg
[2011.09.16 11:54:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.09.16 11:54:44 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.09.16 11:54:44 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.09.16 11:54:44 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.09.16 11:54:44 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.06.10 23:24:47 | 000,017,408 | ---- | C] () -- C:\Users\Bandick\AppData\Local\WebpageIcons.db
[2011.05.11 23:07:53 | 000,000,040 | ---- | C] () -- C:\Users\Bandick\AppData\Roaming\cdr.ini
[2011.04.09 13:26:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.01.19 13:34:42 | 003,003,392 | ---- | C] () -- C:\Program Files\openofficeorg33.msi
[2011.01.19 13:33:04 | 000,475,016 | ---- | C] () -- C:\Program Files\setup.exe
[2011.01.19 13:30:10 | 142,700,671 | ---- | C] () -- C:\Program Files\openofficeorg1.cab
[2011.01.19 12:15:26 | 000,000,290 | ---- | C] () -- C:\Program Files\setup.ini
[2007.03.12 19:59:00 | 000,299,008 | ---- | C] () -- C:\Program Files (x86)\navigram_register.exe
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2011.05.08 21:57:40 | 000,000,000 | ---D | M] -- C:\Users\Bandick\AppData\Roaming\Auslogics
[2011.12.11 11:50:16 | 000,000,000 | ---D | M] -- C:\Users\Bandick\AppData\Roaming\Babylon
[2011.08.10 09:56:59 | 000,000,000 | ---D | M] -- C:\Users\Bandick\AppData\Roaming\MAGIX
[2011.07.24 22:00:43 | 000,000,000 | ---D | M] -- C:\Users\Bandick\AppData\Roaming\No Company Name
[2012.03.11 17:16:25 | 000,000,000 | ---D | M] -- C:\Users\Bandick\AppData\Roaming\OpenOffice.org
[2011.07.10 05:01:15 | 000,000,000 | ---D | M] -- C:\Users\Bandick\AppData\Roaming\SaalDesignSoftware
[2013.02.10 20:25:07 | 000,000,000 | ---D | M] -- C:\Users\Bandick\AppData\Roaming\Samsung
[2013.06.13 14:26:35 | 000,000,000 | ---D | M] -- C:\Users\Bandick\AppData\Roaming\SoftGrid Client
[2011.12.11 13:02:48 | 000,000,000 | ---D | M] -- C:\Users\Bandick\AppData\Roaming\Stentec
[2011.04.09 12:45:47 | 000,000,000 | ---D | M] -- C:\Users\Bandick\AppData\Roaming\TP
[2012.04.22 07:40:59 | 000,000,000 | ---D | M] -- C:\Users\Bandick\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.03.11 12:37:02 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2013.06.13 13:44:58 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2010.11.25 09:24:18 | 000,000,000 | ---D | M] -- C:\Documentation
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.04.09 12:33:29 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2013.06.12 10:52:16 | 000,000,000 | -HSD | M] -- C:\found.000
[2013.03.25 22:41:22 | 000,000,000 | ---D | M] -- C:\Games
[2010.10.12 18:56:10 | 000,000,000 | ---D | M] -- C:\Intel
[2011.06.15 22:01:49 | 000,000,000 | ---D | M] -- C:\Macromedia
[2012.12.02 15:46:58 | 000,000,000 | ---D | M] -- C:\Mozilla
[2013.06.11 16:29:32 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2013.06.06 22:42:02 | 000,000,000 | R--D | M] -- C:\Program Files
[2013.06.12 11:04:41 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2013.06.13 13:43:25 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.04.09 12:33:29 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.06.16 00:36:31 | 000,000,000 | ---D | M] -- C:\Sony Corporation
[2010.11.25 09:49:58 | 000,000,000 | -H-D | M] -- C:\SPLASH.000
[2012.12.16 14:50:40 | 000,000,000 | -H-D | M] -- C:\SPLASH.SYS
[2013.06.13 15:58:39 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.05.20 14:56:52 | 000,000,000 | ---D | M] -- C:\Temp
[2013.06.07 11:31:00 | 000,000,000 | ---D | M] -- C:\Update
[2011.04.09 12:33:42 | 000,000,000 | R--D | M] -- C:\Users
[2011.04.10 16:38:21 | 000,000,000 | ---D | M] -- C:\VAIO Entertainment
[2010.11.25 09:57:07 | 000,000,000 | ---D | M] -- C:\VAIO Sample Contents
[2011.12.11 11:32:01 | 000,000,000 | ---D | M] -- C:\Virtual Sailor
[2013.06.13 13:41:53 | 000,000,000 | ---D | M] -- C:\Windows
[2010.11.25 09:24:20 | 000,000,000 | ---D | M] -- C:\_FS_SWRINFO
 
< %PROGRAMFILES%\*.exe >
[2007.03.12 19:59:00 | 000,299,008 | ---- | M] () -- C:\Program Files (x86)\navigram_register.exe
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2009.07.14 03:14:11 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[77 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2010.11.25 09:36:14 | 000,001,120 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2010.11.25 09:36:15 | 000,001,124 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2011.07.29 00:04:48 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.04.20 07:35:19 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.02.18 15:00:11 | 000,000,994 | ---- | C] () -- C:\Windows\Tasks\GinyasBrowserCompanion FireFox Watcher.job
[2013.02.18 15:00:22 | 000,000,994 | ---- | C] () -- C:\Windows\Tasks\GinyasBrowserCompanion Chrome Watcher.job
[2013.02.18 15:00:24 | 000,001,042 | ---- | C] () -- C:\Windows\Tasks\GinyasBrowserCompanion Stats Report.job
[2013.02.18 15:00:27 | 000,000,926 | ---- | C] () -- C:\Windows\Tasks\GinyasBrowserCompanion Update Checker.job
[2013.02.18 15:00:27 | 000,000,994 | ---- | C] () -- C:\Windows\Tasks\GinyasBrowserCompanion Runner.job
 
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
 
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
 
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
 
< MD5 for: IASTOR.SYS >
[2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\drivers\iaStor.sys
[2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_78ebae21a80aa2b4\iaStor.sys
 
< MD5 for: IASTORV.SYS >
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0033117673c16921\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
 
< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
 
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
 
< MD5 for: USER32.DLL >
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\SysNative\user32.dll
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
 
< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
 
< MD5 for: WINLOGON.EXE >
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< MD5 for: WS2IFSL.SYS >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
[77 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
 
< %USERPROFILE%\*.* >
[2013.03.25 22:37:04 | 220,912,408 | ---- | M] (Greentube GmbH) -- C:\Users\Bandick\DE-SkiChallenge13.exe
[2012.07.25 08:44:19 | 009,226,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\Bandick\install_flash_player_ax.exe
[2013.06.13 16:12:18 | 003,407,872 | -HS- | M] () -- C:\Users\Bandick\ntuser.dat
[2013.06.13 16:12:18 | 000,262,144 | -HS- | M] () -- C:\Users\Bandick\ntuser.dat.LOG1
[2011.04.09 12:33:45 | 000,000,000 | -HS- | M] () -- C:\Users\Bandick\ntuser.dat.LOG2
[2011.04.09 13:43:42 | 000,065,536 | -HS- | M] () -- C:\Users\Bandick\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2011.04.09 13:43:42 | 000,524,288 | -HS- | M] () -- C:\Users\Bandick\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2011.04.09 13:43:42 | 000,524,288 | -HS- | M] () -- C:\Users\Bandick\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2013.05.14 22:00:42 | 000,065,536 | -HS- | M] () -- C:\Users\Bandick\ntuser.dat{270a3bbd-bcc7-11e2-b295-90004ea9f275}.TM.blf
[2013.05.14 22:00:42 | 000,524,288 | -HS- | M] () -- C:\Users\Bandick\ntuser.dat{270a3bbd-bcc7-11e2-b295-90004ea9f275}.TMContainer00000000000000000001.regtrans-ms
[2013.05.14 22:00:42 | 000,524,288 | -HS- | M] () -- C:\Users\Bandick\ntuser.dat{270a3bbd-bcc7-11e2-b295-90004ea9f275}.TMContainer00000000000000000002.regtrans-ms
[2013.06.12 21:52:00 | 000,065,536 | -HS- | M] () -- C:\Users\Bandick\ntuser.dat{8c1d7101-d378-11e2-b0cd-f0bf97127ca6}.TM.blf
[2013.06.12 21:52:00 | 000,524,288 | -HS- | M] () -- C:\Users\Bandick\ntuser.dat{8c1d7101-d378-11e2-b0cd-f0bf97127ca6}.TMContainer00000000000000000001.regtrans-ms
[2013.06.12 21:52:00 | 000,524,288 | -HS- | M] () -- C:\Users\Bandick\ntuser.dat{8c1d7101-d378-11e2-b0cd-f0bf97127ca6}.TMContainer00000000000000000002.regtrans-ms
[2013.06.11 17:09:30 | 000,065,536 | -HS- | M] () -- C:\Users\Bandick\ntuser.dat{e025e6da-d2a1-11e2-917b-c201ccbdc9d4}.TM.blf
[2013.06.11 17:09:30 | 000,524,288 | -HS- | M] () -- C:\Users\Bandick\ntuser.dat{e025e6da-d2a1-11e2-917b-c201ccbdc9d4}.TMContainer00000000000000000001.regtrans-ms
[2013.06.11 17:09:30 | 000,524,288 | -HS- | M] () -- C:\Users\Bandick\ntuser.dat{e025e6da-d2a1-11e2-917b-c201ccbdc9d4}.TMContainer00000000000000000002.regtrans-ms
[2011.04.09 12:33:45 | 000,000,020 | -HS- | M] () -- C:\Users\Bandick\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 
========== Files - Unicode (All) ==========
[2011.04.14 05:57:14 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?Ä) -- C:\Windows\SysNative\ꋀÄ
[2011.04.14 05:57:14 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?Ä) -- C:\Windows\SysNative\ꋀÄ
 
< End of report >
         
--- --- ---

Alt 13.06.2013, 16:50   #2
markusg
/// Malware-holic
 
Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen" - Standard

Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen"



Hi,
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 13.06.2013, 17:22   #3
crusherxxx
 
Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen" - Standard

Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen"



Der Scan mit dem TDSS-Killer ergab folgenden Report:

18:13:55.0265 1192 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:13:55.0428 1192 ============================================================
18:13:55.0428 1192 Current date / time: 2013/06/13 18:13:55.0428
18:13:55.0428 1192 SystemInfo:
18:13:55.0428 1192
18:13:55.0429 1192 OS Version: 6.1.7600 ServicePack: 0.0
18:13:55.0429 1192 Product type: Workstation
18:13:55.0429 1192 ComputerName: BANDICK-VAIO
18:13:55.0429 1192 UserName: Bandick
18:13:55.0429 1192 Windows directory: C:\Windows
18:13:55.0429 1192 System windows directory: C:\Windows
18:13:55.0429 1192 Running under WOW64
18:13:55.0429 1192 Processor architecture: Intel x64
18:13:55.0429 1192 Number of processors: 4
18:13:55.0429 1192 Page size: 0x1000
18:13:55.0429 1192 Boot type: Normal boot
18:13:55.0429 1192 ============================================================
18:13:56.0289 1192 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:13:56.0291 1192 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:13:56.0295 1192 ============================================================
18:13:56.0295 1192 \Device\Harddisk0\DR0:
18:13:56.0296 1192 MBR partitions:
18:13:56.0296 1192 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1ABF000, BlocksNum 0x32000
18:13:56.0296 1192 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1AF1000, BlocksNum 0x38894830
18:13:56.0296 1192 \Device\Harddisk1\DR1:
18:13:56.0296 1192 MBR partitions:
18:13:56.0297 1192 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x1000, BlocksNum 0x3A384800
18:13:56.0297 1192 ============================================================
18:13:56.0392 1192 C: <-> \Device\Harddisk0\DR0\Partition2
18:13:56.0393 1192 D: <-> \Device\Harddisk1\DR1\Partition1
18:13:56.0394 1192 ============================================================
18:13:56.0394 1192 Initialize success
18:13:56.0394 1192 ============================================================
18:15:45.0403 5940 ============================================================
18:15:45.0403 5940 Scan started
18:15:45.0403 5940 Mode: Manual; SigCheck; TDLFS;
18:15:45.0403 5940 ============================================================
18:15:45.0668 5940 ================ Scan system memory ========================
18:15:45.0668 5940 System memory - ok
18:15:45.0668 5940 ================ Scan services =============================
18:15:45.0949 5940 [ 969C91060CBB5D17CB8440B5F78B4C51 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:15:46.0152 5940 1394ohci - ok
18:15:46.0261 5940 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
18:15:46.0308 5940 ACDaemon - ok
18:15:46.0370 5940 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:15:46.0401 5940 ACPI - ok
18:15:46.0464 5940 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:15:46.0557 5940 AcpiPmi - ok
18:15:46.0682 5940 [ 34400005DE52842C4D6D4EE978B4D7CE ] AdobeActiveFileMonitor8.0 C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
18:15:46.0698 5940 AdobeActiveFileMonitor8.0 - ok
18:15:46.0854 5940 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:15:46.0869 5940 AdobeARMservice - ok
18:15:47.0150 5940 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:15:47.0181 5940 AdobeFlashPlayerUpdateSvc - ok
18:15:47.0275 5940 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:15:47.0322 5940 adp94xx - ok
18:15:47.0368 5940 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:15:47.0415 5940 adpahci - ok
18:15:47.0478 5940 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:15:47.0524 5940 adpu320 - ok
18:15:47.0556 5940 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:15:47.0649 5940 AeLookupSvc - ok
18:15:47.0727 5940 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
18:15:47.0821 5940 AFD - ok
18:15:47.0899 5940 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:15:47.0914 5940 agp440 - ok
18:15:48.0008 5940 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:15:48.0086 5940 ALG - ok
18:15:48.0148 5940 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:15:48.0180 5940 aliide - ok
18:15:48.0242 5940 [ 3F9B03B72577A6A7405BF30801CBD159 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:15:48.0351 5940 AMD External Events Utility - ok
18:15:48.0414 5940 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:15:48.0445 5940 amdide - ok
18:15:48.0492 5940 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:15:48.0570 5940 AmdK8 - ok
18:15:48.0850 5940 [ EA244A8B88DE8B5986BF3B7903B063AF ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:15:49.0084 5940 amdkmdag - ok
18:15:49.0162 5940 [ DCA6E341A4A7C31EA8A14C6166C9B249 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
18:15:49.0209 5940 amdkmdap - ok
18:15:49.0272 5940 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:15:49.0318 5940 AmdPPM - ok
18:15:49.0365 5940 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:15:49.0396 5940 amdsata - ok
18:15:49.0459 5940 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:15:49.0474 5940 amdsbs - ok
18:15:49.0490 5940 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:15:49.0506 5940 amdxata - ok
18:15:49.0568 5940 [ 2D45F2DFBC3D8F53DF7EBEFFA8C9BC38 ] ApfiltrService C:\Windows\system32\drivers\Apfiltr.sys
18:15:49.0599 5940 ApfiltrService - ok
18:15:49.0677 5940 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
18:15:49.0786 5940 AppID - ok
18:15:49.0802 5940 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:15:49.0864 5940 AppIDSvc - ok
18:15:49.0942 5940 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
18:15:50.0005 5940 Appinfo - ok
18:15:50.0067 5940 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
18:15:50.0098 5940 arc - ok
18:15:50.0130 5940 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:15:50.0145 5940 arcsas - ok
18:15:50.0208 5940 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
18:15:50.0239 5940 ArcSoftKsUFilter - ok
18:15:50.0286 5940 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:15:50.0379 5940 AsyncMac - ok
18:15:50.0442 5940 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:15:50.0473 5940 atapi - ok
18:15:50.0566 5940 [ CCA705CDF038D5BC243203CE4416B345 ] athr C:\Windows\system32\DRIVERS\athrx.sys
18:15:50.0707 5940 athr - ok
18:15:50.0941 5940 [ EA244A8B88DE8B5986BF3B7903B063AF ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:15:51.0034 5940 atikmdag - ok
18:15:51.0097 5940 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:15:51.0222 5940 AudioEndpointBuilder - ok
18:15:51.0237 5940 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:15:51.0284 5940 AudioSrv - ok
18:15:51.0440 5940 AVP - ok
18:15:51.0502 5940 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:15:51.0612 5940 AxInstSV - ok
18:15:51.0721 5940 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:15:51.0830 5940 b06bdrv - ok
18:15:51.0908 5940 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:15:51.0970 5940 b57nd60a - ok
18:15:52.0095 5940 [ 4BEFF67C1775D353A16A62347E727874 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe
18:15:52.0126 5940 BBSvc - ok
18:15:52.0173 5940 [ A6DAAD3EA93DBDBD07FA821BCED133F6 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe
18:15:52.0189 5940 BBUpdate - ok
18:15:52.0282 5940 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:15:52.0360 5940 BDESVC - ok
18:15:52.0423 5940 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:15:52.0501 5940 Beep - ok
18:15:52.0610 5940 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
18:15:52.0704 5940 BFE - ok
18:15:52.0797 5940 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
18:15:52.0953 5940 BITS - ok
18:15:53.0016 5940 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
18:15:53.0062 5940 blbdrive - ok
18:15:53.0109 5940 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:15:53.0187 5940 bowser - ok
18:15:53.0234 5940 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:15:53.0296 5940 BrFiltLo - ok
18:15:53.0312 5940 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:15:53.0343 5940 BrFiltUp - ok
18:15:53.0421 5940 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
18:15:53.0499 5940 Browser - ok
18:15:53.0530 5940 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:15:53.0624 5940 Brserid - ok
18:15:53.0640 5940 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:15:53.0702 5940 BrSerWdm - ok
18:15:53.0749 5940 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:15:53.0811 5940 BrUsbMdm - ok
18:15:53.0842 5940 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:15:53.0905 5940 BrUsbSer - ok
18:15:53.0967 5940 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
18:15:54.0030 5940 BthEnum - ok
18:15:54.0092 5940 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:15:54.0139 5940 BTHMODEM - ok
18:15:54.0217 5940 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:15:54.0264 5940 BthPan - ok
18:15:54.0373 5940 [ D59773C7FDD3D795D6FE402EEEA8D71E ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
18:15:54.0451 5940 BTHPORT - ok
18:15:54.0513 5940 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:15:54.0607 5940 bthserv - ok
18:15:54.0654 5940 [ 8504842634DD144C075B6B0C982CCEC4 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
18:15:54.0700 5940 BTHUSB - ok
18:15:54.0778 5940 [ 59E3510784548C6939C1B3B985C232E3 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
18:15:54.0810 5940 btwampfl - ok
18:15:54.0856 5940 [ 1872074ED0A3FB22E3F1E3197B984BFA ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
18:15:54.0872 5940 btwaudio - ok
18:15:54.0950 5940 [ 691CF076C33AB1C3A5B2FD5450300733 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
18:15:54.0966 5940 btwavdt - ok
18:15:55.0106 5940 [ 8BA6E93A182126781952A7895EC1E4B2 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
18:15:55.0168 5940 btwdins - ok
18:15:55.0184 5940 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
18:15:55.0200 5940 btwl2cap - ok
18:15:55.0262 5940 [ C9273B20DEC8CE38DBCE5D29DE63C907 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
18:15:55.0278 5940 btwrchid - ok
18:15:55.0324 5940 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:15:55.0371 5940 cdfs - ok
18:15:55.0418 5940 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:15:55.0480 5940 cdrom - ok
18:15:55.0543 5940 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
18:15:55.0636 5940 CertPropSvc - ok
18:15:55.0683 5940 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
18:15:55.0730 5940 circlass - ok
18:15:55.0777 5940 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:15:55.0808 5940 CLFS - ok
18:15:56.0011 5940 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:15:56.0026 5940 clr_optimization_v2.0.50727_32 - ok
18:15:56.0073 5940 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:15:56.0089 5940 clr_optimization_v2.0.50727_64 - ok
18:15:56.0229 5940 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:15:56.0260 5940 clr_optimization_v4.0.30319_32 - ok
18:15:56.0448 5940 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:15:56.0479 5940 clr_optimization_v4.0.30319_64 - ok
18:15:56.0541 5940 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
18:15:56.0588 5940 CmBatt - ok
18:15:56.0619 5940 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:15:56.0635 5940 cmdide - ok
18:15:56.0697 5940 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
18:15:56.0760 5940 CNG - ok
18:15:56.0838 5940 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:15:56.0853 5940 Compbatt - ok
18:15:56.0916 5940 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:15:56.0978 5940 CompositeBus - ok
18:15:56.0994 5940 COMSysApp - ok
18:15:57.0025 5940 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:15:57.0040 5940 crcdisk - ok
18:15:57.0118 5940 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:15:57.0196 5940 CryptSvc - ok
18:15:57.0259 5940 [ 04199CA5C4A6F6E935906A74EAFCA8E7 ] CSCrySec C:\Windows\system32\DRIVERS\CSCrySec.sys
18:15:57.0274 5940 CSCrySec - ok
18:15:57.0586 5940 [ 0F9FE82E229C039F0AC1996E44059653 ] CSObjectsSrv C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
18:15:57.0664 5940 CSObjectsSrv - ok
18:15:57.0774 5940 [ 7D7F90460F1309B5205BF8CDFAD63E42 ] CSVirtualDiskDrv C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys
18:15:57.0789 5940 CSVirtualDiskDrv - ok
18:15:58.0008 5940 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
18:15:58.0070 5940 cvhsvc - ok
18:15:58.0148 5940 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:15:58.0242 5940 DcomLaunch - ok
18:15:58.0304 5940 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:15:58.0382 5940 defragsvc - ok
18:15:58.0444 5940 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:15:58.0522 5940 DfsC - ok
18:15:58.0569 5940 [ 0B3F6C8F93C5C25977EA5A8B2E656357 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
18:15:58.0616 5940 dg_ssudbus - ok
18:15:58.0678 5940 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
18:15:58.0819 5940 Dhcp - ok
18:15:58.0834 5940 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:15:58.0912 5940 discache - ok
18:15:58.0975 5940 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
18:15:59.0006 5940 Disk - ok
18:15:59.0053 5940 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:15:59.0115 5940 Dnscache - ok
18:15:59.0146 5940 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
18:15:59.0240 5940 dot3svc - ok
18:15:59.0271 5940 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
18:15:59.0318 5940 DPS - ok
18:15:59.0380 5940 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:15:59.0412 5940 drmkaud - ok
18:15:59.0474 5940 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:15:59.0521 5940 DXGKrnl - ok
18:15:59.0568 5940 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:15:59.0646 5940 EapHost - ok
18:15:59.0802 5940 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:15:59.0973 5940 ebdrv - ok
18:16:00.0004 5940 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
18:16:00.0051 5940 EFS - ok
18:16:00.0192 5940 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:16:00.0285 5940 ehRecvr - ok
18:16:00.0348 5940 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:16:00.0379 5940 ehSched - ok
18:16:00.0441 5940 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:16:00.0519 5940 elxstor - ok
18:16:00.0550 5940 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:16:00.0613 5940 ErrDev - ok
18:16:00.0691 5940 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:16:00.0784 5940 EventSystem - ok
18:16:00.0816 5940 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:16:00.0894 5940 exfat - ok
18:16:00.0987 5940 Fabs - ok
18:16:01.0018 5940 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:16:01.0096 5940 fastfat - ok
18:16:01.0206 5940 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
18:16:01.0315 5940 Fax - ok
18:16:01.0330 5940 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
18:16:01.0377 5940 fdc - ok
18:16:01.0424 5940 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:16:01.0486 5940 fdPHost - ok
18:16:01.0518 5940 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:16:01.0564 5940 FDResPub - ok
18:16:01.0580 5940 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:16:01.0596 5940 FileInfo - ok
18:16:01.0611 5940 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:16:01.0658 5940 Filetrace - ok
18:16:02.0017 5940 [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
18:16:02.0157 5940 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
18:16:02.0157 5940 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
18:16:02.0266 5940 [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:16:02.0329 5940 FLEXnet Licensing Service - ok
18:16:02.0360 5940 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:16:02.0376 5940 flpydisk - ok
18:16:02.0438 5940 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:16:02.0469 5940 FltMgr - ok
18:16:02.0532 5940 [ BC00505CFDA789ED3BE95D2FF38C4875 ] FontCache C:\Windows\system32\FntCache.dll
18:16:02.0641 5940 FontCache - ok
18:16:02.0703 5940 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:16:02.0734 5940 FontCache3.0.0.0 - ok
18:16:02.0750 5940 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:16:02.0766 5940 FsDepends - ok
18:16:02.0812 5940 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:16:02.0844 5940 Fs_Rec - ok
18:16:02.0906 5940 [ 1F44F8559E61A8306ECC67BB1E168B7C ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:16:02.0953 5940 fvevol - ok
18:16:03.0000 5940 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:16:03.0031 5940 gagp30kx - ok
18:16:03.0093 5940 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
18:16:03.0156 5940 gpsvc - ok
18:16:03.0234 5940 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:16:03.0265 5940 gupdate - ok
18:16:03.0280 5940 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:16:03.0296 5940 gupdatem - ok
18:16:03.0343 5940 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:16:03.0374 5940 gusvc - ok
18:16:03.0405 5940 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:16:03.0468 5940 hcw85cir - ok
18:16:03.0546 5940 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:16:03.0608 5940 HdAudAddService - ok
18:16:03.0686 5940 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:16:03.0733 5940 HDAudBus - ok
18:16:03.0826 5940 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\drivers\HECIx64.sys
18:16:03.0842 5940 HECIx64 - ok
18:16:03.0873 5940 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:16:03.0904 5940 HidBatt - ok
18:16:03.0936 5940 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:16:03.0998 5940 HidBth - ok
18:16:04.0014 5940 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
18:16:04.0060 5940 HidIr - ok
18:16:04.0107 5940 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:16:04.0201 5940 hidserv - ok
18:16:04.0279 5940 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:16:04.0326 5940 HidUsb - ok
18:16:04.0388 5940 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:16:04.0466 5940 hkmsvc - ok
18:16:04.0528 5940 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:16:04.0560 5940 HomeGroupListener - ok
18:16:04.0591 5940 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:16:04.0622 5940 HomeGroupProvider - ok
18:16:04.0669 5940 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:16:04.0700 5940 HpSAMD - ok
18:16:04.0778 5940 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:16:04.0856 5940 HTTP - ok
18:16:04.0872 5940 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:16:04.0887 5940 hwpolicy - ok
18:16:04.0934 5940 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:16:04.0950 5940 i8042prt - ok
18:16:04.0965 5940 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\drivers\iaStor.sys
18:16:04.0981 5940 iaStor - ok
18:16:05.0074 5940 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:16:05.0090 5940 IAStorDataMgrSvc - ok
18:16:05.0137 5940 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:16:05.0168 5940 iaStorV - ok
18:16:05.0308 5940 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:16:05.0371 5940 idsvc - ok
18:16:05.0886 5940 [ 2A22AB054F4630D2EF4BAB2853F6D5F6 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
18:16:06.0229 5940 igfx ( UnsignedFile.Multi.Generic ) - warning
18:16:06.0229 5940 igfx - detected UnsignedFile.Multi.Generic (1)
18:16:06.0307 5940 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:16:06.0338 5940 iirsp - ok
18:16:06.0400 5940 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
18:16:06.0525 5940 IKEEXT - ok
18:16:06.0588 5940 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\drivers\Impcd.sys
18:16:06.0650 5940 Impcd - ok
18:16:06.0868 5940 [ 526E482AFB586CB1CDD687869DECF686 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:16:06.0962 5940 IntcAzAudAddService - ok
18:16:07.0071 5940 [ 58CF58DEE26C909BD6F977B61D246295 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
18:16:07.0180 5940 IntcDAud ( UnsignedFile.Multi.Generic ) - warning
18:16:07.0180 5940 IntcDAud - detected UnsignedFile.Multi.Generic (1)
18:16:07.0212 5940 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:16:07.0227 5940 intelide - ok
18:16:07.0274 5940 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
18:16:07.0321 5940 intelppm - ok
18:16:07.0368 5940 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:16:07.0414 5940 IPBusEnum - ok
18:16:07.0430 5940 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:16:07.0477 5940 IpFilterDriver - ok
18:16:07.0508 5940 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:16:07.0570 5940 iphlpsvc - ok
18:16:07.0586 5940 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:16:07.0633 5940 IPMIDRV - ok
18:16:07.0680 5940 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:16:07.0773 5940 IPNAT - ok
18:16:07.0804 5940 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:16:07.0836 5940 IRENUM - ok
18:16:07.0898 5940 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:16:07.0992 5940 isapnp - ok
18:16:08.0054 5940 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:16:08.0101 5940 iScsiPrt - ok
18:16:08.0132 5940 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
18:16:08.0163 5940 kbdclass - ok
18:16:08.0210 5940 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:16:08.0272 5940 kbdhid - ok
18:16:08.0288 5940 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
18:16:08.0319 5940 KeyIso - ok
18:16:08.0506 5940 [ 8B5219318DF5895ABD230C373F2DF18A ] Kl1 C:\Windows\system32\DRIVERS\kl1.sys
18:16:08.0553 5940 Kl1 - ok
18:16:08.0662 5940 [ 65F3B81FA285EAB641F5E6EF7AEB984D ] KLIF C:\Windows\system32\DRIVERS\klif.sys
18:16:08.0725 5940 KLIF - ok
18:16:08.0787 5940 [ 630F22545379437737CF4172F09FE449 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
18:16:08.0803 5940 KLIM6 - ok
18:16:08.0912 5940 [ 2C43FD500522EF3B8C283A5846B7FC41 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
18:16:08.0943 5940 klkbdflt - ok
18:16:08.0990 5940 [ 70A6D2E292017EC47949696F51ABE18D ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
18:16:09.0006 5940 klmouflt - ok
18:16:09.0068 5940 [ A8081ED8D48FA611D11DB97F49A5343D ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
18:16:09.0084 5940 kltdi - ok
18:16:09.0162 5940 [ 185D21CB8F10CFB351FF65DA88C18BC9 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
18:16:09.0193 5940 kneps - ok
18:16:09.0271 5940 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:16:09.0349 5940 KSecDD - ok
18:16:09.0474 5940 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:16:09.0505 5940 KSecPkg - ok
18:16:09.0552 5940 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:16:09.0614 5940 ksthunk - ok
18:16:09.0645 5940 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:16:09.0723 5940 KtmRm - ok
18:16:09.0786 5940 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:16:09.0864 5940 LanmanServer - ok
18:16:09.0926 5940 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:16:10.0020 5940 LanmanWorkstation - ok
18:16:10.0066 5940 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:16:10.0144 5940 lltdio - ok
18:16:10.0176 5940 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:16:10.0238 5940 lltdsvc - ok
18:16:10.0269 5940 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:16:10.0316 5940 lmhosts - ok
18:16:10.0394 5940 [ 3D23191672D83E90D1CF63927EE98136 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:16:10.0425 5940 LMS - ok
18:16:10.0488 5940 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:16:10.0519 5940 LSI_FC - ok
18:16:10.0550 5940 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:16:10.0566 5940 LSI_SAS - ok
18:16:10.0597 5940 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:16:10.0612 5940 LSI_SAS2 - ok
18:16:10.0644 5940 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:16:10.0659 5940 LSI_SCSI - ok
18:16:10.0706 5940 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:16:10.0784 5940 luafv - ok
18:16:10.0862 5940 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:16:10.0878 5940 MBAMProtector - ok
18:16:11.0002 5940 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:16:11.0034 5940 MBAMScheduler - ok
18:16:11.0112 5940 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:16:11.0158 5940 MBAMService - ok
18:16:11.0221 5940 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:16:11.0268 5940 Mcx2Svc - ok
18:16:11.0299 5940 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
18:16:11.0314 5940 megasas - ok
18:16:11.0330 5940 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:16:11.0361 5940 MegaSR - ok
18:16:11.0408 5940 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:16:11.0486 5940 MMCSS - ok
18:16:11.0502 5940 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:16:11.0548 5940 Modem - ok
18:16:11.0564 5940 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:16:11.0595 5940 monitor - ok
18:16:11.0658 5940 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:16:11.0689 5940 mouclass - ok
18:16:11.0736 5940 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:16:11.0767 5940 mouhid - ok
18:16:11.0782 5940 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:16:11.0798 5940 mountmgr - ok
18:16:11.0907 5940 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:16:11.0938 5940 MozillaMaintenance - ok
18:16:11.0954 5940 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\drivers\mpio.sys
18:16:11.0985 5940 mpio - ok
18:16:12.0001 5940 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:16:12.0032 5940 mpsdrv - ok
18:16:12.0157 5940 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:16:12.0266 5940 MpsSvc - ok
18:16:12.0297 5940 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:16:12.0406 5940 MRxDAV - ok
18:16:12.0438 5940 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:16:12.0484 5940 mrxsmb - ok
18:16:12.0531 5940 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:16:12.0578 5940 mrxsmb10 - ok
18:16:12.0594 5940 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:16:12.0640 5940 mrxsmb20 - ok
18:16:12.0703 5940 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\drivers\msahci.sys
18:16:12.0734 5940 msahci - ok
18:16:12.0781 5940 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:16:12.0812 5940 msdsm - ok
18:16:12.0828 5940 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:16:12.0874 5940 MSDTC - ok
18:16:12.0921 5940 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:16:12.0968 5940 Msfs - ok
18:16:13.0015 5940 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:16:13.0093 5940 mshidkmdf - ok
18:16:13.0108 5940 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:16:13.0124 5940 msisadrv - ok
18:16:13.0155 5940 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:16:13.0233 5940 MSiSCSI - ok
18:16:13.0233 5940 msiserver - ok
18:16:13.0296 5940 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:16:13.0358 5940 MSKSSRV - ok
18:16:13.0374 5940 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:16:13.0467 5940 MSPCLOCK - ok
18:16:13.0498 5940 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:16:13.0545 5940 MSPQM - ok
18:16:13.0576 5940 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:16:13.0623 5940 MsRPC - ok
18:16:13.0654 5940 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:16:13.0670 5940 mssmbios - ok
18:16:13.0717 5940 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:16:13.0795 5940 MSTEE - ok
18:16:13.0826 5940 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:16:13.0873 5940 MTConfig - ok
18:16:13.0920 5940 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:16:13.0951 5940 Mup - ok
18:16:14.0060 5940 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
18:16:14.0169 5940 napagent - ok
18:16:14.0216 5940 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:16:14.0278 5940 NativeWifiP - ok
18:16:14.0356 5940 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
18:16:14.0419 5940 NDIS - ok
18:16:14.0466 5940 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:16:14.0497 5940 NdisCap - ok
18:16:14.0575 5940 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:16:14.0653 5940 NdisTapi - ok
18:16:14.0700 5940 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:16:14.0762 5940 Ndisuio - ok
18:16:14.0809 5940 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:16:14.0887 5940 NdisWan - ok
18:16:14.0902 5940 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:16:14.0934 5940 NDProxy - ok
18:16:14.0980 5940 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:16:15.0058 5940 NetBIOS - ok
18:16:15.0074 5940 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:16:15.0136 5940 NetBT - ok
18:16:15.0152 5940 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
18:16:15.0168 5940 Netlogon - ok
18:16:15.0230 5940 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:16:15.0308 5940 Netman - ok
18:16:15.0386 5940 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:16:15.0495 5940 netprofm - ok
18:16:15.0526 5940 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:16:15.0558 5940 NetTcpPortSharing - ok
18:16:15.0604 5940 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:16:15.0636 5940 nfrd960 - ok
18:16:15.0729 5940 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:16:15.0823 5940 NlaSvc - ok
18:16:15.0948 5940 [ 5839A8027D6D324A7CD494051A96628C ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
18:16:16.0072 5940 NOBU - ok
18:16:16.0104 5940 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:16:16.0150 5940 Npfs - ok
18:16:16.0182 5940 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:16:16.0244 5940 nsi - ok
18:16:16.0244 5940 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:16:16.0291 5940 nsiproxy - ok
18:16:16.0462 5940 [ 9A6089B056EA1B83B36424FC9D0A300E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:16:16.0556 5940 Ntfs - ok
18:16:16.0603 5940 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:16:16.0634 5940 Null - ok
18:16:16.0696 5940 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:16:16.0728 5940 nvraid - ok
18:16:16.0759 5940 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:16:16.0774 5940 nvstor - ok
18:16:16.0821 5940 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:16:16.0852 5940 nv_agp - ok
18:16:16.0884 5940 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:16:16.0930 5940 ohci1394 - ok
18:16:16.0962 5940 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:16:16.0993 5940 ose - ok
18:16:17.0508 5940 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:16:17.0679 5940 osppsvc - ok
18:16:17.0742 5940 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:16:17.0804 5940 p2pimsvc - ok
18:16:17.0820 5940 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:16:17.0851 5940 p2psvc - ok
18:16:17.0851 5940 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
18:16:17.0882 5940 Parport - ok
18:16:17.0929 5940 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:16:17.0960 5940 partmgr - ok
18:16:18.0007 5940 [ 9665402B7FA59302D520AD845DDFC026 ] Partner Service C:\ProgramData\Partner\Partner.exe
18:16:18.0038 5940 Partner Service - ok
18:16:18.0085 5940 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:16:18.0147 5940 PcaSvc - ok
18:16:18.0178 5940 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\drivers\pci.sys
18:16:18.0194 5940 pci - ok
18:16:18.0256 5940 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:16:18.0288 5940 pciide - ok
18:16:18.0319 5940 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:16:18.0334 5940 pcmcia - ok
18:16:18.0350 5940 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:16:18.0366 5940 pcw - ok
18:16:18.0412 5940 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:16:18.0568 5940 PEAUTH - ok
18:16:18.0896 5940 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:16:18.0927 5940 PerfHost - ok
18:16:19.0005 5940 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
18:16:19.0130 5940 pla - ok
18:16:19.0208 5940 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:16:19.0255 5940 PlugPlay - ok
18:16:19.0426 5940 [ 63694C307273062A2167AE4CE80730EF ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
18:16:19.0458 5940 PMBDeviceInfoProvider - ok
18:16:19.0489 5940 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:16:19.0520 5940 PNRPAutoReg - ok
18:16:19.0551 5940 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:16:19.0582 5940 PNRPsvc - ok
18:16:19.0614 5940 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:16:19.0738 5940 PolicyAgent - ok
18:16:19.0785 5940 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:16:19.0816 5940 Power - ok
18:16:19.0879 5940 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:16:19.0957 5940 PptpMiniport - ok
18:16:19.0988 5940 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
18:16:20.0035 5940 Processor - ok
18:16:20.0113 5940 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
18:16:20.0191 5940 ProfSvc - ok
18:16:20.0206 5940 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:16:20.0222 5940 ProtectedStorage - ok
18:16:20.0269 5940 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:16:20.0331 5940 Psched - ok
18:16:20.0378 5940 [ FBF4DB6D53585437E41A113300002A2B ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
18:16:20.0394 5940 PxHlpa64 - ok
18:16:20.0456 5940 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:16:20.0550 5940 ql2300 - ok
18:16:20.0581 5940 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:16:20.0596 5940 ql40xx - ok
18:16:20.0612 5940 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:16:20.0643 5940 QWAVE - ok
18:16:20.0659 5940 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:16:20.0721 5940 QWAVEdrv - ok
18:16:20.0737 5940 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:16:20.0815 5940 RasAcd - ok
18:16:20.0862 5940 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:16:20.0893 5940 RasAgileVpn - ok
18:16:20.0924 5940 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:16:20.0986 5940 RasAuto - ok
18:16:21.0018 5940 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:16:21.0049 5940 Rasl2tp - ok
18:16:21.0080 5940 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
18:16:21.0127 5940 RasMan - ok
18:16:21.0205 5940 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:16:21.0283 5940 RasPppoe - ok
18:16:21.0314 5940 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:16:21.0361 5940 RasSstp - ok
18:16:21.0408 5940 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:16:21.0486 5940 rdbss - ok
18:16:21.0501 5940 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
18:16:21.0548 5940 rdpbus - ok
18:16:21.0564 5940 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:16:21.0595 5940 RDPCDD - ok
18:16:21.0657 5940 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:16:21.0720 5940 RDPENCDD - ok
18:16:21.0766 5940 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:16:21.0798 5940 RDPREFMP - ok
18:16:21.0844 5940 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:16:21.0891 5940 RDPWD - ok
18:16:21.0969 5940 [ E5DC9BA9E439D6DBDD79F8CAACB5BF01 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:16:22.0000 5940 rdyboost - ok
18:16:22.0078 5940 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:16:22.0141 5940 RemoteAccess - ok
18:16:22.0172 5940 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:16:22.0234 5940 RemoteRegistry - ok
18:16:22.0266 5940 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:16:22.0312 5940 RFCOMM - ok
18:16:22.0406 5940 [ FA6ABC06B629DA29634D31F1FE0347BD ] rimspci C:\Windows\system32\drivers\rimssne64.sys
18:16:22.0437 5940 rimspci - ok
18:16:22.0484 5940 [ 8F8539A7F5C117D4407B2985995671F2 ] risdsnpe C:\Windows\system32\drivers\risdsne64.sys
18:16:22.0546 5940 risdsnpe - ok
18:16:22.0593 5940 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:16:22.0671 5940 RpcEptMapper - ok
18:16:22.0702 5940 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:16:22.0718 5940 RpcLocator - ok
18:16:22.0734 5940 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
18:16:22.0780 5940 RpcSs - ok
18:16:22.0843 5940 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:16:22.0921 5940 rspndr - ok
18:16:22.0968 5940 [ C8D0CA461D647165DD5C8DE1FF5EA822 ] rsvcdwdr C:\Windows\system32\DRIVERS\rsvcdwdr.sys
18:16:22.0999 5940 rsvcdwdr - ok
18:16:23.0077 5940 [ D6D381B76056C668679723938F06F16C ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
18:16:23.0108 5940 RTHDMIAzAudService - ok
18:16:23.0155 5940 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
18:16:23.0170 5940 SamSs - ok
18:16:23.0202 5940 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:16:23.0217 5940 sbp2port - ok
18:16:23.0233 5940 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:16:23.0280 5940 SCardSvr - ok
18:16:23.0311 5940 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:16:23.0358 5940 scfilter - ok
18:16:23.0436 5940 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
18:16:23.0576 5940 Schedule - ok
18:16:23.0623 5940 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:16:23.0654 5940 SCPolicySvc - ok
18:16:23.0748 5940 [ 2C8D162EFAF73ABD36D8BCBB6340CAE7 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
18:16:23.0794 5940 sdbus - ok
18:16:23.0841 5940 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:16:23.0919 5940 SDRSVC - ok
18:16:23.0966 5940 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:16:24.0044 5940 secdrv - ok
18:16:24.0060 5940 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
18:16:24.0122 5940 seclogon - ok
18:16:24.0138 5940 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:16:24.0200 5940 SENS - ok
18:16:24.0231 5940 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:16:24.0294 5940 SensrSvc - ok
18:16:24.0340 5940 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
18:16:24.0372 5940 Serenum - ok
18:16:24.0387 5940 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
18:16:24.0418 5940 Serial - ok
18:16:24.0450 5940 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:16:24.0496 5940 sermouse - ok
18:16:24.0543 5940 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
18:16:24.0590 5940 SessionEnv - ok
18:16:24.0668 5940 [ 286D3889E6AB5589646FF8A63CB928AE ] SFEP C:\Windows\system32\drivers\SFEP.sys
18:16:24.0699 5940 SFEP - ok
18:16:24.0715 5940 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:16:24.0762 5940 sffdisk - ok
18:16:24.0808 5940 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:16:24.0840 5940 sffp_mmc - ok
18:16:24.0855 5940 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:16:24.0902 5940 sffp_sd - ok
18:16:24.0902 5940 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:16:24.0949 5940 sfloppy - ok
18:16:25.0011 5940 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
18:16:25.0074 5940 Sftfs - ok
18:16:25.0152 5940 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
18:16:25.0198 5940 sftlist - ok
18:16:25.0214 5940 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
18:16:25.0230 5940 Sftplay - ok
18:16:25.0245 5940 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
18:16:25.0261 5940 Sftredir - ok
18:16:25.0308 5940 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
18:16:25.0323 5940 Sftvol - ok
18:16:25.0339 5940 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
18:16:25.0354 5940 sftvsa - ok
18:16:25.0401 5940 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:16:25.0464 5940 SharedAccess - ok
18:16:25.0510 5940 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:16:25.0573 5940 ShellHWDetection - ok
18:16:25.0620 5940 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:16:25.0651 5940 SiSRaid2 - ok
18:16:25.0666 5940 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:16:25.0682 5940 SiSRaid4 - ok
18:16:25.0791 5940 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:16:25.0822 5940 SkypeUpdate - ok
18:16:25.0885 5940 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:16:25.0963 5940 Smb - ok
18:16:26.0010 5940 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:16:26.0056 5940 SNMPTRAP - ok
18:16:26.0150 5940 [ C3E69DB0A4E59564230E053232F39AC7 ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
18:16:26.0181 5940 SOHCImp - ok
18:16:26.0212 5940 [ 65CC4779A29C3E82B987BD4961790DFF ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
18:16:26.0244 5940 SOHDms - ok
18:16:26.0244 5940 [ F47D75CEE1844EEF4A9EA6EE768828FB ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
18:16:26.0259 5940 SOHDs - ok
18:16:26.0337 5940 [ C03E480E63A80D73FABE28D24D3B6B47 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
18:16:26.0368 5940 SpfService - ok
18:16:26.0400 5940 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:16:26.0415 5940 spldr - ok
18:16:26.0509 5940 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
18:16:26.0587 5940 Spooler - ok
18:16:26.0930 5940 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
18:16:27.0086 5940 sppsvc - ok
18:16:27.0133 5940 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:16:27.0180 5940 sppuinotify - ok
18:16:27.0258 5940 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:16:27.0336 5940 srv - ok
18:16:27.0351 5940 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:16:27.0382 5940 srv2 - ok
18:16:27.0398 5940 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:16:27.0445 5940 srvnet - ok
18:16:27.0507 5940 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
18:16:27.0585 5940 ssadbus - ok
18:16:27.0632 5940 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
18:16:27.0694 5940 ssadmdfl - ok
18:16:27.0710 5940 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
18:16:27.0741 5940 ssadmdm - ok
18:16:27.0819 5940 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:16:27.0897 5940 SSDPSRV - ok
18:16:27.0928 5940 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:16:27.0960 5940 SstpSvc - ok
18:16:28.0022 5940 [ EA8F41484CCC5BA6A1455C2AD3D1BE3C ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
18:16:28.0038 5940 ssudmdm - ok
18:16:28.0069 5940 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:16:28.0084 5940 stexstor - ok
18:16:28.0162 5940 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
18:16:28.0209 5940 StillCam - ok
18:16:28.0318 5940 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
18:16:28.0381 5940 stisvc - ok
18:16:28.0412 5940 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:16:28.0428 5940 swenum - ok
18:16:28.0474 5940 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:16:28.0537 5940 swprv - ok
18:16:28.0584 5940 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
18:16:28.0677 5940 SysMain - ok
18:16:28.0708 5940 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:16:28.0740 5940 TabletInputService - ok
18:16:28.0755 5940 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
18:16:28.0818 5940 TapiSrv - ok
18:16:28.0849 5940 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:16:28.0927 5940 TBS - ok
18:16:29.0005 5940 [ 5CFB7AB8F9524D1A1E14369DE63B83CC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:16:29.0114 5940 Tcpip - ok
18:16:29.0208 5940 [ 5CFB7AB8F9524D1A1E14369DE63B83CC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:16:29.0270 5940 TCPIP6 - ok
18:16:29.0286 5940 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:16:29.0379 5940 tcpipreg - ok
18:16:29.0410 5940 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:16:29.0488 5940 TDPIPE - ok
18:16:29.0535 5940 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:16:29.0613 5940 TDTCP - ok
18:16:29.0660 5940 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:16:29.0738 5940 tdx - ok
18:16:29.0769 5940 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:16:29.0785 5940 TermDD - ok
18:16:29.0910 5940 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
18:16:30.0034 5940 TermService - ok
18:16:30.0066 5940 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:16:30.0128 5940 Themes - ok
18:16:30.0175 5940 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:16:30.0237 5940 THREADORDER - ok
18:16:30.0284 5940 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:16:30.0362 5940 TrkWks - ok
18:16:30.0409 5940 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:16:30.0471 5940 TrustedInstaller - ok
18:16:30.0502 5940 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:16:30.0580 5940 tssecsrv - ok
18:16:30.0612 5940 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:16:30.0658 5940 tunnel - ok
18:16:30.0690 5940 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:16:30.0705 5940 uagp35 - ok
18:16:30.0752 5940 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
18:16:30.0768 5940 uCamMonitor - ok
18:16:30.0799 5940 [ 0E5E962B5649D544BE54E8C90761EA2B ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:16:30.0861 5940 udfs - ok
18:16:30.0877 5940 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:16:30.0908 5940 UI0Detect - ok
18:16:30.0970 5940 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:16:30.0986 5940 uliagpkx - ok
18:16:31.0048 5940 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:16:31.0126 5940 umbus - ok
18:16:31.0158 5940 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
18:16:31.0204 5940 UmPass - ok
18:16:31.0485 5940 [ 11A559E0F10CC5E788984023DF400A6F ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:16:31.0579 5940 UNS - ok
18:16:31.0626 5940 Update-Service - ok
18:16:31.0704 5940 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:16:31.0813 5940 upnphost - ok
18:16:31.0906 5940 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:16:31.0984 5940 usbccgp - ok
18:16:32.0031 5940 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:16:32.0094 5940 usbcir - ok
18:16:32.0125 5940 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:16:32.0156 5940 usbehci - ok
18:16:32.0172 5940 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:16:32.0203 5940 usbhub - ok
18:16:32.0250 5940 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:16:32.0281 5940 usbohci - ok
18:16:32.0328 5940 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:16:32.0374 5940 usbprint - ok
18:16:32.0406 5940 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:16:32.0468 5940 USBSTOR - ok
18:16:32.0515 5940 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:16:32.0562 5940 usbuhci - ok
18:16:32.0624 5940 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
18:16:32.0686 5940 usbvideo - ok
18:16:32.0718 5940 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:16:32.0764 5940 UxSms - ok
18:16:32.0842 5940 [ A60605FC66552B421EE1F3D4EBB9A4E0 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
18:16:32.0874 5940 VAIO Event Service - ok
18:16:32.0952 5940 [ D469BE2723F79CF4B384680B1FDC577D ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
18:16:33.0014 5940 VAIO Power Management - ok
18:16:33.0030 5940 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
18:16:33.0045 5940 VaultSvc - ok
18:16:33.0279 5940 [ ADD5A5BA64D0710E1C764A8D4DAD510E ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
18:16:33.0310 5940 VCFw - ok
18:16:33.0404 5940 [ EEE5AD6FB40B35F7867C3A49B98BB4EF ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
18:16:33.0435 5940 VcmIAlzMgr - ok
18:16:33.0498 5940 [ E005B04DFCA99F5880C5111933194CA9 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
18:16:33.0529 5940 VcmINSMgr - ok
18:16:33.0591 5940 [ 9BC1F203C5604C24F345BCFCD6956BAE ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
18:16:33.0622 5940 VcmXmlIfHelper - ok
18:16:33.0700 5940 [ D347D3ABE070AA09C22FC37121555D52 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
18:16:33.0716 5940 VCService - ok
18:16:33.0794 5940 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:16:33.0841 5940 vdrvroot - ok
18:16:33.0872 5940 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
18:16:33.0903 5940 vds - ok
18:16:33.0966 5940 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:16:33.0997 5940 vga - ok
18:16:34.0012 5940 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:16:34.0059 5940 VgaSave - ok
18:16:34.0106 5940 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:16:34.0137 5940 vhdmp - ok
18:16:34.0153 5940 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:16:34.0168 5940 viaide - ok
18:16:34.0200 5940 Virtual CDAudio Service - ok
18:16:34.0246 5940 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:16:34.0278 5940 volmgr - ok
18:16:34.0293 5940 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:16:34.0324 5940 volmgrx - ok
18:16:34.0387 5940 [ 9E425AC5C9A5A973273D169F43B4F5E1 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:16:34.0418 5940 volsnap - ok
18:16:34.0465 5940 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:16:34.0512 5940 vsmraid - ok
18:16:34.0605 5940 [ A7EB62C664A03901165290A714BD48D0 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
18:16:34.0683 5940 VSNService ( UnsignedFile.Multi.Generic ) - warning
18:16:34.0683 5940 VSNService - detected UnsignedFile.Multi.Generic (1)
18:16:34.0746 5940 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
18:16:34.0855 5940 VSS - ok
18:16:35.0042 5940 [ D2D646D4D686C6996BA1FF96E11BE570 ] VUAgent C:\Program Files\Sony\VAIO Update\VUAgent.exe
18:16:35.0073 5940 VUAgent - ok
18:16:35.0167 5940 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:16:35.0182 5940 vwifibus - ok
18:16:35.0198 5940 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:16:35.0245 5940 vwififlt - ok
18:16:35.0354 5940 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:16:35.0385 5940 vwifimp - ok
18:16:35.0401 5940 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:16:35.0463 5940 W32Time - ok
18:16:35.0510 5940 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:16:35.0557 5940 WacomPen - ok
18:16:35.0635 5940 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:16:35.0728 5940 WANARP - ok
18:16:35.0728 5940 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:16:35.0760 5940 Wanarpv6 - ok
18:16:35.0869 5940 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:16:35.0931 5940 WatAdminSvc - ok
18:16:36.0040 5940 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
18:16:36.0118 5940 wbengine - ok
18:16:36.0150 5940 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:16:36.0181 5940 WbioSrvc - ok
18:16:36.0212 5940 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:16:36.0259 5940 wcncsvc - ok
18:16:36.0274 5940 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:16:36.0306 5940 WcsPlugInService - ok
18:16:36.0337 5940 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
18:16:36.0368 5940 Wd - ok
18:16:36.0415 5940 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:16:36.0508 5940 Wdf01000 - ok
18:16:36.0524 5940 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:16:36.0555 5940 WdiServiceHost - ok
18:16:36.0571 5940 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:16:36.0586 5940 WdiSystemHost - ok
18:16:36.0633 5940 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
18:16:36.0696 5940 WebClient - ok
18:16:36.0727 5940 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:16:36.0789 5940 Wecsvc - ok
18:16:36.0820 5940 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:16:36.0898 5940 wercplsupport - ok
18:16:36.0930 5940 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:16:36.0961 5940 WerSvc - ok
18:16:37.0023 5940 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:16:37.0101 5940 WfpLwf - ok
18:16:37.0148 5940 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:16:37.0179 5940 WIMMount - ok
18:16:37.0195 5940 WinDefend - ok
18:16:37.0195 5940 WinHttpAutoProxySvc - ok
18:16:37.0273 5940 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:16:37.0335 5940 Winmgmt - ok
18:16:37.0554 5940 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
18:16:37.0694 5940 WinRM - ok
18:16:37.0803 5940 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:16:37.0834 5940 WinUsb - ok
18:16:37.0897 5940 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:16:37.0975 5940 Wlansvc - ok
18:16:38.0193 5940 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:16:38.0287 5940 wlidsvc - ok
18:16:38.0302 5940 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:16:38.0318 5940 WmiAcpi - ok
18:16:38.0349 5940 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:16:38.0380 5940 wmiApSrv - ok
18:16:38.0474 5940 WMPNetworkSvc - ok
18:16:38.0505 5940 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:16:38.0536 5940 WPCSvc - ok
18:16:38.0552 5940 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:16:38.0599 5940 WPDBusEnum - ok
18:16:38.0614 5940 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:16:38.0661 5940 ws2ifsl - ok
18:16:38.0692 5940 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\System32\wscsvc.dll
18:16:38.0724 5940 wscsvc - ok
18:16:38.0724 5940 WSearch - ok
18:16:38.0942 5940 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:16:39.0036 5940 wuauserv - ok
18:16:39.0082 5940 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:16:39.0114 5940 WudfPf - ok
18:16:39.0176 5940 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:16:39.0238 5940 WUDFRd - ok
18:16:39.0270 5940 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:16:39.0316 5940 wudfsvc - ok
18:16:39.0363 5940 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:16:39.0394 5940 WwanSvc - ok
18:16:39.0535 5940 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
18:16:39.0582 5940 YahooAUService - ok
18:16:39.0706 5940 [ 5250193EF8E173AA7491250F00EB367F ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
18:16:39.0738 5940 yukonw7 - ok
18:16:39.0738 5940 ================ Scan global ===============================
18:16:39.0816 5940 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:16:39.0878 5940 [ 3FB74FF230B5D240A57AE1C4A3D0459D ] C:\Windows\system32\winsrv.dll
18:16:39.0894 5940 [ 3FB74FF230B5D240A57AE1C4A3D0459D ] C:\Windows\system32\winsrv.dll
18:16:39.0925 5940 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:16:39.0956 5940 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:16:39.0972 5940 [Global] - ok
18:16:39.0972 5940 ================ Scan MBR ==================================
18:16:39.0987 5940 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:16:40.0674 5940 \Device\Harddisk0\DR0 - ok
18:16:40.0674 5940 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
18:16:41.0188 5940 \Device\Harddisk1\DR1 - ok
18:16:41.0188 5940 ================ Scan VBR ==================================
18:16:41.0204 5940 [ 7D4AE33E9D84F6D6153EBDECECA63ED5 ] \Device\Harddisk0\DR0\Partition1
18:16:41.0204 5940 \Device\Harddisk0\DR0\Partition1 - ok
18:16:41.0220 5940 [ 28D667B0C2107FCE1073698932CFDECE ] \Device\Harddisk0\DR0\Partition2
18:16:41.0220 5940 \Device\Harddisk0\DR0\Partition2 - ok
18:16:41.0220 5940 [ D4B6FF28C84C3077677D38010241A70E ] \Device\Harddisk1\DR1\Partition1
18:16:41.0220 5940 \Device\Harddisk1\DR1\Partition1 - ok
18:16:41.0220 5940 ============================================================
18:16:41.0220 5940 Scan finished
18:16:41.0220 5940 ============================================================
18:16:41.0235 4412 Detected object count: 4
18:16:41.0235 4412 Actual detected object count: 4
18:17:35.0243 4412 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
18:17:35.0243 4412 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:17:35.0243 4412 igfx ( UnsignedFile.Multi.Generic ) - skipped by user
18:17:35.0243 4412 igfx ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:17:35.0243 4412 IntcDAud ( UnsignedFile.Multi.Generic ) - skipped by user
18:17:35.0243 4412 IntcDAud ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:17:35.0243 4412 VSNService ( UnsignedFile.Multi.Generic ) - skipped by user
18:17:35.0243 4412 VSNService ( UnsignedFile.Multi.Generic ) - User select action: Skip
__________________

Alt 13.06.2013, 17:44   #4
markusg
/// Malware-holic
 
Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen" - Standard

Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen"



Hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 14.06.2013, 14:36   #5
crusherxxx
 
Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen" - Standard

Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen"



Combofix Logfile:
Code:
ATTFilter
ComboFix 13-06-13.01 - Bandick 14.06.2013  15:21:45.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1031.18.3950.1897 [GMT 2:00]
ausgeführt von:: c:\users\Bandick\Desktop\ComboFix.exe
AV: Kaspersky PURE 3.0 *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
FW: Kaspersky PURE 3.0 *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
SP: Kaspersky PURE 3.0 *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\BrowserCompanion
c:\program files (x86)\BrowserCompanion\ack.end
c:\program files (x86)\BrowserCompanion\BCHelper.exe
c:\program files (x86)\BrowserCompanion\blabbers-ch.crx
c:\program files (x86)\BrowserCompanion\blabbers-ff-full.xpi
c:\program files (x86)\BrowserCompanion\jsloader.dll
c:\program files (x86)\BrowserCompanion\logo.ico
c:\program files (x86)\BrowserCompanion\sqlite3.dll
c:\program files (x86)\BrowserCompanion\tdataprotocol.dll
c:\program files (x86)\BrowserCompanion\terms.lnk.url
c:\program files (x86)\BrowserCompanion\toolbar.dll
c:\program files (x86)\BrowserCompanion\uninstall.exe
c:\program files (x86)\BrowserCompanion\updatebhoWin32.dll
c:\program files (x86)\BrowserCompanion\updatebhoWin32.dll_1
c:\program files (x86)\BrowserCompanion\updater.ini
c:\program files (x86)\BrowserCompanion\widgetserv.exe
c:\programdata\ntuser.dat
c:\users\Bandick\Desktop\Setup.exe
c:\windows\security\Database\tmp.edb
c:\windows\SysWow64\muzapp.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-05-14 bis 2013-06-14  ))))))))))))))))))))))))))))))
.
.
2013-06-14 13:30 . 2013-06-14 13:30	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-06-14 13:23 . 2013-06-14 13:23	76232	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{95716791-6D1C-424E-B564-76A8DC1ACD6A}\offreg.dll
2013-06-14 12:49 . 2013-05-13 23:48	9460464	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{95716791-6D1C-424E-B564-76A8DC1ACD6A}\mpengine.dll
2013-06-13 14:47 . 2013-06-13 14:47	--------	d-----w-	c:\users\Bandick\AppData\Roaming\Malwarebytes
2013-06-13 14:47 . 2013-06-13 14:47	--------	d-----w-	c:\programdata\Malwarebytes
2013-06-13 14:47 . 2013-06-13 14:47	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-06-13 14:47 . 2013-04-04 12:50	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-06-13 11:42 . 2012-07-11 15:09	64856	----a-w-	c:\windows\system32\klfphc.dll
2013-06-13 11:42 . 2011-06-02 12:39	66616	----a-w-	c:\windows\system32\drivers\CSVirtualDiskDrv.sys
2013-06-13 11:42 . 2011-06-02 12:39	84536	----a-w-	c:\windows\system32\drivers\CSCrySec.sys
2013-06-13 11:41 . 2013-06-13 11:41	--------	d-----w-	c:\windows\ELAMBKUP
2013-06-12 08:52 . 2013-06-12 08:52	--------	d-----w-	C:\found.000
2013-06-06 22:08 . 2013-06-06 22:08	0	----a-w-	c:\windows\SysWow64\sho396B.tmp
2013-06-06 20:44 . 2013-06-06 20:44	--------	d-----w-	c:\program files (x86)\Microsoft
2013-06-06 20:43 . 2013-06-14 12:49	--------	d-----w-	c:\users\Bandick\AppData\Roaming\HpUpdate
2013-06-06 20:43 . 2012-10-17 02:31	741480	------w-	c:\windows\system32\HPDiscoPM5912.dll
2013-06-06 20:42 . 2013-06-06 20:42	--------	d-----w-	c:\programdata\HP
2013-06-06 20:42 . 2013-06-06 20:43	--------	d-----w-	c:\program files (x86)\HP
2013-06-06 20:42 . 2013-06-06 20:42	--------	d-----w-	c:\program files\HP
2013-06-06 20:41 . 2013-06-06 20:49	--------	d-----w-	c:\users\Bandick\AppData\Local\HP
2013-06-04 07:15 . 2013-06-04 07:15	103448	----a-w-	c:\windows\system32\drivers\ssudbus.sys
2013-06-04 07:15 . 2013-06-04 07:15	203672	----a-w-	c:\windows\system32\drivers\ssudmdm.sys
2013-05-31 06:14 . 2013-03-19 06:19	5497688	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-05-31 06:14 . 2013-03-19 05:06	3902312	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-05-31 06:14 . 2013-03-19 05:06	3958120	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-05-31 06:14 . 2013-03-19 05:54	43520	----a-w-	c:\windows\system32\csrsrv.dll
2013-05-31 06:14 . 2013-03-19 04:53	6656	----a-w-	c:\windows\SysWow64\apisetschema.dll
2013-05-31 06:14 . 2013-03-19 03:19	112640	----a-w-	c:\windows\system32\smss.exe
2013-05-31 06:13 . 2013-04-12 14:36	1653096	----a-w-	c:\windows\system32\drivers\ntfs.sys
2013-05-31 06:12 . 2013-02-12 15:37	3138048	----a-w-	c:\windows\system32\mstscax.dll
2013-05-31 06:12 . 2013-02-12 15:13	2691072	----a-w-	c:\windows\SysWow64\mstscax.dll
2013-05-31 06:12 . 2013-02-12 15:42	44032	----a-w-	c:\windows\system32\tsgqec.dll
2013-05-31 06:12 . 2013-02-12 15:31	158208	----a-w-	c:\windows\system32\aaclient.dll
2013-05-31 06:12 . 2013-02-12 15:07	131072	----a-w-	c:\windows\SysWow64\aaclient.dll
2013-05-31 06:12 . 2013-02-12 13:59	36864	----a-w-	c:\windows\SysWow64\tsgqec.dll
2013-05-31 06:12 . 2013-03-01 03:32	3150848	----a-w-	c:\windows\system32\win32k.sys
2013-05-31 06:12 . 2013-01-24 05:41	223752	----a-w-	c:\windows\system32\drivers\fvevol.sys
2013-05-31 06:04 . 2013-05-31 06:04	0	----a-w-	c:\windows\SysWow64\sho9B83.tmp
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-12 19:50 . 2011-04-11 19:12	75825640	----a-w-	c:\windows\system32\MRT.exe
2013-06-12 12:02 . 2012-04-20 05:34	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-12 12:02 . 2011-06-06 05:41	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-31 05:57 . 2011-03-28 16:36	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 00:06 . 2011-06-10 21:04	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-04-13 13:28 . 2011-04-09 11:08	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-04-13 13:22 . 2011-04-09 11:07	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-04-13 13:22 . 2011-04-27 12:44	1236816	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-04-04 03:35 . 2013-05-15 09:29	95648	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-31 14:00 . 2011-06-18 20:00	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-03-31 13:59 . 2011-06-18 20:00	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-03-30 18:19 . 2013-03-30 18:19	0	----a-w-	c:\windows\SysWow64\shoE7E0.tmp
2013-03-30 14:31 . 2013-03-30 14:31	0	----a-w-	c:\windows\SysWow64\sho605B.tmp
2013-03-25 20:37 . 2013-03-25 20:34	220912408	----a-w-	c:\users\Bandick\DE-SkiChallenge13.exe
2013-03-21 10:40 . 2012-07-16 18:57	861088	----a-w-	c:\windows\SysWow64\npdeployJava1.dll
2013-03-21 10:40 . 2010-11-25 07:51	782240	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-03-20 18:43 . 2013-03-20 18:43	0	----a-w-	c:\windows\SysWow64\sho66CA.tmp
2011-01-19 11:34 . 2011-01-19 11:34	3003392	----a-w-	c:\program files\openofficeorg33.msi
2011-01-19 11:33 . 2011-01-19 11:33	475016	----a-w-	c:\program files\setup.exe
2007-03-12 17:59 . 2007-03-12 17:59	299008	----a-w-	c:\program files (x86)\navigram_register.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2013-02-08 1520776]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2010-11-25 07:36	433648	----a-w-	c:\programdata\Partner\Partner.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2013-02-08 13:55	1520776	----a-w-	c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2013-02-08 1520776]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
@="{dd230880-495a-11d1-b064-008048ec2fc5}"
[HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
2012-12-20 16:20	459784	----a-w-	c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CAHeadless"="c:\program files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe" [2009-10-09 615808]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2013-01-10 844144]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-11-25 39408]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2013-01-10 1475952]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18705664]
"HP Officejet Pro 8600 (NET)"="c:\program files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" [2012-10-17 2573416]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2010-05-31 673136]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-20 102400]
"SHTtray.exe"="c:\program files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe" [2010-06-20 99696]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-01-10 310128]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2013-02-08 1644680]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe" [2012-12-20 356968]
.
c:\users\Bandick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Game Alarm.lnk - c:\games\Game Alarm\gamealarm.exe -silent 2 [2013-3-25 19721728]
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Officejet Pro 8600\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN31ABVHFC05KC;CONNECTION=NW;MONITOR=1; [2009-7-14 45568]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-9 1128224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 Update-Service;Update-Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R2 Virtual CDAudio Service;Virtual CDAudio Service;f:\audials_8_0_46302_200_portable\VCDWriter\64\VCDAudioService.exe;f:\audials_8_0_46302_200_portable\VCDWriter\64\VCDAudioService.exe [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 Partner Service;Partner Service;c:\programdata\Partner\Partner.exe;c:\programdata\Partner\Partner.exe [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 CSCrySec;InfoWatch Encrypt Sector Library driver;c:\windows\system32\DRIVERS\CSCrySec.sys;c:\windows\SYSNATIVE\DRIVERS\CSCrySec.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;c:\windows\system32\DRIVERS\CSVirtualDiskDrv.sys;c:\windows\SYSNATIVE\DRIVERS\CSVirtualDiskDrv.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 CSObjectsSrv;Verwaltungsservice vom CryproStorage-System;c:\program files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe;c:\program files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys;c:\windows\SYSNATIVE\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys;c:\windows\SYSNATIVE\drivers\risdsne64.sys [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
S2 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [x]
S2 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys;c:\windows\SYSNATIVE\drivers\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 rsvcdwdr;rsvcdwdr;c:\windows\system32\DRIVERS\rsvcdwdr.sys;c:\windows\SYSNATIVE\DRIVERS\rsvcdwdr.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe;c:\program files\Sony\VAIO Update\VUAgent.exe [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Update-Service-Installer-Service	REG_MULTI_SZ   	Update-Service-Installer-Service
Update-Service	REG_MULTI_SZ   	Update-Service
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-06 09:31	1165776	----a-w-	c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-20 12:02]
.
2013-06-14 c:\windows\Tasks\GinyasBrowserCompanion Chrome Watcher.job
- c:\programdata\GinyasBrowserCompanion\tbhcn.exe [2013-02-18 10:50]
.
2013-06-14 c:\windows\Tasks\GinyasBrowserCompanion FireFox Watcher.job
- c:\programdata\GinyasBrowserCompanion\tbhcn.exe [2013-02-18 10:50]
.
2013-06-14 c:\windows\Tasks\GinyasBrowserCompanion Runner.job
- c:\programdata\GinyasBrowserCompanion\tbhcn.exe [2013-02-18 10:50]
.
2013-06-14 c:\windows\Tasks\GinyasBrowserCompanion Stats Report.job
- c:\programdata\GinyasBrowserCompanion\tbhcn.exe [2013-02-18 10:50]
.
2013-06-14 c:\windows\Tasks\GinyasBrowserCompanion Update Checker.job
- c:\programdata\GinyasBrowserCompanion\tbhcn.exe [2013-02-18 10:50]
.
2013-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-25 07:36]
.
2013-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-25 07:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2010-11-25 07:36	750064	----a-w-	c:\programdata\Partner\Partner64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
@="{dd230880-495a-11d1-b064-008048ec2fc5}"
[HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
2012-12-20 16:22	492040	----a-w-	c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\shellex.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-05-31 10775584]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-05-31 2040352]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Hinzufügen zu Anti-Banner - c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm
TCP: DhcpNameServer = 192.168.1.1
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - 
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - 
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - 
FF - ProfilePath - c:\users\Bandick\AppData\Roaming\Mozilla\Firefox\Profiles\bsn6v8jn.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=06311987-63FB-4024-9212-769F21BE9726&apn_ptnrs=&apn_sauid=9AFE8EC9-7E45-4510-A157-0F6D3849F425&apn_dtid=OSJ000&&q=
FF - ExtSQL: 2013-06-12 16:01; anti_banner@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
FF - ExtSQL: 2013-06-12 16:01; content_blocker@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
FF - ExtSQL: 2013-06-12 16:01; online_banking@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com
FF - ExtSQL: 2013-06-12 16:01; url_advisor@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
FF - ExtSQL: 2013-06-12 16:01; virtual_keyboard@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{00cbb66b-1d3b-46d3-9577-323a336acb50} - c:\program files (x86)\BrowserCompanion\jsloader.dll
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-Browser companion helper - c:\program files (x86)\BrowserCompanion\BCHelper.exe
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
AddRemove-BrowserCompanion - c:\program files (x86)\BrowserCompanion\uninstall.exe
AddRemove-GinyasBrowserCompanion - c:\program files (x86)\BrowserCompanion\uninstall.exe
AddRemove-InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3} - c:\program files (x86)\InstallShield Installation Information\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2047115178-1967158156-820026315-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-2047115178-1967158156-820026315-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Philips]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-06-14  15:33:37
ComboFix-quarantined-files.txt  2013-06-14 13:33
.
Vor Suchlauf: 18 Verzeichnis(se), 299.360.202.752 Bytes frei
Nach Suchlauf: 25 Verzeichnis(se), 299.385.315.328 Bytes frei
.
- - End Of File - - 0EA3818E619A0A9D70DEDB856CEBC6DD
         
--- --- ---
D41D8CD98F00B204E9800998ECF8427E


Alt 14.06.2013, 19:08   #6
markusg
/// Malware-holic
 
Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen" - Standard

Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen"



poste alle bisherigen Malwarebytes Logs mit funden:
http://www.trojaner-board.de/125889-...en-posten.html
__________________
--> Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen"

Alt 17.06.2013, 11:00   #7
crusherxxx
 
Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen" - Standard

Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen"



hi, ich habe nur diese Logdatei (gerade eben Scan durchgeführt mit Malwarebytes Anti-Malware):


Malwarebytes Anti-Malware (Test) 1.75.0.1300
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2013.06.16.04

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Bandick :: BANDICK-VAIO [Administrator]

Schutz: Aktiviert

17.06.2013 09:51:36
MBAM-log-2013-06-17 (11-57-46).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|Q:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 409967
Laufzeit: 1 Stunde(n), 17 Minute(n), 33 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 14
HKCR\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\updatebho.TimerBHO.1 (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\updatebho.TimerBHO (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\PROTOCOLS\HANDLER\BASE64 (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\PROTOCOLS\HANDLER\CHROME (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\PROTOCOLS\HANDLER\PROX (PUP.Blabbers) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 3
HKCR\protocols\Handler\base64|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Keine Aktion durchgeführt.
HKCR\protocols\Handler\chrome|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Keine Aktion durchgeführt.
HKCR\protocols\Handler\prox|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 3
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache (PUP.Blabbers) -> Keine Aktion durchgeführt.

Infizierte Dateien: 198
C:\Qoobox\Quarantine\C\Program Files (x86)\BrowserCompanion\BCHelper.exe.vir (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\BCHelper.exe (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cmpguid.js (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\fix2.js (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\fix3.js (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\fix4.js (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\fix5.js (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\fixJQ163.js (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\fixJQ1_71.js (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\fixJQ1_71_2.js (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\fixJQ1_83.js (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\fix_IE9_ger.js (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\icon.png (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\jquery4toolbar.js (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\jquery4toolbar183.js (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\lock.js (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\witapi.js (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\witmain.js (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\wittoolbar.js (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\witwidgetapi.js (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\xcodechange.js (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\003acba40adbfde226f740f147868a55_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\0227dd5d240c9bdfb9504999e66c665b_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\0984d4fababb5d92394dc5b39b700075_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\1048fa0383ec8c1a4365d4bd4fed1de5 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\1048fa0383ec8c1a4365d4bd4fed1de5_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\10876caa9bcaa0af0fd1b75ae00f4aec (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\10876caa9bcaa0af0fd1b75ae00f4aec_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\150b7566b7871fb6e0ef44753d0c6dc3_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\1ba8dcb77ad3084a8e9c7b8837e6b859 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\1ba8dcb77ad3084a8e9c7b8837e6b859_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\1bb25568f8455e74906142466f792c87_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\1d8715bd00dbafbff504a0b9666c85e1 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\1d8715bd00dbafbff504a0b9666c85e1_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\1dd4a0fdeff86d7113af5bf9018092d1 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\1dd4a0fdeff86d7113af5bf9018092d1_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\231785d024a11371bfc94ffff0a4b741_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\2328e1768b820b18ab2f301c9ff88e2c (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\2328e1768b820b18ab2f301c9ff88e2c_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\24779e9d2de93d13d7e07b527a1684d4 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\24779e9d2de93d13d7e07b527a1684d4_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\24c75ee12874b5775f0bdc6920d078a8_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\253712f62fa354f36c490a3f42ba9bfc_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\26a71d2848ed1a14bc99ea658961ed06 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\26a71d2848ed1a14bc99ea658961ed06_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\277a8fa54e28ecd52962c65ae09f7923 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\277a8fa54e28ecd52962c65ae09f7923_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\286965653b415f505622ea74d2bd3bbe_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\29885a00fc20421354db5b581d6fb9c7 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\29885a00fc20421354db5b581d6fb9c7_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\29885a00fc20421354db5b581d6fb9c7_gb (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\2a86ac4f3322238b4f27d14a09839275 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\2a86ac4f3322238b4f27d14a09839275_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\2d468ab97ca7b06a3c21e9e97b353a62_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\2e0dda2d2281da01c330dc3e12b45a9d_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\2e699bb621ffe89ade68eaef9df0d2d9 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\2e699bb621ffe89ade68eaef9df0d2d9_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\2e699bb621ffe89ade68eaef9df0d2d9_gb (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\3518e1eac042730aa1274618984462b3_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\38126fd00e0eb9d5ca912a5939b4755d (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\38126fd00e0eb9d5ca912a5939b4755d_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\38207d71d9cc86fb6daebc118ce6286c_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\3d7ac6206caeabc3e5955ad4ede73a32 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\3d7ac6206caeabc3e5955ad4ede73a32_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\3fb584595510ffd42fa9866ce0f84f32_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\4713e82e27fb9719d76577d1585acb00_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\477f5134e73f0099219c494cb23f6657_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\4c3f63645c68db469df209c2dc3a46aa_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\5255295b09bde52fbbf7e2a55d7a13f6 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\5255295b09bde52fbbf7e2a55d7a13f6_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\530e52021dc20843b1aa62957edeb9f8 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\530e52021dc20843b1aa62957edeb9f8_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\530e52021dc20843b1aa62957edeb9f8_version (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\5691d473cfba278d3447854176adcc42 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\5691d473cfba278d3447854176adcc42_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\5c07ce6ac7fa7b9ff2f3fd7a4d77eef8 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\5c07ce6ac7fa7b9ff2f3fd7a4d77eef8_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\5cdf8a7ef2ec84abac286c67587b78d9 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\5cdf8a7ef2ec84abac286c67587b78d9_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\5cdf8a7ef2ec84abac286c67587b78d9_version (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\62cce7d26ab5636bceb113b988d56c59_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\6496a43cad388e4b78f1ecce8fcffc27_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\64fb2f1cc9977e0b100dbab874b3b89c_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\656bf02a99a3ba2fbf237f6152b7f3de (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\656bf02a99a3ba2fbf237f6152b7f3de_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\658987e48ed8b4a20fa71afdd0c84454_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\6d091eb0bf44b762a039ee138e6b165c_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\6d4100dc97e9abad47303e5e0d38b2b6_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\6f8b3140943075f95ae0c74c1a13b752_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\72891ec935a3d247f2da6562ef29a005 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\72891ec935a3d247f2da6562ef29a005_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\7c0022298b948a99e406a6310bffea7f (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\7c0022298b948a99e406a6310bffea7f_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\7c0022298b948a99e406a6310bffea7f_gb (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\867f10e9a70010ef71d15c41fd2874be (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\867f10e9a70010ef71d15c41fd2874be_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\8a8dc36effa0a0300d6fb1a383936a49 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\8a8dc36effa0a0300d6fb1a383936a49_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\8f43b50088266b9870b42ce6ef7ffbde (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\8f43b50088266b9870b42ce6ef7ffbde_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\8f43b50088266b9870b42ce6ef7ffbde_gb (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\8fd0e5f2c42f56c41599ca329ef70350_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\8ffbb13aa6f702b0cafab391f90d1db7 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\8ffbb13aa6f702b0cafab391f90d1db7_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\9c2afdb0a6d9bf59b300144154b58c67_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\9c3a4c3f7d10f85147fa09d19f610015_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\9c86b973456448ae01f1cbc0d6cf607a_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\9cfd009e43704006e16e06f004decbd5 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\9cfd009e43704006e16e06f004decbd5_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\9e2a87a5ca3184adbfe91e3b37186dbd (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\9e2a87a5ca3184adbfe91e3b37186dbd_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\9ef5e4c08312c8e6d81dfd42b7176e39 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\9ef5e4c08312c8e6d81dfd42b7176e39_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\9fde1e4ac93162562a3cb3a2ca4a207d_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\a227f4517bd7937e697182f46906a6b4_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\a2853631512ec717cfd936b9a1f41b5c (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\a2853631512ec717cfd936b9a1f41b5c_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\a38dbdd1af07f4236d43e8fd995f57a6 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\a38dbdd1af07f4236d43e8fd995f57a6_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\a4978ceb564459d3d64682b37d89bbe3 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\a4978ceb564459d3d64682b37d89bbe3_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\a4978ceb564459d3d64682b37d89bbe3_gb (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\a6d4447986c4e442d92ed00b149c14f3_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\a7e0abb80dabcdbb6dbaec920aa126a0 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\a7e0abb80dabcdbb6dbaec920aa126a0_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\a95092a9bd34f5cfc98f78ca74502f36_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\aa36bceec49c832079e270icmc219ats (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\aaff3303cdd7526dcb9cd1bc7f49fa7a (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\aaff3303cdd7526dcb9cd1bc7f49fa7a_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\adbb013efd3fd71cf048206629fae313_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\addabc0e1349eebead03532357f33ad8 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\addabc0e1349eebead03532357f33ad8_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\b1ee91b2ef2163f40d85f38713cdc027 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\b1ee91b2ef2163f40d85f38713cdc027_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\b1ee91b2ef2163f40d85f38713cdc027_gb (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\b3688636ecfdc491aea728939c15f43e_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\b4e6d346c3e211a88a4175dba0d9e052 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\b4e6d346c3e211a88a4175dba0d9e052_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\b5080fd498f4580cd85cbf8ff41766c5_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\bdd26d3b7ab2292048466bbb3ec4a74d_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\bf73732e1f0b76bac435293ba3880579 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\bf73732e1f0b76bac435293ba3880579_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\c75261e846ce457d11060410767952c4 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\c75261e846ce457d11060410767952c4_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\c75261e846ce457d11060410767952c4_gb (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\cbb647c72e5b13b52d1392c603dcfde6 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\cbb647c72e5b13b52d1392c603dcfde6_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\cf28706faad49b5cccfc9e9e3ebbd818 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\cf28706faad49b5cccfc9e9e3ebbd818_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\cf28706faad49b5cccfc9e9e3ebbd818_gb (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\d5747e13728fd7df356bc13545143ea6_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\d5baae4ef839769f8eb7e9f9d82d8a40_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\d6418e300158fb16d8396d122d4b423b_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\d89bfd841403290d610bcf662008b443 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\d89bfd841403290d610bcf662008b443_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\d965aead622233a60676ef2349956f38_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\d9fe5d2850f1ed167451b193e8bd0e0c_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\dc9dc7eec614c4f09b8f012e4660cea0_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\ddedfe6ede02f148caf19a2dec7f877d_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\df4525cd4117d8ae1c7453b139759242 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\df4525cd4117d8ae1c7453b139759242_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\e1d6a45168e5bc9270ef03b4d2ccfd57 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\e1d6a45168e5bc9270ef03b4d2ccfd57_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\e3cd5b2c64ca319aadec7c28c6c6feba_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\e440d29f88739418e905adc0a155a174 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\e440d29f88739418e905adc0a155a174_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\e6c109bf52ef89fe99f9a9379617ab0e_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\e7395ccc0c22b2cca7bf3e0c7db4d8a6_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\e7d8325da90d91d3c4e7720f0e629e17 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\e7d8325da90d91d3c4e7720f0e629e17_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\e7d8325da90d91d3c4e7720f0e629e17_version (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\e9e14a99847657c53e1cc29cc55ab7af_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\ece5f266221b5245c6e3d7e27ddee963 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\ece5f266221b5245c6e3d7e27ddee963_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\ee2135fec207a636822e2513020c079a (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\ee2135fec207a636822e2513020c079a_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\ee2135fec207a636822e2513020c079a_gb (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\eeab68dd74d26245087956fb3caf6937_DE (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\f1586b879e32b889596b836c8855994f (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\f1586b879e32b889596b836c8855994f_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\f6bac299a1c952b358a64e75e2e51dbd (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\f6bac299a1c952b358a64e75e2e51dbd_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\fd884a02221ff58a33d44bd2b23a7ab9 (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\fd884a02221ff58a33d44bd2b23a7ab9_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Bandick\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire (PUP.Blabbers) -> Keine Aktion durchgeführt.

(Ende)

Alt 17.06.2013, 11:07   #8
markusg
/// Malware-holic
 
Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen" - Standard

Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen"



Funde gelöscht, falls nein, tu dies bitte.
Dann:

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 18.06.2013, 09:33   #9
crusherxxx
 
Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen" - Standard

Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen"



Adobe AIR Adobe Systems Incorporated 13.06.2013 2.7.0.19530 unbekannt
Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 13.06.2013 6,00MB 11.7.700.224 notwendig
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 13.06.2013 6,00MB 11.7.700.224 notwendig
Adobe Photoshop Elements 8.0 Adobe Systems Incorporated 13.06.2013 1,54GB 8.0 unnötig
Adobe Premiere Elements 8.0 Adobe Systems Incorporated 13.06.2013 1,23GB 8.0 unbekannt
Adobe Reader XI (11.0.03) - Deutsch Adobe Systems Incorporated 04.06.2013 133MB 11.0.03 notwendig
Alps Pointing-device for VAIO ALPS ELECTRIC CO., LTD. 25.11.2010 unbekannt
ArcSoft Magic-i Visual Effects 2 ArcSoft 13.06.2013 38,0MB 2.0.1.115 notwendig
ArcSoft WebCam Companion 3 ArcSoft 13.06.2013 3.0.21.368 notwendig
Ask Toolbar Ask.com 15.02.2013 5,40MB 1.15.15.0 unnötig
Ask Toolbar Updater Ask.com 15.02.2013 1.2.4.36191 unnötig
ATI Catalyst Install Manager ATI Technologies, Inc. 17.04.2011 22,2MB 3.0.769.0 notwendig
Audials USB RapidSolution Software AG 11.05.2011 4,33MB 8.0.46302.200 unbekannt
Bing Bar Microsoft Corporation 06.06.2013 464KB 7.1.355.0 unnötig
BrowserCompanion 13.06.2013 unnötig
CCleaner Piriform 25.03.2013 4.00 notwendig
Evernote Evernote Corp. 25.11.2010 80,9MB 3.5.4.2224 unbekannt
Firebird SQL Server - MAGIX Edition MAGIX AG 24.07.2011 10,1MB 2.1.27.0 unbekannt
Game Alarm 25.03.2013 unnötig
GinyasBrowserCompanion Ginyas 13.06.2013 unbekannt
Google Chrome Google Inc. 25.11.2010 27.0.1453.110 notwendig
Google Earth Google 28.03.2013 173MB 7.0.3.8542 notwendig
Google Toolbar for Internet Explorer Google Inc. 13.06.2013 7.4.3607.2246 notwendig
HP Officejet Pro 8600 - Grundlegende Software für das Gerät Hewlett-Packard Co. 06.06.2013 159MB 28.0.1315.0 notwendig
HP Officejet Pro 8600 Hilfe Hewlett Packard 06.06.2013 22,6MB 28.0.0 notwendig
HP Update Hewlett-Packard 06.06.2013 3,98MB 5.003.003.001 notwendig
I.R.I.S. OCR HP 06.06.2013 68,9MB 12.3.4.0 notwendig
Intel(R) Control Center Intel Corporation 25.11.2010 1.2.1.1007 notwendig
Intel(R) Management Engine Components Intel Corporation 25.11.2010 6.0.0.1179 notwendig
Intel(R) Rapid Storage Technology Intel Corporation 25.11.2010 9.6.0.1014 notwendig
Intel(R) Turbo Boost Technology Driver Intel Corporation 25.11.2010 01.02.00.1002 notwendig
Java 7 Update 21 Oracle 21.03.2013 129MB 7.0.210 notwendig
Java(TM) 6 Update 20 (64-bit) Sun Microsystems, Inc. 25.11.2010 90,5MB 6.0.200 notwendig
Java(TM) 6 Update 22 Oracle 11.03.2012 97,0MB 6.0.220 notwendig
Java(TM) 6 Update 33 Oracle 16.07.2012 95,6MB 6.0.330 notwendig
Kaspersky PURE 3.0 Kaspersky Lab 13.06.2013 13.0.2.558 notwendig
MAGIX Screenshare MAGIX AG 10.08.2011 1,42MB 4.3.6.1987 notwendig
MAGIX Speed burnR (MSI) MAGIX AG 10.08.2011 51,1MB 7.0.2.6 notwendig
MAGIX Video deluxe 17 MAGIX AG 13.06.2013 10.0.11.0 notwendig
Malwarebytes Anti-Malware Version 1.75.0.1300 Malwarebytes Corporation 13.06.2013 19,2MB 1.75.0.1300 notwendig
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 17.07.2012 38,8MB 4.0.30320 notwendig
Microsoft Office 2010 Microsoft Corporation 25.11.2010 6,31MB 14.0.4763.1000 notwendig
Microsoft Office Klick-und-Los 2010 Microsoft Corporation 13.06.2013 14.0.4763.1000 notwendig
Microsoft Office Starter 2010 - Deutsch Microsoft Corporation 13.06.2013 14.0.4763.1000 notwendig
Microsoft Silverlight Microsoft Corporation 13.03.2013 50,6MB 5.1.20125.0 notwendig
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 25.11.2010 1,72MB 3.1.0000 notwendig
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Corporation 10.04.2011 258KB 8.0.50727.4053 notwendig
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 15.06.2011 300KB 8.0.56336 notwendig
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 25.11.2010 708KB 8.0.61000 notwendig
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 17.04.2011 784KB 9.0.30729.4148 notwendig
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 15.06.2011 788KB 9.0.30729.6161 notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 24.07.2011 590KB 9.0.30729 notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 11.03.2012 224KB 9.0.30729.4148 notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 25.07.2011 600KB 9.0.30729.6161 notwendig
Mozilla Firefox 21.0 (x86 de) Mozilla 13.06.2013 44,7MB 21.0 notwendig
Mozilla Maintenance Service Mozilla 13.06.2013 333KB 21.0 unbekannt
MSXML 4.0 SP3 Parser Microsoft Corporation 25.11.2010 1,47MB 4.30.2100.0 unbekannt
MSXML 4.0 SP3 Parser (KB2721691) Microsoft Corporation 13.07.2012 1,53MB 4.30.2114.0 unbekannt
MSXML 4.0 SP3 Parser (KB2758694) Microsoft Corporation 12.01.2013 1,54MB 4.30.2117.0 unbekannt
MSXML 4.0 SP3 Parser (KB973685) Microsoft Corporation 11.04.2011 1,53MB 4.30.2107.0 unbekannt
MyFreeCodec 10.02.2013 unbekannt
Norton Online Backup Symantec Corporation 25.11.2010 6,19MB 2.1.17869 unnötig
OpenOffice.org 3.3 OpenOffice.org 11.03.2012 414MB 3.3.9567 notwendig
PMB Sony Corporation 10.04.2011 287MB 5.5.02.12220 unbekannt
Quick Web Access Sony Corporation 16.12.2012 350MB 1.4.7.0 notwendig
Realtek HDMI Audio Driver for ATI Realtek Semiconductor Corp. 13.06.2013 6.0.1.6034 notwendig
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 25.11.2010 6.0.1.6098 notwendig
Remote Play mit PlayStation®3 Sony Corporation 25.11.2010 1.0.2.06210 unbekannt
Remote-Tastatur mit PlayStation 3 Sony Corporation 25.11.2010 1.0.2.06170 unbekannt
Saal Design Software SSW Software GmbH 13.06.2013 2.5 unnötig
Sail Simulator 5 v5.2.2.0 11.12.2011 1,14GB notwendig
Samsung Kies Samsung Electronics Co., Ltd. 21.10.2011 193MB 2.0.3.11082_152 notwendig
SAMSUNG USB Driver for Mobile Phones SAMSUNG Electronics Co., Ltd. 10.02.2013 42,9MB 1.5.16.0 notwendig
Ski Challenge 13 (DE) 25.03.2013 notwendig
Skype Click to Call Skype Technologies S.A. 22.05.2012 10,6MB 5.10.9560 notwendig
Skype™ 6.1 Skype Technologies S.A. 10.03.2013 21,1MB 6.1.129 notwendig
SmartSound Quicktracks for Premiere Elements 8.0 SmartSound Software Inc 25.11.2010 25,4MB 3.11.3090 unbekannt
Studie zur Verbesserung von HP Officejet Pro 8600 Produkten Hewlett-Packard Co. 06.06.2013 8,31MB 28.0.1315.0 unnötig
Uhr SoWoSoft 26.01.2013 464KB 1.00.0000 notwendig
VAIO - Media Gallery Sony Corporation 25.11.2010 1.3.0.06230 notwendig
VAIO - PlayMemories Home Plug-in Sony Corporation 03.02.2013 200MB 2.2.00.18250 unbekannt
VAIO - PMB VAIO Edition Guide Sony Corporation 05.07.2011 72,3MB 1.5.00.03020 unbekannt
VAIO Care Sony Corporation 27.11.2011 6.4.2.11150 notwendig
VAIO Control Center Sony Corporation 25.11.2010 4.3.0.05310 notwendig
VAIO Data Restore Tool Sony Corporation 25.11.2010 1.4.0.05240 notwendig
VAIO DVD Menu Data Sony Corporation 25.11.2010 3.1.00.16130 notwendig
VAIO Gate Sony Corporation 02.02.2012 2.4.1.09230 notwendig
VAIO Gate Default Sony Corporation 25.11.2010 2.2.0.07020 notwendig
VAIO Media plus Sony Corporation 25.11.2010 2.1.0.18210 notwendig
VAIO Media plus Opening Movie Sony Corporation 25.11.2010 2.1.0.13220 notwendig
VAIO Movie Story Template Data Sony Corporation 25.11.2010 438MB 3.1.00.16130 notwendig
VAIO Sample Contents Sony Corporation 25.11.2010 1.3.0.06041 notwendig
VAIO screensaver Sony Europe 13.06.2013 1.0.0.0 notwendig
VAIO Smart Network Sony Corporation 25.11.2010 3.3.0.06080 notwendig
VAIO Update Sony Corporation 14.06.2013 6.2.1.03260 notwendig
VAIO-Handbuch Sony Corporation 25.11.2010 1.1.0.05280 notwendig
VAIO-Support für Übertragungen Sony Corporation 25.11.2010 1.2.0.06230 notwendig
WIDCOMM Bluetooth Software Broadcom Corporation 25.11.2010 183MB 6.3.0.5600 notwendig
Windows Live Essentials Microsoft Corporation 05.04.2012 15.4.3555.0308 notwendig
Windows Live Sync Microsoft Corporation 25.11.2010 2,79MB 14.0.8117.416 notwendig
Yahoo! Messenger Yahoo! Inc. 13.06.2013 notwendig
Yahoo! Software Update 13.06.2013 notwendig
Yahoo! Toolbar 13.06.2013 unnötig

Alt 18.06.2013, 16:04   #10
markusg
/// Malware-holic
 
Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen" - Standard

Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen"



Hi,
deinstaliere:
Adobe Photoshop
Adobe Premiere
bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
Sicherheit (erweitert)
Erweiterte Sicherheit anhaken
und alle Dateien auswählen.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok

deinstaliere:
Ask : beide
Bing
BrowserCompanion
Evernote
Game
GinyasBrowserCompanion
Google Toolbar : bitte verzichte auf Toolbars, sind nur ein zusatz Risiko, verlangsamen den Browser.
Java(TM) 6 : alle
Norton
Saal
Studie
Yahoo! Toolbar
Öffne CCleaner, analysieren, starten, PC neustarten
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 18.06.2013, 22:10   #11
crusherxxx
 
Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen" - Standard

Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen"



AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.303 - Datei am 18/06/2013 um 23:02:06 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium  (64 bits)
# Benutzer : Bandick - BANDICK-VAIO
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Bandick\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\user.js
Datei Gelöscht : C:\Windows\Tasks\GinyasBrowserCompanion Chrome Watcher.job
Datei Gelöscht : C:\Windows\Tasks\GinyasBrowserCompanion FireFox Watcher.job
Datei Gelöscht : C:\Windows\Tasks\GinyasBrowserCompanion Runner.job
Datei Gelöscht : C:\Windows\Tasks\GinyasBrowserCompanion Stats Report.job
Datei Gelöscht : C:\Windows\Tasks\GinyasBrowserCompanion Update Checker.job
Gelöscht mit Neustart : C:\ProgramData\GinyasBrowserCompanion
Ordner Gelöscht : C:\Program Files (x86)\Ask.com
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Users\Bandick\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\Bandick\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf
Ordner Gelöscht : C:\Users\Bandick\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\Bandick\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Bandick\AppData\Roaming\Mozilla\Firefox\Profiles\bsn6v8jn.default\extensions\bbrs_002@blabbers.com
Ordner Gelöscht : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\BrowserCompanion
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\BrowserCompanion
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\Software\DeviceVM
Schlüssel Gelöscht : HKLM\Software\GinyasBrowserCompanion
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\clbfjfbnelcflpgpklppgplejolacbej
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16476

Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?babsrc=NT_ss&mntrId=a0c9eb5600000000000090004ea9f275&tlver=1.4.19.19&ss=1&affID=17395 --> hxxp://www.google.com

-\\ Mozilla Firefox v21.0 (de)

Datei : C:\Users\Bandick\AppData\Roaming\Mozilla\Firefox\Profiles\bsn6v8jn.default\prefs.js

Gelöscht : user_pref("browser.search.order.1", "Ask.com");
Gelöscht : user_pref("browser.search.selectedEngine", "Ask.com");

-\\ Google Chrome v27.0.1453.110

Datei : C:\Users\Bandick\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [7197 octets] - [18/06/2013 23:02:06]

########## EOF - C:\AdwCleaner[S1].txt - [7257 octets] ##########
         
--- --- ---

Alt 18.06.2013, 22:15   #12
markusg
/// Malware-holic
 
Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen" - Standard

Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen"



Hi,
Bitte beginne damit, Windows Updates zu instalieren.
Am besten geht dies, wenn du über Start, Suchen gehst, und dort Windows Updates eingibst.
Prüfe unter "Einstellungen ändern" dass folgendes ausgewählt ist:
- Updates automatisch Instalieren,
- Täglich
- Uhrzeit wählen
- Bitte den gesammten rest anhaken, außer:
- detailierte benachichtungen anzeigen, wenn neue Microsoft software verfügbar ist.
Klicke jetzt die Schaltfläche "OK"
Klicke jetzt "nach Updates suchen".
Bitte instaliere zunächst wichtige Updates.
Es wird nötig sein, den PC zwischendurch neu zu starten. falls dies der Fall ist, musst du erneut über Start, Suchen, Windows Update aufrufen, auf Updates suchen klicken und die nächsten instalieren.
Mache das selbe bitte mit den optionalen Updates.

Wenn du denkst, fertig zu sein, klicke auf computer, eigenschaften, prüfe, ob das Servicepack1 (SP1) instaliert ist, wenn fertig, gib bescheid, bzw bei Problemen melden
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 18.06.2013, 22:56   #13
crusherxxx
 
Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen" - Standard

Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen"



hab alles erledigt. windows update war aktuell. ob Servicepack SP1 installiert ist, konnte ich nicht herausfinden. wo kann man das noch sehen?

Alt 18.06.2013, 22:58   #14
markusg
/// Malware-holic
 
Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen" - Standard

Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen"



rechtsklick, computer, eigenschaften
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 18.06.2013, 23:02   #15
crusherxxx
 
Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen" - Standard

Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen"



auf "Computer" in Startmenü Rechtsklick? Nach Klicken von Eigenschaften finde ich da nichts zum SP1

Antwort

Themen zu Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen"
adobe, bho, bingbar, desktop, ebanking, error, explorer, firefox, format, google, heur, heur:exploit.java.cve-2012-1723.gen, home, infizierte, logfile, malware, mozilla, netzwerk, nvidia, officejet, programme, realtek, registry, required, rundll, scan, symantec, tastatur, trojaner, virus, windows, winlogon.exe



Ähnliche Themen: Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen"


  1. HEUR:Exploit.Java.CVE-2012-1723.gen
    Plagegeister aller Art und deren Bekämpfung - 26.10.2013 (13)
  2. HEUR:Exploit.Java.CVE-2012-1723.gen
    Plagegeister aller Art und deren Bekämpfung - 26.10.2013 (12)
  3. Kaspersky - HEUR:Exploit.Java.CVE-2012-1723.gen
    Log-Analyse und Auswertung - 21.09.2013 (3)
  4. Kaspersky findet 2 trojanische Programme (Windows 7): HEUR:Exploit.Java.CVE-2012-1723.gen und Exploit.Java.CVE-2012-1723.nh
    Plagegeister aller Art und deren Bekämpfung - 18.09.2013 (14)
  5. Kaspersky - gefunden: HEUR:Exploit.Java.CVE-2012-1723.gen
    Plagegeister aller Art und deren Bekämpfung - 08.06.2013 (5)
  6. Trojaner HEUR:Exploit.Java.CVE-2012-1723.gen in c:\documents and settings\***\appdata\locallow\sun\java\deployment\cache\6.0\34\ gefunden
    Log-Analyse und Auswertung - 30.05.2013 (7)
  7. Kaspersky erkennt HEUR:Exploit.Java.CVE-2012-0507/1723.gen
    Plagegeister aller Art und deren Bekämpfung - 06.05.2013 (3)
  8. Heur:Exploit.java.cve-2012-1723.gen entfernen
    Plagegeister aller Art und deren Bekämpfung - 11.04.2013 (46)
  9. Trojaner HEUR:Exploit.Java.CVE-2012-1723.gen von Kasperskyscan entdeckt
    Log-Analyse und Auswertung - 09.04.2013 (18)
  10. Trojaner: "HEUR:Exploit.Java.CVE-2012-1723.gen" in c:\documents and settings\ela\appdata\local\temp\jar_cache8475908429309578927.tmp
    Plagegeister aller Art und deren Bekämpfung - 08.04.2013 (6)
  11. Kasperskay meldet "Gefunden: HEUR: Exploit.Java.CVE-2012-0507.gen"
    Log-Analyse und Auswertung - 03.04.2013 (21)
  12. Trojaner gefunden: HEUR:Exploit.Java.CVE-2012-1723.gen
    Plagegeister aller Art und deren Bekämpfung - 25.03.2013 (3)
  13. HEUR:Exploit.Java.CVE-2012-1723.gen
    Log-Analyse und Auswertung - 18.03.2013 (1)
  14. "HEUR:Exploit.Java.CVE-2012-4681.gen" entfernen
    Plagegeister aller Art und deren Bekämpfung - 13.01.2013 (2)
  15. HEUR:Exploit.Java.CVE-2012-1723.gen in c:/documents and settings/.../appdata/locallow/sun/java/deployment/cache/6.0/1/3935ec1-7693a783
    Plagegeister aller Art und deren Bekämpfung - 14.12.2012 (2)
  16. HEUR:Exploit.Java.CVE-2012-4681.gen" sowie mehrfach Exploit.Java.CVE-2012-0507.ou mit kaspersky gefunden in C:Dokumente und Einstellungen ge
    Plagegeister aller Art und deren Bekämpfung - 21.11.2012 (11)
  17. HEUR:Exploit.Java.CVE-2012-1723.gen
    Plagegeister aller Art und deren Bekämpfung - 19.11.2012 (15)

Zum Thema Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen" - Hallo Forumteilnehmer, Kaspersky Pure 3.0 fand auf meinem Laptop den Trojaner "HEUR:Exploit.Java.CVE-2012-1723.gen". Aus einem älteren Threat entnahm ich, dass das Ding richtig übel ist. Ich habe nun mit "OldTimer" ein - Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen"...
Archiv
Du betrachtest: Stress mit "HEUR:Exploit.Java.CVE-2012-1723.gen" auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.