Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   lvvm.exe und div. andere Trojaner legen Laptop lahm (https://www.trojaner-board.de/105372-lvvm-exe-div-andere-trojaner-legen-laptop-lahm.html)

Hoschi2k 24.11.2011 11:29
lvvm.exe und div. andere Trojaner legen Laptop lahm
 
Hallo,
ich bin der Oli und hab da ein Problem.
Eine Freundin hat mir ihren Laptop (Win Vista) gebracht da dieser plötzlich furchtbar langsam wurde. Sie schreibt in einer Woche irgendwelche Prüfungen und dafür braucht sie ihn. Deswegen kann ich ihn auch nicht so einfach neu aufsetzten.
Ich habe dann festgestellt das kein Antivirenprogramm installiert war.
Auch war keine Verbindung mit dem Internet mehr möglich (hab ich behoben durch die Proxy Löschung)
Dann habe ich mir die Tasks mal angeschaut und dort einige Unregelmäßigkeiten festgestellt.(doppelte Tasks/falsch geschriebene Wintasks/ und unter anderem lvvm.exe)
Also habe ich erst mal versucht Avira zu installieren, mehr schlecht als recht.
Die Installation lief zwar durch aber am Ende kam nicht der obligatorische Update versuch und der Systemscan wurde auch nicht gemacht.
Als ich dann Neustarten wollte kam dieses BKA-Warnung-Dingsda!
Nichts ging mehr. Nach einem Kill/Start-Manöver war das allerdings weg.
Aber Avira und Windows Updates gehen immer noch nicht.
Ich habe jetzt defogger otl und gmer laufen lassen.
Hoffe ihr könnt mir helfen.
Mit bestem Dank im voraus:dankeschoen:

markusg 24.11.2011 12:29
hiho

achtung!
dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.


• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.



Code:
:OTL
F3 - HKCU WinNT: Load - (C:\Users\Alina\AppData\Roaming\9B929\lvvm.exe) -C:\Users\Alina\AppData\Roaming\9B929\lvvm.exe ()
O20 - HKCU Winlogon: Shell - (C:\Users\Alina\AppData\Roaming\6619B\F53D4.exe) -C:\Users\Alina\AppData\Roaming\6619B\F53D4.exe ()
[2011.11.24 08:10:49 | 000,000,000 | ---D | C] -- C:\Users\Alina\AppData\Roaming\9B929
[2011.11.24 08:09:26 | 000,000,000 | ---D | C] -- C:\Users\Alina\AppData\Roaming\6619B
[2011.11.23 16:11:50 | 000,000,000 | ---D | C] -- C:\Program Files\9B929
[2011.11.17 08:31:54 | 000,000,000 | ---D | C] -- C:\Program Files\LP
[2011.11.16 21:03:40 | 000,000,000 | RHSD | C] -- C:\Users\Alina\50-8270-5705-5150
:Files
C:\Users\Alina\AppData\Roaming\9B929
C:\Users\Alina\AppData\Roaming\6619B
:Commands
[Reboot]


• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.

lade unhide:
http://filepony.de/download-unhide/
doppelklicken, dateien werden sichtbar

öffne computer, öffne C: dann _OTL
dort rechtsklick auf moved files
wähle zu moved files.rar oder zip hinzufügen.
folge dem link, und lade das archiv im upload channel hoch
http://www.trojaner-board.de/54791-a...ner-board.html

Hoschi2k 24.11.2011 13:13
! C:\_OTL\MovedFiles.rar: Konnte C:\_OTL\MovedFiles\11242011_123841\C_Program Files\9B929\lvvm.exe nicht öffnen.
Zugriff verweigert

kam beim packen von MovedFiles.rar

Zitat:
========== OTL ==========
File \Users\Alina\AppData\Roaming\9B929\lvvm.exe) -C:\Users\Alina\AppData\Roaming\9B929\lvvm.exe not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\Alina\AppData\Roaming\9B929\lvvm.exe deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\Alina\AppData\Roaming\6619B\F53D4.exe deleted successfully.
File \Users\Alina\AppData\Roaming\6619B\F53D4.exe) -C:\Users\Alina\AppData\Roaming\6619B\F53D4.exe not found.
Folder move failed. C:\Users\Alina\AppData\Roaming\9B929 scheduled to be moved on reboot.
Folder move failed. C:\Users\Alina\AppData\Roaming\6619B scheduled to be moved on reboot.
Folder C:\Program Files\9B929\ not found.
Folder C:\Program Files\LP\ not found.
Folder C:\Users\Alina\50-8270-5705-5150\ not found.
========== FILES ==========
Folder move failed. C:\Users\Alina\AppData\Roaming\9B929 scheduled to be moved on reboot.
Folder move failed. C:\Users\Alina\AppData\Roaming\6619B scheduled to be moved on reboot.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.31.0 log created on 11242011_125913

Files\Folders moved on Reboot...
C:\Users\Alina\AppData\Roaming\9B929 folder moved successfully.
C:\Users\Alina\AppData\Roaming\6619B folder moved successfully.

Registry entries deleted on Reboot...

markusg 24.11.2011 13:33
hi danke für den upload.
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Bitte downloade dir Combofix.exe und speichere es unbedingt auf deinem Desktop.
  • Besuche folgende Seite für Downloadlinks und Anweisungen für dieses
    Tool

    Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Hinweis:
    Gehe sicher das all deine Anti Virus und Anti Malware Programme abgeschalten sind, damit diese Combofix nicht bei der Arbeit stören.
  • Poste bitte die C:\Combofix.txt in deiner nächsten Antwort.

Hoschi2k 24.11.2011 14:10
Erstmal vielen Danke für die schnelle Hilfe hier. Das iss mal krasser Service.

Ich musste nach dem ComboFix fertig war den Laptop neustarten da weder Mozilla noch IE funktionierten.

So wie gewünscht...

Combofix Logfile:
Code:
ComboFix 11-11-23.03 - Alina 24.11.2011  13:42:11.1.2 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6001.1.1252.49.1031.18.3038.1844 [GMT 1:00]
ausgeführt von:: c:\users\Alina\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Outdated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Outdated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\hasdfkasif.exe\hasdfkasif.exe
c:\users\Alina\AppData\Roaming\6619B
c:\users\Alina\AppData\Roaming\6619B\B929.619
c:\users\Alina\AppData\Roaming\6619B\F53D4.exe
c:\users\Alina\AppData\Roaming\chrtmp
c:\users\Alina\AppData\Roaming\Firefox.exe
c:\users\Alina\AppData\Roaming\Microsoft\D496\DBA.exe
c:\users\Alina\AppData\Roaming\wmplayer.exe
c:\windows\system32\Thumbs.db
.
.
(((((((((((((((((((((((  Dateien erstellt von 2011-10-24 bis 2011-11-24  ))))))))))))))))))))))))))))))
.
.
2011-11-24 12:49 . 2011-11-24 12:53        --------        d-----w-        c:\users\Alina\AppData\Local\temp
2011-11-24 12:49 . 2011-11-24 12:49        --------        d-----w-        c:\users\Default\AppData\Local\temp
2011-11-24 12:07 . 2011-11-24 12:08        --------        d-----w-        c:\users\Alina\AppData\Roaming\9B929
2011-11-24 12:07 . 2011-11-24 12:07        99840        ----a-w-        c:\users\Alina\AppData\Roaming\Microsoft\D496\FBAD.tmp
2011-11-24 11:46 . 2011-11-24 11:46        99840        ----a-w-        c:\users\Alina\AppData\Roaming\Microsoft\D496\E63A.tmp
2011-11-24 11:38 . 2011-11-24 12:10        --------        d-----w-        C:\_OTL
2011-11-24 07:29 . 2011-11-24 07:29        --------        d-----w-        c:\users\Alina\AppData\Roaming\QuickScan
2011-11-24 07:09 . 2011-11-24 07:09        99840        ----a-w-        c:\users\Alina\AppData\Roaming\Microsoft\D496\96C2.tmp
2011-11-23 16:15 . 2011-11-23 16:15        --------        d-----w-        c:\users\Alina\AppData\Roaming\Avira
2011-11-23 16:03 . 2011-10-18 00:28        6668624        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{63E89EF8-36A5-4586-8AF1-9EF2E2AD032C}\mpengine.dll
2011-11-23 16:03 . 2011-05-24 17:14        222080        ------w-        c:\windows\system32\MpSigStub.exe
2011-11-23 16:00 . 2011-10-19 15:56        74640        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2011-11-23 16:00 . 2011-10-19 15:56        36000        ----a-w-        c:\windows\system32\drivers\avkmgr.sys
2011-11-23 16:00 . 2011-10-19 15:56        134344        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2011-11-23 16:00 . 2011-11-23 16:00        --------        d-----w-        c:\programdata\Avira
2011-11-23 16:00 . 2011-11-23 16:00        --------        d-----w-        c:\program files\Avira
2011-11-23 15:52 . 2011-11-23 15:52        --------        d-----w-        c:\windows\PIF
2011-11-23 15:25 . 2011-11-23 15:25        2106216        ----a-w-        c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-11-23 15:25 . 2011-11-23 15:25        134104        ----a-w-        c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-11-23 15:25 . 2011-11-23 15:25        1998168        ----a-w-        c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-11-23 15:25 . 2011-11-23 15:25        89048        ----a-w-        c:\program files\Mozilla Firefox\libEGL.dll
2011-11-23 15:25 . 2011-11-23 15:25        801752        ----a-w-        c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-11-23 15:25 . 2011-11-23 15:25        478168        ----a-w-        c:\program files\Mozilla Firefox\libGLESv2.dll
2011-11-23 15:25 . 2011-11-23 15:25        1989592        ----a-w-        c:\program files\Mozilla Firefox\mozjs.dll
2011-11-23 15:25 . 2011-11-23 15:25        15832        ----a-w-        c:\program files\Mozilla Firefox\mozalloc.dll
2011-11-23 15:22 . 2011-11-23 15:25        719832        ----a-w-        c:\program files\Mozilla Firefox\mozcpp19.dll
2011-11-23 15:22 . 2011-11-23 15:25        16856        ----a-w-        c:\program files\Mozilla Firefox\plugin-container.exe
2011-11-17 09:42 . 2011-11-17 09:57        --------        d-----w-        c:\users\Alina\AppData\Roaming\T-Mobile Internet Manager
2011-11-17 09:40 . 2009-10-20 17:47        112640        ----a-w-        c:\windows\system32\drivers\ewusbnet.sys
2011-11-17 09:40 . 2009-10-12 14:22        101120        ----a-w-        c:\windows\system32\drivers\ewusbdev.sys
2011-11-17 09:40 . 2009-09-10 13:55        102912        ----a-w-        c:\windows\system32\drivers\ewusbmdm.sys
2011-11-17 09:40 . 2007-08-09 03:06        23424        ----a-w-        c:\windows\system32\drivers\ewdcsc.sys
2011-11-17 09:40 . 2011-11-17 09:40        --------        d-----w-        c:\users\Alina\AppData\Roaming\T-Mobile
2011-11-17 09:40 . 2008-10-09 12:52        294912        ----a-w-        c:\windows\system32\bminstall.dll
2011-11-17 09:40 . 2008-10-09 12:51        126976        ----a-w-        c:\windows\system32\bmdumpd.bin
2011-11-17 09:40 . 2008-10-09 12:50        22528        ----a-w-        c:\windows\system32\drivers\BMLoad.sys
2011-11-17 09:40 . 2008-10-09 12:50        18816        ----a-w-        c:\windows\system32\drivers\tcpipBM.sys
2011-11-17 09:40 . 2008-02-11 16:05        8464        ----a-w-        c:\windows\system32\sporder.dll
2011-11-17 09:40 . 2008-02-11 16:05        719360        ----a-w-        c:\windows\system32\bmutil.dll
2011-11-17 09:39 . 2011-11-17 09:39        --------        d-----w-        c:\program files\T-Mobile
2011-11-10 11:19 . 2011-11-10 13:49        --------        d-----w-        c:\users\Alina\AppData\Roaming\SAP
2011-11-10 11:18 . 2010-02-26 04:02        946176        ----a-w-        c:\windows\system32\icuuc34.dll
2011-11-10 11:18 . 2010-03-16 02:05        4813824        ----a-w-        c:\windows\system32\librfc32u.dll
2011-11-10 11:16 . 2011-11-10 13:47        --------        d-----w-        c:\users\Alina\AppData\Local\SAP
2011-11-10 11:16 . 1999-05-07 11:24        209408        ----a-w-        c:\windows\system32\tabctl32.ocx
2011-11-10 11:16 . 1999-05-07 11:24        438800        ----a-w-        c:\windows\system32\mshflxgd.ocx
2011-11-10 11:16 . 1999-05-07 11:24        244232        ----a-w-        c:\windows\system32\msflxgrd.ocx
2011-11-10 11:16 . 1998-06-24 09:57        67376        ----a-w-        c:\windows\system32\sysinfo.ocx
2011-11-10 11:16 . 1999-05-07 11:24        262152        ----a-w-        c:\windows\system32\msdatgrd.ocx
2011-11-10 11:16 . 2000-05-22 15:58        203976        ----a-w-        c:\windows\system32\richtx32.ocx
2011-11-10 11:16 . 1998-06-26 19:22        94744        ----a-w-        c:\windows\system32\grid32.ocx
2011-11-10 11:16 . 1998-06-18 04:49        153600        ----a-w-        c:\windows\system32\tlbinf32.dll
2011-11-10 11:16 . 1999-04-29 11:04        1355776        ----a-w-        c:\windows\system32\msvbvm50.dll
2011-11-10 11:16 . 1995-05-19 07:15        133904        ----a-w-        c:\windows\system32\mfcans32.dll
2011-11-10 11:15 . 2011-11-10 11:16        --------        d-----w-        c:\program files\SAP
2011-11-08 16:51 . 2011-11-23 18:57        --------        d-sh--r-        c:\users\Alina\M-1-52-5782-8752-5245
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 15:25 . 2011-11-23 15:25        134104        ----a-w-        c:\program files\mozilla firefox\components\browsercomps.dll
2010-07-07 11:14 . 2010-07-07 11:14        119808        ----a-w-        c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-12-21 274432]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"Switcher"="c:\program files\Switcher\Switcher.exe" [2007-10-28 425984]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"HW_OPENEYE_OUC_T-Mobile Internet Manager"="c:\program files\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe" [2009-12-31 110592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-01-06 6703648]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-10 835584]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-12-03 35184]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-05 136600]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-12-18 317288]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-07 30192]
"MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2009-05-22 26112]
"DocCreatorClient"="c:\program files\Global Graphics\gDoc\DocCreatorClient.exe" [2009-11-24 292248]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2011-07-11 74752]
"DataCardMonitor"="c:\program files\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe" [2011-11-17 253952]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-10-19 258512]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-01-19 10:49        98304        ----a-w-        c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2009-10-20 112640]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-07-07 30192]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 101120]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-01-20 120104]
R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-01-20 70952]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-01-20 390440]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-01-20 75048]
R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-01-20 91432]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-01-19 394536]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2009-01-16 83240]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WSDPrintDevice;WSD-Druckunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 16896]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-10-19 36000]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-10-19 86224]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2009-08-16 222968]
S2 NSUService;NSUService;c:\program files\sony\Network Utility\NSUService.exe [2008-12-21 303104]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 11032]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
S2 uCamMonitor;CamMonitor;c:\program files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2008-12-19 415592]
S2 VCFw;VAIO Content Folder Watcher;c:\program files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-01-14 5184872]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2008-04-24 17920]
S3 DCMessages;DCMessages;c:\windows\System32\DCMessages.exe [2009-11-24 99720]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2008-11-19 9344]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2010-09-14 577384]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2010-09-14 194408]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2010-09-14 21864]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2010-09-14 19304]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - BMLoad
.
Inhalt des "geplante Tasks" Ordners
.
2011-11-24 c:\windows\Tasks\User_Feed_Synchronization-{80F93F21-F4C3-4009-A3A0-903D5D0B5F68}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 02:24]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNYT&bmod=SNYT
uInternet Settings,ProxyServer = http=127.0.0.1:61455
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: Free YouTube to MP3 Converter - c:\users\Alina\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Alina\AppData\Roaming\Mozilla\Firefox\Profiles\tfpkrk08.default\
FF - prefs.js: browser.search.defaulturl - hxxp://plasmoo.com/result.htm?SearchMashine=true&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://plasmoo.com/result.htm?q=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 61455
FF - prefs.js: network.proxy.type - 1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{ee1babcf-cbe2-4c07-8e18-dfe6fc08c30a}  - (no file)
HKCU-Run-hasdfkasif.exe - c:\hasdfkasif.exe\hasdfkasif.exe
HKCU-Run-DBA.exe - c:\users\Alina\AppData\Roaming\Microsoft\D496\DBA.exe
HKLM-Run-DBA.exe - c:\program files\LP\D496\DBA.exe
SafeBoot-mcmscsvc
SafeBoot-MCODS
.
.
.
**************************************************************************
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  DataCardMonitor = c:\program files\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe?mp?CE\Co)??#t?????*???*?/??$}???(?2?????????????????????W??]{????:*???*?am Files\T-Mobile\T-Mobile Internet Manager\????c:\users????v???c:\Program Files\T-Mobile\T-Mobile Internet Mana
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien:
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000042
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\sony\VAIO Event Service\VESMgr.exe
c:\windows\system32\DllHost.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\windows\system32\WUDFHost.exe
c:\program files\sony\VAIO Event Service\VESMgrSub.exe
c:\windows\system32\DllHost.exe
c:\program files\Sony\VAIO Power Management\SPMgr.exe
c:\program files\Sony\VAIO Update 4\VAIOUpdt.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
c:\windows\system32\conime.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\users\Alina\AppData\Roaming\T-Mobile Internet Manager\ouc.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\LogonUI.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-11-24  14:00:30 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-11-24 12:59
.
Vor Suchlauf: 11 Verzeichnis(se), 214.225.743.872 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 214.516.912.128 Bytes frei
.
- - End Of File - - F8C02249181A6B0B904677CEB85DC840
--- --- ---

markusg 24.11.2011 14:19
hi, kannst du mal c:\qoobox öffnen und quarantain packen, und dann das archiv ebenfalls im upload channel hochladen bitte?

Hoschi2k 24.11.2011 14:23
Beim packen kam das
Zitat:
! C:\Qoobox\Quarantine.rar: Konnte C:\Qoobox\Quarantine\C\Users\Alina\AppData\Roaming\Firefox.exe.vir nicht öffnen.
Zugriff verweigert
! C:\Qoobox\Quarantine.rar: Konnte C:\Qoobox\Quarantine\C\Users\Alina\AppData\Roaming\Microsoft\D496\DBA.exe.vir nicht öffnen.
Zugriff verweigert
! C:\Qoobox\Quarantine.rar: Konnte C:\Qoobox\Quarantine\C\Users\Alina\AppData\Roaming\wmplayer.exe.vir nicht öffnen.
Zugriff verweigert

markusg 24.11.2011 14:31
danke für info und upload.

malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.

Hoschi2k 24.11.2011 16:43
So da iss er

Zitat:
Malwarebytes' Anti-Malware 1.51.2.1300
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: 8231

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

24.11.2011 16:42:30
mbam-log-2011-11-24 (16-42-30).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|Q:\|)
Durchsuchte Objekte: 307714
Laufzeit: 2 Stunde(n), 1 Minute(n), 18 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 1
Infizierte Dateien: 12

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer (PUM.Bad.Proxy) -> Value: ProxyServer -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
c:\Users\Alina\m-1-52-5782-8752-5245 (Trojan.Agent.Gen) -> Quarantined and deleted successfully.

Infizierte Dateien:
c:\Qoobox\quarantine\C\Users\Alina\AppData\Roaming\firefox.exe.vir (Malware.Packer) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\Users\Alina\AppData\Roaming\wmplayer.exe.vir (Malware.Packer) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\Users\Alina\AppData\Roaming\6619B\f53d4.exe.vir (Malware.Packer) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\Users\Alina\AppData\Roaming\microsoft\D496\dba.exe.vir (Malware.Packer) -> Quarantined and deleted successfully.
c:\Users\Alina\AppData\LocalLow\Sun\Java\deployment\cache\6.0\1\339e0381-48390196 (Trojan.Zbot.CBCGen) -> Quarantined and deleted successfully.
c:\Users\Alina\AppData\Roaming\9B929\lvvm.exe (Malware.Packer) -> Quarantined and deleted successfully.
c:\Users\Alina\AppData\Roaming\microsoft\D496\96C2.tmp (Malware.Packer) -> Quarantined and deleted successfully.
c:\Users\Alina\AppData\Roaming\microsoft\D496\E63A.tmp (Malware.Packer) -> Quarantined and deleted successfully.
c:\Users\Alina\AppData\Roaming\microsoft\D496\FBAD.tmp (Malware.Packer) -> Quarantined and deleted successfully.
c:\_OTL\movedfiles\11242011_123841\c_program files\9B929\lvvm.exe (Malware.Packer) -> Quarantined and deleted successfully.
c:\_OTL\movedfiles\11242011_125913\C_Users\Alina\AppData\Roaming\6619B\F53D4.exe (Malware.Packer) -> Quarantined and deleted successfully.
c:\_OTL\movedfiles\11242011_125913\C_Users\Alina\AppData\Roaming\9B929\lvvm.exe (Malware.Packer) -> Quarantined and deleted successfully.

markusg 24.11.2011 16:52
start programme zubehör editor reinkopieren:
killall::
Folder::
c:\Users\Alina\AppData\Roaming\microsoft\D496
c:\Users\Alina\AppData\Roaming\9B929
c:\Users\Alina\AppData\Roaming\microsoft\D496


datei speichern unter,
ort dort wo sich combofix.exe befindet.
typ, alle dateien, name
cfscript.txt
ziehe cfscript auf combofix, programm startet log posten.

Hoschi2k 24.11.2011 18:51
So bitte sehr
Combofix Logfile:
Code:
ComboFix 11-11-23.03 - Alina 24.11.2011  17:55:03.2.2 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6001.1.1252.49.1031.18.3038.1985 [GMT 1:00]
ausgeführt von:: c:\users\Alina\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Alina\Desktop\cfscript.txt
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Alina\AppData\Roaming\9B929
c:\users\Alina\AppData\Roaming\microsoft\D496
c:\users\Alina\AppData\Roaming\microsoft\D496\3332.tmp
c:\users\Alina\AppData\Roaming\microsoft\D496\51B8.tmp
c:\users\Alina\AppData\Roaming\microsoft\D496\6385.tmp
c:\users\Alina\AppData\Roaming\microsoft\D496\A7C6.tmp
c:\users\Alina\AppData\Roaming\microsoft\D496\AAAF.tmp
c:\users\Alina\AppData\Roaming\microsoft\D496\AFD1.tmp
c:\users\Alina\AppData\Roaming\microsoft\D496\D133.tmp
c:\users\Alina\AppData\Roaming\microsoft\D496\E512.tmp
c:\users\Alina\AppData\Roaming\microsoft\D496\EB2B.tmp
.
.
(((((((((((((((((((((((  Dateien erstellt von 2011-10-24 bis 2011-11-24  ))))))))))))))))))))))))))))))
.
.
2011-11-24 17:02 . 2011-11-24 17:33        --------        d-----w-        c:\users\Alina\AppData\Local\temp
2011-11-24 17:02 . 2011-11-24 17:02        --------        d-----w-        c:\users\Default\AppData\Local\temp
2011-11-24 16:10 . 2011-11-24 16:10        --------        d-----w-        c:\windows\system32\EventProviders
2011-11-24 14:03 . 2010-03-05 14:01        420352        ----a-w-        c:\windows\system32\vbscript.dll
2011-11-24 13:34 . 2011-11-24 13:34        --------        d-----w-        c:\users\Alina\AppData\Roaming\Malwarebytes
2011-11-24 13:33 . 2011-11-24 13:33        --------        d-----w-        c:\programdata\Malwarebytes
2011-11-24 13:33 . 2011-11-24 13:33        --------        d-----w-        c:\program files\Malwarebytes' Anti-Malware
2011-11-24 13:33 . 2011-08-31 16:00        22216        ----a-w-        c:\windows\system32\drivers\mbam.sys
2011-11-24 11:38 . 2011-11-24 12:10        --------        d-----w-        C:\_OTL
2011-11-24 07:29 . 2011-11-24 07:29        --------        d-----w-        c:\users\Alina\AppData\Roaming\QuickScan
2011-11-23 16:15 . 2011-11-23 16:15        --------        d-----w-        c:\users\Alina\AppData\Roaming\Avira
2011-11-23 16:03 . 2011-10-18 00:28        6668624        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{63E89EF8-36A5-4586-8AF1-9EF2E2AD032C}\mpengine.dll
2011-11-23 16:03 . 2011-05-24 17:14        222080        ------w-        c:\windows\system32\MpSigStub.exe
2011-11-23 16:00 . 2011-10-19 15:56        74640        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2011-11-23 16:00 . 2011-10-19 15:56        36000        ----a-w-        c:\windows\system32\drivers\avkmgr.sys
2011-11-23 16:00 . 2011-10-19 15:56        134344        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2011-11-23 16:00 . 2011-11-23 16:00        --------        d-----w-        c:\programdata\Avira
2011-11-23 16:00 . 2011-11-23 16:00        --------        d-----w-        c:\program files\Avira
2011-11-23 15:52 . 2011-11-23 15:52        --------        d-----w-        c:\windows\PIF
2011-11-23 15:25 . 2011-11-23 15:25        2106216        ----a-w-        c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-11-23 15:25 . 2011-11-23 15:25        134104        ----a-w-        c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-11-23 15:25 . 2011-11-23 15:25        1998168        ----a-w-        c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-11-23 15:25 . 2011-11-23 15:25        89048        ----a-w-        c:\program files\Mozilla Firefox\libEGL.dll
2011-11-23 15:25 . 2011-11-23 15:25        801752        ----a-w-        c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-11-23 15:25 . 2011-11-23 15:25        478168        ----a-w-        c:\program files\Mozilla Firefox\libGLESv2.dll
2011-11-23 15:25 . 2011-11-23 15:25        1989592        ----a-w-        c:\program files\Mozilla Firefox\mozjs.dll
2011-11-23 15:25 . 2011-11-23 15:25        15832        ----a-w-        c:\program files\Mozilla Firefox\mozalloc.dll
2011-11-23 15:22 . 2011-11-23 15:25        719832        ----a-w-        c:\program files\Mozilla Firefox\mozcpp19.dll
2011-11-23 15:22 . 2011-11-23 15:25        16856        ----a-w-        c:\program files\Mozilla Firefox\plugin-container.exe
2011-11-17 09:42 . 2011-11-17 09:57        --------        d-----w-        c:\users\Alina\AppData\Roaming\T-Mobile Internet Manager
2011-11-17 09:40 . 2009-10-20 17:47        112640        ----a-w-        c:\windows\system32\drivers\ewusbnet.sys
2011-11-17 09:40 . 2009-10-12 14:22        101120        ----a-w-        c:\windows\system32\drivers\ewusbdev.sys
2011-11-17 09:40 . 2009-09-10 13:55        102912        ----a-w-        c:\windows\system32\drivers\ewusbmdm.sys
2011-11-17 09:40 . 2007-08-09 03:06        23424        ----a-w-        c:\windows\system32\drivers\ewdcsc.sys
2011-11-17 09:40 . 2011-11-17 09:40        --------        d-----w-        c:\users\Alina\AppData\Roaming\T-Mobile
2011-11-17 09:40 . 2008-10-09 12:52        294912        ----a-w-        c:\windows\system32\bminstall.dll
2011-11-17 09:40 . 2008-10-09 12:51        126976        ----a-w-        c:\windows\system32\bmdumpd.bin
2011-11-17 09:40 . 2008-10-09 12:50        22528        ----a-w-        c:\windows\system32\drivers\BMLoad.sys
2011-11-17 09:40 . 2008-10-09 12:50        18816        ----a-w-        c:\windows\system32\drivers\tcpipBM.sys
2011-11-17 09:40 . 2008-02-11 16:05        8464        ----a-w-        c:\windows\system32\sporder.dll
2011-11-17 09:40 . 2008-02-11 16:05        719360        ----a-w-        c:\windows\system32\bmutil.dll
2011-11-17 09:39 . 2011-11-17 09:39        --------        d-----w-        c:\program files\T-Mobile
2011-11-10 11:19 . 2011-11-10 13:49        --------        d-----w-        c:\users\Alina\AppData\Roaming\SAP
2011-11-10 11:18 . 2010-02-26 04:02        946176        ----a-w-        c:\windows\system32\icuuc34.dll
2011-11-10 11:18 . 2010-03-16 02:05        4813824        ----a-w-        c:\windows\system32\librfc32u.dll
2011-11-10 11:16 . 2011-11-10 13:47        --------        d-----w-        c:\users\Alina\AppData\Local\SAP
2011-11-10 11:16 . 1999-05-07 11:24        209408        ----a-w-        c:\windows\system32\tabctl32.ocx
2011-11-10 11:16 . 1999-05-07 11:24        438800        ----a-w-        c:\windows\system32\mshflxgd.ocx
2011-11-10 11:16 . 1999-05-07 11:24        244232        ----a-w-        c:\windows\system32\msflxgrd.ocx
2011-11-10 11:16 . 1998-06-24 09:57        67376        ----a-w-        c:\windows\system32\sysinfo.ocx
2011-11-10 11:16 . 1999-05-07 11:24        262152        ----a-w-        c:\windows\system32\msdatgrd.ocx
2011-11-10 11:16 . 2000-05-22 15:58        203976        ----a-w-        c:\windows\system32\richtx32.ocx
2011-11-10 11:16 . 1998-06-26 19:22        94744        ----a-w-        c:\windows\system32\grid32.ocx
2011-11-10 11:16 . 1998-06-18 04:49        153600        ----a-w-        c:\windows\system32\tlbinf32.dll
2011-11-10 11:16 . 1999-04-29 11:04        1355776        ----a-w-        c:\windows\system32\msvbvm50.dll
2011-11-10 11:16 . 1995-05-19 07:15        133904        ----a-w-        c:\windows\system32\mfcans32.dll
2011-11-10 11:15 . 2011-11-10 11:16        --------        d-----w-        c:\program files\SAP
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 15:25 . 2011-11-23 15:25        134104        ----a-w-        c:\program files\mozilla firefox\components\browsercomps.dll
2010-07-07 11:14 . 2010-07-07 11:14        119808        ----a-w-        c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-12-21 274432]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"Switcher"="c:\program files\Switcher\Switcher.exe" [2007-10-28 425984]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"HW_OPENEYE_OUC_T-Mobile Internet Manager"="c:\program files\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe" [2009-12-31 110592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-01-06 6703648]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-10 835584]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-12-03 35184]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-05 136600]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-12-18 317288]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-07 30192]
"DataCardMonitor"="c:\program files\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe" [2011-11-17 253952]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-10-19 258512]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-01-19 10:49        98304        ----a-w-        c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DocCreatorClient]
2009-11-24 09:56        292248        ----a-w-        c:\program files\Global Graphics\gDoc\DocCreatorClient.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MarketingTools]
2009-05-22 12:25        26112        ----a-w-        c:\program files\sony\Marketing Tools\MarketingTools.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2011-07-11 21:47        74752        ----a-w-        c:\program files\Winamp\winampa.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 DCMessages;DCMessages;c:\windows\System32\DCMessages.exe [2009-11-24 99720]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2009-10-20 112640]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-07-07 30192]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 101120]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-01-20 120104]
R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-01-20 70952]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-01-20 390440]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-01-20 75048]
R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-01-20 91432]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-01-19 394536]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2009-01-16 83240]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WSDPrintDevice;WSD-Druckunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 16896]
R4 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2009-08-16 222968]
R4 uCamMonitor;CamMonitor;c:\program files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-10-19 36000]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-10-19 86224]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 NSUService;NSUService;c:\program files\sony\Network Utility\NSUService.exe [2008-12-21 303104]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 11032]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2008-12-19 415592]
S2 VCFw;VAIO Content Folder Watcher;c:\program files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-01-14 5184872]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2008-04-24 17920]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2008-11-19 9344]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2010-09-14 577384]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2010-09-14 194408]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2010-09-14 21864]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2010-09-14 19304]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - BMLoad
.
Inhalt des "geplante Tasks" Ordners
.
2011-11-24 c:\windows\Tasks\User_Feed_Synchronization-{80F93F21-F4C3-4009-A3A0-903D5D0B5F68}.job
- c:\windows\system32\msfeedssync.exe [2011-11-24 04:47]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNYT&bmod=SNYT
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: Free YouTube to MP3 Converter - c:\users\Alina\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Alina\AppData\Roaming\Mozilla\Firefox\Profiles\tfpkrk08.default\
FF - prefs.js: browser.search.defaulturl - hxxp://plasmoo.com/result.htm?SearchMashine=true&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://plasmoo.com/result.htm?q=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 61455
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2011-11-24 18:34
Windows 6.0.6001 Service Pack 1 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  DataCardMonitor = c:\program files\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe?mp?CE\Co)??#t?????*???*?/??$}???(?2?????????????????????W??]{????:*???*?am Files\T-Mobile\T-Mobile Internet Manager\????c:\users????v???c:\Program Files\T-Mobile\T-Mobile Internet Mana
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000042
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\sony\VAIO Event Service\VESMgr.exe
c:\windows\system32\DllHost.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\windows\system32\WUDFHost.exe
c:\program files\sony\VAIO Event Service\VESMgrSub.exe
c:\windows\system32\DllHost.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
c:\program files\Sony\VAIO Power Management\SPMgr.exe
c:\windows\system32\conime.exe
c:\program files\Sony\VAIO Update 4\VAIOUpdt.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-11-24  18:37:56 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-11-24 17:37
ComboFix2.txt  2011-11-24 13:00
.
Vor Suchlauf: 13 Verzeichnis(se), 209.718.493.184 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 209.584.328.704 Bytes frei
.
- - End Of File - - B2C27F9E69514CFB45042A0CE02E9354
--- --- ---

markusg 24.11.2011 19:01
ok nen zwischenstand bitte, wie läuft das system, welche probleme gibts noch

Hoschi2k 24.11.2011 19:08
So, ich seh keine Verdächtigen Tasks mehr.
Ich konnte Avira updaten und würde jetzt mal die Windowsupdates fahren.
Mir scheint er zwar noch etwas langsam aber ich weiss auch nicht wie der vorher lief.

markusg 24.11.2011 19:43
jo wir sind ja noch nicht durch.

download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
lösche niths, nur log posten

Hoschi2k 24.11.2011 19:54
Bitte schön

TDSSKILLER Log
Zitat:
19:48:43.0899 4948 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
19:48:44.0211 4948 ============================================================
19:48:44.0211 4948 Current date / time: 2011/11/24 19:48:44.0211
19:48:44.0211 4948 SystemInfo:
19:48:44.0211 4948
19:48:44.0211 4948 OS Version: 6.0.6001 ServicePack: 1.0
19:48:44.0211 4948 Product type: Workstation
19:48:44.0211 4948 ComputerName: ALINA-LAPTOP
19:48:44.0211 4948 UserName: Alina
19:48:44.0211 4948 Windows directory: C:\Windows
19:48:44.0211 4948 System windows directory: C:\Windows
19:48:44.0211 4948 Processor architecture: Intel x86
19:48:44.0211 4948 Number of processors: 2
19:48:44.0211 4948 Page size: 0x1000
19:48:44.0211 4948 Boot type: Normal boot
19:48:44.0211 4948 ============================================================
19:48:44.0991 4948 Initialize success
19:49:09.0186 5596 ============================================================
19:49:09.0186 5596 Scan started
19:49:09.0186 5596 Mode: Manual; SigCheck; TDLFS;
19:49:09.0186 5596 ============================================================
19:49:11.0136 5596 61883 (585e64bb6dfbc0a2f1f0b554ded012df) C:\Windows\system32\DRIVERS\61883.sys
19:49:11.0495 5596 61883 - ok
19:49:11.0651 5596 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
19:49:11.0667 5596 ACPI - ok
19:49:11.0776 5596 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
19:49:11.0854 5596 adp94xx - ok
19:49:12.0072 5596 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
19:49:12.0135 5596 adpahci - ok
19:49:12.0337 5596 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
19:49:12.0400 5596 adpu160m - ok
19:49:12.0509 5596 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
19:49:12.0556 5596 adpu320 - ok
19:49:12.0712 5596 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
19:49:12.0805 5596 AFD - ok
19:49:12.0961 5596 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
19:49:12.0977 5596 agp440 - ok
19:49:13.0055 5596 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
19:49:13.0071 5596 aic78xx - ok
19:49:13.0164 5596 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
19:49:13.0180 5596 aliide - ok
19:49:13.0273 5596 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
19:49:13.0289 5596 amdagp - ok
19:49:13.0414 5596 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
19:49:13.0445 5596 amdide - ok
19:49:13.0523 5596 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
19:49:13.0617 5596 AmdK7 - ok
19:49:13.0788 5596 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
19:49:13.0866 5596 AmdK8 - ok
19:49:14.0007 5596 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
19:49:14.0022 5596 arc - ok
19:49:14.0085 5596 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
19:49:14.0116 5596 arcsas - ok
19:49:14.0209 5596 ArcSoftKsUFilter (857b48965a0503b7ab795d4bfe7cbd8b) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
19:49:14.0303 5596 ArcSoftKsUFilter - ok
19:49:14.0381 5596 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
19:49:14.0475 5596 AsyncMac - ok
19:49:14.0553 5596 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
19:49:14.0584 5596 atapi - ok
19:49:14.0740 5596 athr (1ea05449220e3d755477ce517a83846b) C:\Windows\system32\DRIVERS\athr.sys
19:49:14.0911 5596 athr - ok
19:49:15.0255 5596 atikmdag (9f66d1ba97911731133e46212539a08d) C:\Windows\system32\DRIVERS\atikmdag.sys
19:49:15.0613 5596 atikmdag - ok
19:49:15.0832 5596 Avc (f4b56425a00beb32f5fa6603ff7b0ea2) C:\Windows\system32\DRIVERS\avc.sys
19:49:15.0925 5596 Avc - ok
19:49:16.0097 5596 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
19:49:16.0113 5596 avgntflt - ok
19:49:16.0222 5596 avipbb (912d23140cd05980f6cdae790ddafc8d) C:\Windows\system32\DRIVERS\avipbb.sys
19:49:16.0237 5596 avipbb - ok
19:49:16.0378 5596 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
19:49:16.0378 5596 avkmgr - ok
19:49:16.0503 5596 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
19:49:16.0565 5596 Beep - ok
19:49:16.0752 5596 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
19:49:16.0799 5596 blbdrive - ok
19:49:17.0220 5596 BMLoad (d002033c1a37f6af51b5f0ba6d0211bc) C:\Windows\system32\drivers\BMLoad.sys
19:49:17.0267 5596 BMLoad ( UnsignedFile.Multi.Generic ) - warning
19:49:17.0267 5596 BMLoad - detected UnsignedFile.Multi.Generic (1)
19:49:17.0407 5596 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
19:49:17.0485 5596 bowser - ok
19:49:17.0751 5596 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
19:49:17.0875 5596 BrFiltLo - ok
19:49:18.0000 5596 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
19:49:18.0063 5596 BrFiltUp - ok
19:49:18.0187 5596 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
19:49:18.0499 5596 Brserid - ok
19:49:18.0624 5596 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
19:49:18.0718 5596 BrSerWdm - ok
19:49:18.0827 5596 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
19:49:18.0905 5596 BrUsbMdm - ok
19:49:19.0014 5596 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
19:49:19.0092 5596 BrUsbSer - ok
19:49:19.0279 5596 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
19:49:19.0357 5596 BTHMODEM - ok
19:49:19.0404 5596 catchme - ok
19:49:19.0513 5596 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
19:49:19.0560 5596 cdfs - ok
19:49:19.0685 5596 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
19:49:19.0763 5596 cdrom - ok
19:49:20.0028 5596 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
19:49:20.0106 5596 circlass - ok
19:49:20.0340 5596 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
19:49:20.0418 5596 CLFS - ok
19:49:20.0683 5596 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
19:49:20.0746 5596 CmBatt - ok
19:49:20.0871 5596 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
19:49:20.0902 5596 cmdide - ok
19:49:21.0105 5596 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
19:49:21.0136 5596 Compbatt - ok
19:49:21.0354 5596 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
19:49:21.0385 5596 crcdisk - ok
19:49:21.0619 5596 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
19:49:21.0697 5596 Crusoe - ok
19:49:21.0978 5596 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
19:49:22.0009 5596 DfsC - ok
19:49:22.0243 5596 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
19:49:22.0275 5596 disk - ok
19:49:22.0399 5596 DMICall (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys
19:49:22.0415 5596 DMICall - ok
19:49:22.0571 5596 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
19:49:22.0665 5596 drmkaud - ok
19:49:22.0805 5596 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
19:49:22.0914 5596 DXGKrnl - ok
19:49:23.0086 5596 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
19:49:23.0133 5596 E1G60 - ok
19:49:23.0304 5596 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
19:49:23.0351 5596 Ecache - ok
19:49:23.0523 5596 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
19:49:23.0632 5596 elxstor - ok
19:49:23.0788 5596 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
19:49:23.0850 5596 ErrDev - ok
19:49:24.0084 5596 ewusbnet (1fc8c55255d197aa3a423624786d090c) C:\Windows\system32\DRIVERS\ewusbnet.sys
19:49:24.0147 5596 ewusbnet - ok
19:49:24.0303 5596 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
19:49:24.0365 5596 exfat - ok
19:49:24.0521 5596 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
19:49:24.0583 5596 fastfat - ok
19:49:24.0864 5596 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
19:49:24.0958 5596 fdc - ok
19:49:25.0161 5596 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
19:49:25.0192 5596 FileInfo - ok
19:49:25.0332 5596 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
19:49:25.0426 5596 Filetrace - ok
19:49:25.0551 5596 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
19:49:25.0613 5596 flpydisk - ok
19:49:25.0800 5596 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
19:49:25.0863 5596 FltMgr - ok
19:49:26.0065 5596 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
19:49:26.0128 5596 Fs_Rec - ok
19:49:26.0284 5596 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
19:49:26.0331 5596 gagp30kx - ok
19:49:26.0533 5596 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
19:49:26.0674 5596 HdAudAddService - ok
19:49:26.0845 5596 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:49:26.0955 5596 HDAudBus - ok
19:49:27.0173 5596 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
19:49:27.0251 5596 HidBth - ok
19:49:27.0454 5596 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
19:49:27.0532 5596 HidIr - ok
19:49:27.0641 5596 HidUsb (e2b5bd48afcc0f0974fb44641b223250) C:\Windows\system32\DRIVERS\hidusb.sys
19:49:27.0688 5596 HidUsb - ok
19:49:27.0844 5596 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
19:49:27.0859 5596 HpCISSs - ok
19:49:28.0203 5596 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
19:49:28.0249 5596 HSFHWAZL - ok
19:49:28.0421 5596 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
19:49:28.0577 5596 HSF_DPV - ok
19:49:28.0702 5596 HSXHWAZL - ok
19:49:28.0811 5596 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
19:49:28.0905 5596 HTTP - ok
19:49:29.0061 5596 hwdatacard (0515065a3c7e8869dd01253e987c5bd1) C:\Windows\system32\DRIVERS\ewusbmdm.sys
19:49:29.0185 5596 hwdatacard - ok
19:49:29.0388 5596 hwusbdev (a259d3619aa23d4562581067f85e2006) C:\Windows\system32\DRIVERS\ewusbdev.sys
19:49:29.0451 5596 hwusbdev - ok
19:49:29.0653 5596 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
19:49:29.0700 5596 i2omp - ok
19:49:29.0872 5596 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
19:49:29.0934 5596 i8042prt - ok
19:49:30.0075 5596 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\Windows\system32\DRIVERS\iaStor.sys
19:49:30.0090 5596 iaStor - ok
19:49:30.0184 5596 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
19:49:30.0231 5596 iaStorV - ok
19:49:30.0465 5596 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
19:49:30.0511 5596 iirsp - ok
19:49:30.0714 5596 IntcAzAudAddService (3aa1f82efa2b0454af163124c9920d16) C:\Windows\system32\drivers\RTKVHDA.sys
19:49:30.0933 5596 IntcAzAudAddService - ok
19:49:31.0073 5596 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
19:49:31.0104 5596 intelide - ok
19:49:31.0229 5596 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
19:49:31.0276 5596 intelppm - ok
19:49:31.0447 5596 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:49:31.0494 5596 IpFilterDriver - ok
19:49:31.0666 5596 IpInIp - ok
19:49:31.0759 5596 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
19:49:31.0837 5596 IPMIDRV - ok
19:49:31.0993 5596 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
19:49:32.0071 5596 IPNAT - ok
19:49:32.0196 5596 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
19:49:32.0274 5596 IRENUM - ok
19:49:32.0399 5596 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
19:49:32.0430 5596 isapnp - ok
19:49:32.0617 5596 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
19:49:32.0649 5596 iScsiPrt - ok
19:49:32.0820 5596 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
19:49:32.0851 5596 iteatapi - ok
19:49:32.0945 5596 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
19:49:32.0961 5596 iteraid - ok
19:49:33.0085 5596 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
19:49:33.0117 5596 kbdclass - ok
19:49:33.0226 5596 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
19:49:33.0273 5596 kbdhid - ok
19:49:33.0397 5596 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
19:49:33.0491 5596 KSecDD - ok
19:49:33.0709 5596 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
19:49:33.0772 5596 lltdio - ok
19:49:33.0912 5596 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
19:49:33.0943 5596 LSI_FC - ok
19:49:34.0084 5596 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
19:49:34.0115 5596 LSI_SAS - ok
19:49:34.0302 5596 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
19:49:34.0333 5596 LSI_SCSI - ok
19:49:34.0677 5596 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
19:49:34.0770 5596 luafv - ok
19:49:34.0926 5596 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
19:49:34.0973 5596 MBAMProtector - ok
19:49:35.0145 5596 MBAMSwissArmy - ok
19:49:35.0457 5596 mdmxsdk - ok
19:49:35.0691 5596 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
19:49:35.0737 5596 megasas - ok
19:49:35.0940 5596 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
19:49:36.0096 5596 MegaSR - ok
19:49:36.0315 5596 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
19:49:36.0377 5596 Modem - ok
19:49:36.0517 5596 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
19:49:36.0564 5596 monitor - ok
19:49:36.0689 5596 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
19:49:36.0720 5596 mouclass - ok
19:49:36.0845 5596 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
19:49:36.0907 5596 mouhid - ok
19:49:37.0048 5596 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
19:49:37.0079 5596 MountMgr - ok
19:49:37.0188 5596 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
19:49:37.0219 5596 mpio - ok
19:49:37.0609 5596 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
19:49:37.0734 5596 mpsdrv - ok
19:49:38.0077 5596 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
19:49:38.0202 5596 Mraid35x - ok
19:49:38.0343 5596 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
19:49:38.0421 5596 MRxDAV - ok
19:49:38.0530 5596 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:49:38.0592 5596 mrxsmb - ok
19:49:38.0748 5596 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:49:38.0889 5596 mrxsmb10 - ok
19:49:39.0013 5596 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:49:39.0060 5596 mrxsmb20 - ok
19:49:39.0201 5596 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
19:49:39.0247 5596 msahci - ok
19:49:39.0372 5596 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
19:49:39.0435 5596 msdsm - ok
19:49:39.0575 5596 MSDV (343291a4dfd7c923c3f71f550830ec1c) C:\Windows\system32\DRIVERS\msdv.sys
19:49:39.0637 5596 MSDV - ok
19:49:39.0762 5596 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
19:49:39.0825 5596 Msfs - ok
19:49:39.0965 5596 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
19:49:39.0996 5596 msisadrv - ok
19:49:40.0230 5596 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
19:49:40.0277 5596 MSKSSRV - ok
19:49:40.0542 5596 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
19:49:40.0589 5596 MSPCLOCK - ok
19:49:40.0792 5596 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
19:49:40.0839 5596 MSPQM - ok
19:49:40.0995 5596 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
19:49:41.0026 5596 MsRPC - ok
19:49:41.0307 5596 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
19:49:41.0307 5596 mssmbios - ok
19:49:41.0431 5596 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
19:49:41.0494 5596 MSTEE - ok
19:49:41.0775 5596 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
19:49:41.0821 5596 Mup - ok
19:49:41.0915 5596 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
19:49:41.0977 5596 NativeWifiP - ok
19:49:42.0321 5596 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
19:49:42.0383 5596 NDIS - ok
19:49:42.0523 5596 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
19:49:42.0570 5596 NdisTapi - ok
19:49:42.0664 5596 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
19:49:42.0711 5596 Ndisuio - ok
19:49:42.0851 5596 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
19:49:42.0898 5596 NdisWan - ok
19:49:42.0976 5596 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
19:49:43.0023 5596 NDProxy - ok
19:49:43.0132 5596 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
19:49:43.0179 5596 NetBIOS - ok
19:49:43.0272 5596 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
19:49:43.0335 5596 netbt - ok
19:49:43.0537 5596 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
19:49:43.0553 5596 nfrd960 - ok
19:49:43.0678 5596 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
19:49:43.0725 5596 Npfs - ok
19:49:43.0834 5596 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
19:49:43.0865 5596 nsiproxy - ok
19:49:44.0005 5596 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
19:49:44.0130 5596 Ntfs - ok
19:49:44.0255 5596 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
19:49:44.0333 5596 ntrigdigi - ok
19:49:44.0442 5596 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
19:49:44.0505 5596 Null - ok
19:49:44.0723 5596 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
19:49:44.0739 5596 nvraid - ok
19:49:44.0926 5596 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
19:49:44.0941 5596 nvstor - ok
19:49:45.0051 5596 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
19:49:45.0082 5596 nv_agp - ok
19:49:45.0160 5596 NwlnkFlt - ok
19:49:45.0253 5596 NwlnkFwd - ok
19:49:45.0394 5596 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
19:49:45.0425 5596 ohci1394 - ok
19:49:45.0581 5596 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
19:49:45.0659 5596 Parport - ok
19:49:45.0815 5596 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
19:49:45.0877 5596 partmgr - ok
19:49:45.0987 5596 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
19:49:46.0065 5596 Parvdm - ok
19:49:46.0189 5596 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
19:49:46.0205 5596 pci - ok
19:49:46.0361 5596 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
19:49:46.0392 5596 pciide - ok
19:49:46.0533 5596 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
19:49:46.0611 5596 pcmcia - ok
19:49:46.0767 5596 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
19:49:46.0954 5596 PEAUTH - ok
19:49:47.0328 5596 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
19:49:47.0391 5596 PptpMiniport - ok
19:49:47.0625 5596 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
19:49:47.0749 5596 Processor - ok
19:49:48.0077 5596 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
19:49:48.0186 5596 PSched - ok
19:49:48.0826 5596 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
19:49:48.0873 5596 PxHelp20 - ok
19:49:49.0169 5596 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
19:49:49.0512 5596 ql2300 - ok
19:49:49.0621 5596 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
19:49:49.0653 5596 ql40xx - ok
19:49:49.0793 5596 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
19:49:49.0855 5596 QWAVEdrv - ok
19:49:49.0933 5596 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
19:49:49.0996 5596 RasAcd - ok
19:49:50.0105 5596 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:49:50.0183 5596 Rasl2tp - ok
19:49:50.0479 5596 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
19:49:50.0526 5596 RasPppoe - ok
19:49:50.0713 5596 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
19:49:50.0760 5596 RasSstp - ok
19:49:50.0916 5596 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
19:49:50.0994 5596 rdbss - ok
19:49:51.0103 5596 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:49:51.0150 5596 RDPCDD - ok
19:49:51.0291 5596 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
19:49:51.0431 5596 rdpdr - ok
19:49:51.0587 5596 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
19:49:51.0634 5596 RDPENCDD - ok
19:49:51.0759 5596 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
19:49:51.0852 5596 RDPWD - ok
19:49:51.0977 5596 regi (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
19:49:51.0993 5596 regi - ok
19:49:52.0133 5596 rimsptsk (f7d9ecf41ebd3cf6c65944368150f66b) C:\Windows\system32\DRIVERS\rimsptsk.sys
19:49:52.0149 5596 rimsptsk - ok
19:49:52.0320 5596 risdptsk (1be6c42767a7c67ba31ae32b293b37a3) C:\Windows\system32\DRIVERS\risdptsk.sys
19:49:52.0351 5596 risdptsk - ok
19:49:52.0617 5596 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
19:49:52.0663 5596 rspndr - ok
19:49:52.0788 5596 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
19:49:52.0804 5596 sbp2port - ok
19:49:52.0913 5596 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
19:49:52.0975 5596 sdbus - ok
19:49:53.0038 5596 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:49:53.0147 5596 secdrv - ok
19:49:53.0303 5596 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
19:49:53.0365 5596 Serenum - ok
19:49:53.0537 5596 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
19:49:53.0646 5596 Serial - ok
19:49:53.0865 5596 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
19:49:53.0911 5596 sermouse - ok
19:49:54.0099 5596 SFEP (8b7c1768d2cde2e02e09a66563ddfd16) C:\Windows\system32\DRIVERS\SFEP.sys
19:49:54.0145 5596 SFEP - ok
19:49:54.0223 5596 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
19:49:54.0286 5596 sffdisk - ok
19:49:54.0364 5596 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
19:49:54.0442 5596 sffp_mmc - ok
19:49:54.0567 5596 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
19:49:54.0613 5596 sffp_sd - ok
19:49:54.0738 5596 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys
19:49:54.0769 5596 sfloppy - ok
19:49:54.0941 5596 Sftfs (8f00cc8cacf83dce5b35079f615b0f12) C:\Windows\system32\DRIVERS\Sftfslh.sys
19:49:55.0066 5596 Sftfs - ok
19:49:55.0222 5596 Sftplay (afdb934586c4c8b2be39ae7eea6f52be) C:\Windows\system32\DRIVERS\Sftplaylh.sys
19:49:55.0284 5596 Sftplay - ok
19:49:55.0393 5596 Sftredir (6b1865d82e0290729ed7496c24275592) C:\Windows\system32\DRIVERS\Sftredirlh.sys
19:49:55.0393 5596 Sftredir - ok
19:49:55.0534 5596 Sftvol (621eccb1265a01ce2bdf6f2c5e727e2b) C:\Windows\system32\DRIVERS\Sftvollh.sys
19:49:55.0549 5596 Sftvol - ok
19:49:55.0643 5596 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
19:49:55.0674 5596 sisagp - ok
19:49:55.0783 5596 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
19:49:55.0815 5596 SiSRaid2 - ok
19:49:55.0924 5596 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
19:49:55.0955 5596 SiSRaid4 - ok
19:49:56.0142 5596 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
19:49:56.0189 5596 Smb - ok
19:49:56.0361 5596 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
19:49:56.0392 5596 spldr - ok
19:49:56.0548 5596 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
19:49:56.0595 5596 srv - ok
19:49:56.0673 5596 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
19:49:56.0735 5596 srv2 - ok
19:49:56.0844 5596 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
19:49:56.0907 5596 srvnet - ok
19:49:56.0985 5596 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
19:49:57.0031 5596 ssmdrv - ok
19:49:57.0156 5596 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
19:49:57.0172 5596 swenum - ok
19:49:57.0234 5596 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
19:49:57.0265 5596 Symc8xx - ok
19:49:57.0375 5596 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
19:49:57.0406 5596 Sym_hi - ok
19:49:57.0546 5596 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
19:49:57.0562 5596 Sym_u3 - ok
19:49:57.0687 5596 SynTP (99da94793332aadbb17bbb521ae56e21) C:\Windows\system32\DRIVERS\SynTP.sys
19:49:57.0718 5596 SynTP - ok
19:49:57.0858 5596 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
19:49:57.0967 5596 Tcpip - ok
19:49:58.0123 5596 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
19:49:58.0201 5596 Tcpip6 - ok
19:49:58.0451 5596 tcpipBM (dcfeb82ca988598ceb8f83148616038e) C:\Windows\system32\drivers\tcpipBM.sys
19:49:58.0467 5596 tcpipBM ( UnsignedFile.Multi.Generic ) - warning
19:49:58.0467 5596 tcpipBM - detected UnsignedFile.Multi.Generic (1)
19:49:58.0498 5596 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
19:49:58.0545 5596 tcpipreg - ok
19:49:58.0810 5596 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
19:49:58.0857 5596 TDPIPE - ok
19:49:58.0950 5596 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
19:49:59.0044 5596 TDTCP - ok
19:49:59.0184 5596 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
19:49:59.0371 5596 tdx - ok
19:49:59.0496 5596 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
19:49:59.0527 5596 TermDD - ok
19:49:59.0590 5596 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:49:59.0668 5596 tssecsrv - ok
19:49:59.0761 5596 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
19:49:59.0808 5596 tunmp - ok
19:49:59.0902 5596 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
19:49:59.0933 5596 tunnel - ok
19:50:00.0011 5596 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
19:50:00.0027 5596 uagp35 - ok
19:50:00.0089 5596 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
19:50:00.0120 5596 udfs - ok
19:50:00.0183 5596 UIUSys - ok
19:50:00.0229 5596 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
19:50:00.0245 5596 uliagpkx - ok
19:50:00.0385 5596 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
19:50:00.0401 5596 uliahci - ok
19:50:00.0479 5596 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
19:50:00.0495 5596 UlSata - ok
19:50:00.0651 5596 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
19:50:00.0651 5596 ulsata2 - ok
19:50:00.0744 5596 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
19:50:00.0807 5596 umbus - ok
19:50:00.0916 5596 usbccgp (a7cd5b4adea26765cab06bdab7b07b13) C:\Windows\system32\DRIVERS\usbccgp.sys
19:50:01.0025 5596 usbccgp - ok
19:50:01.0072 5596 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
19:50:01.0165 5596 usbcir - ok
19:50:01.0259 5596 usbehci (686d4188ae36254c3008b71fedacadf3) C:\Windows\system32\DRIVERS\usbehci.sys
19:50:01.0321 5596 usbehci - ok
19:50:01.0399 5596 usbhub (4e42f665a658f08d153f7fffe7c83806) C:\Windows\system32\DRIVERS\usbhub.sys
19:50:01.0477 5596 usbhub - ok
19:50:01.0618 5596 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
19:50:01.0680 5596 usbohci - ok
19:50:01.0758 5596 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
19:50:01.0789 5596 usbprint - ok
19:50:01.0992 5596 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:50:02.0023 5596 USBSTOR - ok
19:50:02.0179 5596 usbuhci (40f95a3d6d50d82f947f1d167c2ec39d) C:\Windows\system32\DRIVERS\usbuhci.sys
19:50:02.0242 5596 usbuhci - ok
19:50:02.0367 5596 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
19:50:02.0445 5596 usbvideo - ok
19:50:02.0663 5596 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
19:50:02.0725 5596 vga - ok
19:50:02.0788 5596 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
19:50:02.0835 5596 VgaSave - ok
19:50:02.0959 5596 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
19:50:02.0975 5596 viaagp - ok
19:50:03.0037 5596 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
19:50:03.0069 5596 ViaC7 - ok
19:50:03.0178 5596 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
19:50:03.0193 5596 viaide - ok
19:50:03.0318 5596 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
19:50:03.0349 5596 volmgr - ok
19:50:03.0443 5596 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
19:50:03.0459 5596 volmgrx - ok
19:50:03.0599 5596 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
19:50:03.0708 5596 volsnap - ok
19:50:03.0880 5596 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
19:50:03.0927 5596 vsmraid - ok
19:50:04.0036 5596 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
19:50:04.0129 5596 WacomPen - ok
19:50:04.0207 5596 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:50:04.0270 5596 Wanarp - ok
19:50:04.0285 5596 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:50:04.0301 5596 Wanarpv6 - ok
19:50:04.0426 5596 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
19:50:04.0441 5596 Wd - ok
19:50:04.0504 5596 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
19:50:04.0582 5596 Wdf01000 - ok
19:50:04.0722 5596 WimFltr (090a2b8f055343815556a01f725f6c35) C:\Windows\system32\DRIVERS\wimfltr.sys
19:50:04.0753 5596 WimFltr - ok
19:50:04.0909 5596 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
19:50:04.0987 5596 winachsf - ok
19:50:05.0143 5596 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
19:50:05.0190 5596 WmiAcpi - ok
19:50:05.0362 5596 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
19:50:05.0409 5596 WpdUsb - ok
19:50:05.0611 5596 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
19:50:05.0658 5596 ws2ifsl - ok
19:50:05.0799 5596 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys
19:50:05.0830 5596 WSDPrintDevice - ok
19:50:06.0048 5596 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:50:06.0111 5596 WUDFRd - ok
19:50:06.0251 5596 XAudio - ok
19:50:06.0454 5596 yukonwlh (7d4cca3659fa0780603206e3d12a993f) C:\Windows\system32\DRIVERS\yk60x86.sys
19:50:06.0501 5596 yukonwlh - ok
19:50:06.0625 5596 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
19:50:06.0844 5596 \Device\Harddisk0\DR0 - ok
19:50:06.0891 5596 Boot (0x1200) (4f9c9023db902c05a6414596105d8046) \Device\Harddisk0\DR0\Partition0
19:50:06.0922 5596 \Device\Harddisk0\DR0\Partition0 - ok
19:50:06.0922 5596 ============================================================
19:50:06.0922 5596 Scan finished
19:50:06.0922 5596 ============================================================
19:50:06.0969 4872 Detected object count: 2
19:50:06.0969 4872 Actual detected object count: 2
19:51:25.0321 4872 BMLoad ( UnsignedFile.Multi.Generic ) - skipped by user
19:51:25.0321 4872 BMLoad ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:51:25.0337 4872 tcpipBM ( UnsignedFile.Multi.Generic ) - skipped by user
19:51:25.0337 4872 tcpipBM ( UnsignedFile.Multi.Generic ) - User select action: Skip

markusg 24.11.2011 19:56
ok, was läuft genau langsam?

Hoschi2k 24.11.2011 20:01
na ich find das ganze system recht langsam, kann aber auch an Vista selber liegen, das möchte ich noch nie.
Er braucht auch recht lang beim hochfahren.
Aber wie gesagt hatte ich diesen Laptop vorher noch nie in der Hand, von daher kann ich auch nicht sagen wie schnell er lief.
Die Probleme scheinen alle weg zu sein.

markusg 24.11.2011 20:04
na lass uns lieber noch ein wenig tiefer schürfen.
poste mir mal ein frisches otl log.

Hoschi2k 24.11.2011 20:12
Bitte sehr, einmal ein frischer otl Log

OTL Logfile:
Code:
OTL logfile created on: 24.11.2011 20:05:13 - Run 2
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\Alina\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,97 Gb Total Physical Memory | 1,62 Gb Available Physical Memory | 54,56% Memory free
6,16 Gb Paging File | 4,73 Gb Available in Paging File | 76,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288,22 Gb Total Space | 192,63 Gb Free Space | 66,83% Space Free | Partition Type: NTFS
 
Computer Name: ALINA-LAPTOP | User Name: Alina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.11.24 09:00:26 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Alina\Desktop\OTL.exe
PRC - [2011.11.23 16:25:24 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.11.17 10:40:23 | 000,253,952 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Programme\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe
PRC - [2011.10.19 16:56:15 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.10.19 16:56:01 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.19 16:55:48 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.10.19 16:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.08.31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010.10.20 14:23:26 | 000,821,664 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
PRC - [2010.09.14 04:46:26 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010.09.14 04:46:16 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010.04.09 13:37:34 | 001,459,568 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Update 5\VAIOUpdt.exe
PRC - [2010.04.09 13:37:34 | 000,722,288 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Update 5\VUAgent.exe
PRC - [2009.12.31 14:13:52 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Users\Alina\AppData\Roaming\T-Mobile Internet Manager\ouc.exe
PRC - [2009.01.21 09:07:42 | 000,313,264 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2009.01.21 09:07:42 | 000,192,512 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2009.01.19 11:49:20 | 000,203,624 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Event Service\VESMgr.exe
PRC - [2009.01.19 11:49:20 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Event Service\VESMgrSub.exe
PRC - [2009.01.14 12:38:38 | 005,184,872 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2008.12.21 22:30:32 | 000,274,432 | ---- | M] (Sony Corporation) -- C:\Programme\sony\Network Utility\LANUtil.exe
PRC - [2008.12.21 20:55:06 | 000,303,104 | ---- | M] (Sony Corporation) -- C:\Programme\sony\Network Utility\NSUService.exe
PRC - [2008.12.19 14:02:08 | 001,771,368 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Power Management\SPMgr.exe
PRC - [2008.12.19 14:02:08 | 000,415,592 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Power Management\SPMService.exe
PRC - [2008.12.18 09:53:50 | 000,317,288 | ---- | M] (Sony Corporation) -- C:\Programme\sony\ISB Utility\ISBMgr.exe
PRC - [2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.01.21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.21 03:23:29 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2007.10.28 10:35:48 | 000,425,984 | ---- | M] (Bao_Nguyen) -- C:\Programme\Switcher\Switcher.exe
PRC - [2007.01.04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.11.23 16:25:24 | 001,989,592 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2011.11.07 12:19:44 | 000,076,800 | ---- | M] () -- C:\Users\Alina\AppData\Roaming\Mozilla\Firefox\Profiles\tfpkrk08.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCoreGecko8.dll
MOD - [2011.07.06 11:31:45 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\bf3b757c821a36e6a9c7c1988b39a15d\System.IdentityModel.Selectors.ni.dll
MOD - [2011.07.06 11:31:44 | 001,070,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\3fb6b9b320c78fa02be3fa8ce26b7559\System.IdentityModel.ni.dll
MOD - [2011.07.06 11:31:43 | 002,345,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\0393b1448497e28ae9bbfed9be19bd3e\System.Runtime.Serialization.ni.dll
MOD - [2011.07.06 11:31:40 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\06bb41fe681650a017fa2c99e197edf0\SMDiagnostics.ni.dll
MOD - [2011.07.06 11:31:39 | 017,403,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\0dd1924dbe8ac43b923a28409d351619\System.ServiceModel.ni.dll
MOD - [2011.07.06 11:30:54 | 011,800,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0a1195c6b5fab213527364c9e8b26ef0\System.Web.ni.dll
MOD - [2011.07.06 11:30:46 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1ba19f8efcff8ad7f972aa38ab9a15f5\System.Runtime.Remoting.ni.dll
MOD - [2011.07.06 11:30:29 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\aa3e053d433c48e1e8c3f436b4de1ed3\System.Configuration.ni.dll
MOD - [2011.07.06 11:30:27 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d9228d58804dfd75fd92a4d12ffac8af\Accessibility.ni.dll
MOD - [2011.07.06 11:29:02 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll
MOD - [2011.07.06 11:28:45 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll
MOD - [2011.07.06 11:28:35 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll
MOD - [2011.07.06 11:27:21 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll
MOD - [2011.07.06 11:27:09 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2011.05.28 22:04:56 | 000,140,288 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2010.12.12 19:11:01 | 005,971,408 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2010.04.09 13:37:32 | 000,065,536 | ---- | M] () -- C:\Programme\sony\VAIO Update 5\VUAgentPS.dll
MOD - [2009.05.22 13:01:32 | 001,687,552 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3120.40644__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2009.05.22 13:01:32 | 000,270,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3120.40600__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2009.05.22 13:01:32 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3120.40658__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2009.05.22 13:01:32 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3120.40816__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2009.05.22 13:01:32 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3120.40780__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2009.05.22 13:01:32 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3120.40636__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2009.05.22 13:01:32 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3120.40744__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2009.05.22 13:01:32 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3120.40622__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2009.05.22 13:01:31 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3120.40847__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2009.05.22 13:01:15 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3120.40854__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2009.05.22 13:01:15 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3120.40615__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2009.05.22 13:01:14 | 000,806,912 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3120.40747__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2009.05.22 13:01:14 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3120.40806__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2009.05.22 13:01:14 | 000,348,160 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3120.40788__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2009.05.22 13:01:14 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3120.40794__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2009.05.22 13:01:14 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3120.40746__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2009.05.22 13:01:14 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3120.40787__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2009.05.22 13:01:13 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3120.40669__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2009.05.22 13:01:13 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3120.40623__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2009.05.22 13:01:13 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3120.40774__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2009.05.22 13:01:13 | 000,376,832 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3120.40745__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2009.05.22 13:01:13 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3120.40675__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2009.05.22 13:01:13 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3120.40664__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2009.05.22 13:01:13 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3120.40762__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2009.05.22 13:01:13 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3120.40744__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2009.05.22 13:01:13 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3120.40675__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2009.05.22 13:01:13 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3120.40745__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2009.05.22 13:01:13 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3120.40761__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2009.05.22 13:01:13 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3120.40773__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2009.05.22 13:01:13 | 000,008,192 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3120.40587__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2009.05.22 13:01:13 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3120.40582__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2009.05.22 13:01:13 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2009.05.22 13:01:13 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3120.40845__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2009.05.22 13:01:13 | 000,006,144 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3120.40587__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2009.05.22 13:01:13 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3120.40600__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2009.05.22 13:01:13 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3120.40588__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2009.05.22 13:01:12 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3120.40581__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2009.05.22 13:01:12 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3120.40583__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2009.05.22 13:01:12 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2009.05.22 13:01:12 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3120.40846__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2009.05.22 13:01:12 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3120.40837__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2009.05.22 13:01:12 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3120.40583__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2009.05.22 13:01:12 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3120.40583__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2009.05.22 13:01:12 | 000,019,968 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3120.40580__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2009.05.22 13:01:12 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2009.05.22 13:01:12 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2009.05.22 13:01:12 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3120.40636__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2009.05.22 13:01:12 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3120.40614__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2009.05.22 13:01:12 | 000,015,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3120.40582__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2009.05.22 13:01:12 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3120.40582__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2009.05.22 13:01:12 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3120.40598__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2009.05.22 13:01:12 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3120.40599__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2009.05.22 13:01:12 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3120.40584__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2009.05.22 13:01:12 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3120.40585__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2009.05.22 13:01:12 | 000,005,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3120.40599__90ba9c70f846762e\DEM.OS.dll
MOD - [2009.05.22 13:01:11 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3120.40816__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2009.05.22 13:01:11 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3120.40786__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2009.05.22 13:01:11 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3120.40746__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2009.05.22 13:01:11 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3120.40745__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2009.05.22 13:01:11 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3120.40642__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2009.05.22 13:01:11 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3120.40780__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2009.05.22 13:01:11 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3120.40621__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2009.05.22 13:01:11 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3120.40621__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2009.05.22 13:01:11 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3120.40621__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2009.05.22 13:01:11 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3120.40642__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2009.05.22 13:01:11 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3120.40761__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2009.05.22 13:01:11 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2009.05.22 13:01:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3120.40599__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2009.05.22 13:01:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3120.40582__90ba9c70f846762e\APM.Foundation.dll
MOD - [2009.05.22 13:01:11 | 000,006,144 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3120.40589__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2009.05.22 13:01:05 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory.resources\2.0.3120.40592_de_90ba9c70f846762e\CLI.Component.SkinFactory.resources.dll
MOD - [2009.05.22 13:01:04 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3120.40837__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2009.05.22 13:01:04 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3120.40867__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2009.05.22 13:01:04 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3120.40585__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2009.05.22 13:01:04 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3120.40584__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2009.05.22 13:01:04 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2009.05.22 13:01:04 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2009.05.22 13:01:04 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3120.40878__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2009.05.22 13:01:04 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3120.40588__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009.05.22 13:01:04 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3120.40591__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2009.05.22 13:01:04 | 000,005,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.3120.40829_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll
MOD - [2009.05.22 13:01:03 | 000,995,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3120.40608__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2009.05.22 13:01:03 | 000,417,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3120.40829__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2009.05.22 13:01:03 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3120.40629__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2009.05.22 13:01:03 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3120.40599__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2009.05.22 13:01:03 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3120.40836__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2009.05.22 13:01:03 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3120.40590__90ba9c70f846762e\APM.Server.dll
MOD - [2009.05.22 13:01:03 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3120.40592__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2009.05.22 13:01:03 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3120.40591__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2009.05.22 13:01:03 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3120.40587__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2009.05.22 13:01:03 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3120.40589__90ba9c70f846762e\AEM.Server.dll
MOD - [2009.05.22 13:01:03 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3120.40586__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2009.05.22 13:01:03 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3120.40607__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2009.05.22 13:01:03 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009.05.22 13:01:03 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3120.40837__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2009.05.22 13:01:03 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3120.40629__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2009.05.22 13:01:03 | 000,010,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3120.40607__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2009.05.22 13:01:03 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3120.40650__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2009.03.05 11:34:55 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SPMDam\3.1.0.6020__1b3c579b6925895f\SPMDam.dll
MOD - [2009.03.05 11:34:47 | 000,086,016 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SPMCommon\3.1.0.6020__e3c7096ba83f9295\SPMCommon.dll
MOD - [2009.01.06 21:14:43 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008.08.26 10:41:42 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2008.07.27 19:03:08 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2008.07.27 19:03:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.07.04 03:02:58 | 000,487,424 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] --  -- (XAudioService)
SRV - File not found [On_Demand | Stopped] --  -- (McSysmon)
SRV - File not found [Unknown | Stopped] --  -- (McShield)
SRV - [2011.10.19 16:56:01 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.19 16:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010.09.14 04:46:26 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010.09.14 04:46:16 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010.04.09 13:37:34 | 000,722,288 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\sony\VAIO Update 5\VUAgent.exe -- (VUAgent)
SRV - [2009.11.24 10:55:54 | 000,099,720 | ---- | M] (Global Graphics Software Ltd) [On_Demand | Stopped] -- C:\Windows\System32\DCMessages.exe -- (DCMessages)
SRV - [2009.08.16 13:01:16 | 000,222,968 | ---- | M] () [Disabled | Stopped] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.02.06 16:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.01.21 09:07:44 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2009.01.21 09:07:42 | 000,313,264 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2009.01.21 09:07:42 | 000,192,512 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2009.01.20 10:56:06 | 000,120,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2009.01.20 10:52:18 | 000,091,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr)
SRV - [2009.01.20 10:51:48 | 000,075,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2009.01.20 10:51:18 | 000,390,440 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2009.01.20 10:50:48 | 000,070,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr)
SRV - [2009.01.19 15:43:04 | 000,394,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2009.01.19 11:49:20 | 000,203,624 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2009.01.16 20:59:08 | 000,083,240 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2009.01.14 12:38:38 | 005,184,872 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2009.01.07 23:10:32 | 000,114,688 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2008.12.21 20:55:06 | 000,303,104 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\sony\Network Utility\NSUService.exe -- (NSUService)
SRV - [2008.12.19 14:02:08 | 000,415,592 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV - [2008.09.18 09:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Disabled | Stopped] -- C:\Programme\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2007.01.04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.10.19 16:56:15 | 000,134,344 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.10.19 16:56:15 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.19 16:56:15 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.08.31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010.09.14 04:46:26 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2010.09.14 04:46:22 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2010.09.14 04:46:18 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2010.09.14 04:46:14 | 000,577,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.10.20 18:47:56 | 000,112,640 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009.10.12 15:22:56 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009.09.10 14:55:58 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.01.06 21:14:38 | 003,847,168 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.11.24 23:41:52 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2008.11.19 01:08:46 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2008.10.23 01:02:29 | 000,937,984 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.10.23 01:02:23 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\risdptsk.sys -- (risdptsk)
DRV - [2008.10.23 01:02:02 | 000,068,608 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008.10.09 13:50:04 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2008.06.07 01:02:55 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2008.04.24 13:06:40 | 000,017,920 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2008.01.21 03:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007.04.17 19:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Plasmoo"
FF - prefs.js..browser.search.defaultthis.engineName: "Plasmoo"
FF - prefs.js..browser.search.defaulturl: "hxxp://plasmoo.com/result.htm?SearchMashine=true&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: engine@plasmoo.com:1.0.0.32
FF - prefs.js..extensions.enabledItems: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.4.0
FF - prefs.js..keyword.URL: "hxxp://plasmoo.com/result.htm?q="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 61455
FF - prefs.js..network.proxy.type: 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Users\Alina\Documents\DivX2\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.23 16:25:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.11.23 16:25:25 | 000,000,000 | ---D | M]
 
[2010.04.23 15:02:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alina\AppData\Roaming\mozilla\Extensions
[2011.11.24 08:28:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alina\AppData\Roaming\mozilla\Firefox\Profiles\tfpkrk08.default\extensions
[2010.04.23 15:03:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Alina\AppData\Roaming\mozilla\Firefox\Profiles\tfpkrk08.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.11.23 16:26:02 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Users\Alina\AppData\Roaming\mozilla\Firefox\Profiles\tfpkrk08.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2011.11.23 16:26:04 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Alina\AppData\Roaming\mozilla\Firefox\Profiles\tfpkrk08.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.12.22 19:04:17 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Alina\AppData\Roaming\mozilla\Firefox\Profiles\tfpkrk08.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.11.24 08:28:52 | 000,000,000 | ---D | M] (BitDefender QuickScan) -- C:\Users\Alina\AppData\Roaming\mozilla\Firefox\Profiles\tfpkrk08.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2011.04.27 09:00:26 | 000,000,000 | ---D | M] (Plasmoo Search Engine) -- C:\Users\Alina\AppData\Roaming\mozilla\Firefox\Profiles\tfpkrk08.default\extensions\engine@plasmoo.com
[2011.04.20 16:40:20 | 000,001,976 | ---- | M] () -- C:\Users\Alina\AppData\Roaming\Mozilla\Firefox\Profiles\tfpkrk08.default\searchplugins\plasmoo.xml
[2011.11.23 16:22:57 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.04.20 10:40:44 | 000,000,000 | ---D | M] (Skype extension) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011.11.23 16:25:25 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.07.11 22:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2011.11.23 16:25:22 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.11.23 16:25:22 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.11.23 16:25:22 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.11.23 16:25:22 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.11.23 16:25:22 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.11.23 16:25:22 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.11.24 18:02:54 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DataCardMonitor] C:\Programme\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] C:\Program Files\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)
O4 - HKCU..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation)
O4 - HKCU..\Run: [Switcher] C:\Program Files\Switcher\Switcher.exe (Bao_Nguyen)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Alina\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C4E0930C-1F45-467B-8FA1-F259EAB8AE21}: DhcpNameServer = 10.129.32.1 10.111.81.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FFB88951-945D-4CFC-B9DA-725BBC986932}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\saphtmlp {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Programme\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP, Walldorf)
O18 - Protocol\Handler\sapr3 {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Programme\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP, Walldorf)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) -C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\Alina\Pictures\Amerika 2010\Bilder fürs Fotobuch\IMG_0218.JPG
O24 - Desktop BackupWallPaper: C:\Users\Alina\Pictures\Amerika 2010\Bilder fürs Fotobuch\IMG_0218.JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.11.24 19:47:36 | 001,566,512 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Alina\Desktop\tdsskiller.exe
[2011.11.24 19:12:36 | 000,000,000 | ---D | C] -- C:\Update
[2011.11.24 18:37:58 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011.11.24 18:37:58 | 000,000,000 | ---D | C] -- C:\Users\Alina\AppData\Local\temp
[2011.11.24 18:37:01 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.11.24 17:10:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2011.11.24 14:34:03 | 000,000,000 | ---D | C] -- C:\Users\Alina\AppData\Roaming\Malwarebytes
[2011.11.24 14:33:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.11.24 14:33:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.11.24 14:33:48 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.11.24 14:33:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.11.24 14:31:37 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.11.24 14:31:36 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011.11.24 14:31:36 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.11.24 14:31:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.11.24 14:31:35 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.11.24 14:31:35 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.11.24 14:31:35 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.11.24 14:31:35 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.11.24 14:31:34 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.11.24 14:31:34 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.11.24 14:31:33 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.11.24 14:31:33 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.11.24 14:31:33 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.11.24 14:31:33 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.11.24 14:31:33 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.11.24 14:31:32 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.11.24 14:31:31 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.11.24 14:29:14 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.11.24 14:29:14 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.11.24 14:29:14 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.11.24 14:29:14 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2011.11.24 14:29:13 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.11.24 14:29:13 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.11.24 14:29:13 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.11.24 14:29:13 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.11.24 14:29:12 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.11.24 14:29:12 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.11.24 14:29:12 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.11.24 14:29:11 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2011.11.24 14:29:11 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.11.24 14:29:11 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.11.24 14:29:11 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.11.24 14:29:10 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.11.24 14:29:09 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.11.24 14:29:06 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.11.24 14:29:06 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.11.24 14:29:06 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2011.11.24 14:29:06 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.11.24 14:29:06 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.11.24 14:29:06 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2011.11.24 13:39:29 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011.11.24 13:39:29 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011.11.24 13:39:29 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011.11.24 13:39:24 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.11.24 13:39:20 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.11.24 13:36:11 | 004,306,022 | R--- | C] (Swearware) -- C:\Users\Alina\Desktop\ComboFix.exe
[2011.11.24 12:58:37 | 000,000,000 | ---D | C] -- C:\Users\Alina\AppData\Roaming\WinRAR
[2011.11.24 12:58:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.11.24 12:58:36 | 000,000,000 | ---D | C] -- C:\Users\Alina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.11.24 12:58:26 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011.11.24 12:38:41 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.11.24 09:00:25 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Alina\Desktop\OTL.exe
[2011.11.24 08:29:08 | 000,000,000 | ---D | C] -- C:\Users\Alina\AppData\Roaming\QuickScan
[2011.11.24 08:19:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.11.23 17:15:41 | 000,000,000 | ---D | C] -- C:\Users\Alina\AppData\Roaming\Avira
[2011.11.23 17:03:29 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2011.11.23 17:00:41 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011.11.23 17:00:40 | 000,134,344 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.11.23 17:00:40 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.11.23 17:00:40 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2011.11.23 17:00:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.11.23 17:00:39 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011.11.23 16:52:33 | 000,000,000 | ---D | C] -- C:\Windows\PIF
[2011.11.17 10:42:05 | 000,000,000 | ---D | C] -- C:\Users\Alina\AppData\Roaming\T-Mobile Internet Manager
[2011.11.17 10:40:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T-Mobile Internet Manager
[2011.11.17 10:40:35 | 000,112,640 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbnet.sys
[2011.11.17 10:40:35 | 000,102,912 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2011.11.17 10:40:35 | 000,101,120 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbdev.sys
[2011.11.17 10:40:35 | 000,023,424 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2011.11.17 10:40:23 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bmutil.dll
[2011.11.17 10:40:23 | 000,294,912 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\bminstall.dll
[2011.11.17 10:40:23 | 000,126,976 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\bmdumpd.bin
[2011.11.17 10:40:23 | 000,022,528 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\drivers\BMLoad.sys
[2011.11.17 10:40:23 | 000,018,816 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\drivers\tcpipBM.sys
[2011.11.17 10:40:23 | 000,008,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sporder.dll
[2011.11.17 10:40:23 | 000,000,000 | ---D | C] -- C:\Users\Alina\AppData\Roaming\T-Mobile
[2011.11.17 10:39:55 | 000,000,000 | ---D | C] -- C:\Program Files\T-Mobile
[2011.11.10 12:19:49 | 000,000,000 | ---D | C] -- C:\Users\Alina\AppData\Roaming\SAP
[2011.11.10 12:18:43 | 000,946,176 | ---- | C] (IBM Corporation and others) -- C:\Windows\System32\icuuc34.dll
[2011.11.10 12:18:42 | 008,847,360 | ---- | C] (IBM Corporation and others) -- C:\Windows\System32\icudt34.dll
[2011.11.10 12:18:42 | 004,813,824 | ---- | C] (SAP AG) -- C:\Windows\System32\librfc32u.dll
[2011.11.10 12:18:42 | 000,843,776 | ---- | C] (IBM Corporation and others) -- C:\Windows\System32\icuin34.dll
[2011.11.10 12:18:42 | 000,089,600 | ---- | C] (SAP AG) -- C:\Windows\System32\libsapu16vc90.dll
[2011.11.10 12:18:27 | 000,721,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vb40032.dll
[2011.11.10 12:18:27 | 000,068,640 | ---- | C] (MicroHelp, Inc.) -- C:\Windows\System32\Gauge32.OCX
[2011.11.10 12:17:10 | 000,114,688 | ---- | C] (heilerSoftware) -- C:\Windows\System32\h5dlg32.dll
[2011.11.10 12:17:06 | 001,677,632 | ---- | C] (SAP, Walldorf) -- C:\Windows\System32\SAPbtmp.dll
[2011.11.10 12:16:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SAP Shared
[2011.11.10 12:16:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAP Front End
[2011.11.10 12:16:18 | 000,000,000 | ---D | C] -- C:\Users\Alina\Documents\SAP
[2011.11.10 12:16:18 | 000,000,000 | ---D | C] -- C:\Users\Alina\AppData\Local\SAP
[2011.11.10 12:16:05 | 000,438,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshflxgd.ocx
[2011.11.10 12:16:05 | 000,244,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msflxgrd.ocx
[2011.11.10 12:16:05 | 000,209,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabctl32.ocx
[2011.11.10 12:16:05 | 000,067,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysinfo.ocx
[2011.11.10 12:16:04 | 000,262,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdatgrd.ocx
[2011.11.10 12:16:03 | 000,203,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\richtx32.ocx
[2011.11.10 12:16:03 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tlbinf32.dll
[2011.11.10 12:16:03 | 000,094,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\grid32.ocx
[2011.11.10 12:16:02 | 001,355,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvbvm50.dll
[2011.11.10 12:16:02 | 000,133,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfcans32.dll
[2011.11.10 12:15:21 | 000,000,000 | ---D | C] -- C:\Program Files\SAP
[2011.11.10 12:10:09 | 000,000,000 | ---D | C] -- C:\Users\Alina\Desktop\SAP
[2009.06.16 13:03:56 | 000,126,976 | ---- | C] ( ) -- C:\Windows\System32\Interop.SHDocVw.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011.11.24 19:47:43 | 001,566,512 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Alina\Desktop\tdsskiller.exe
[2011.11.24 19:29:06 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.24 19:29:06 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.24 19:24:44 | 000,629,186 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.11.24 19:24:44 | 000,596,440 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.11.24 19:24:44 | 000,126,640 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.11.24 19:24:44 | 000,104,256 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.11.24 19:17:03 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{80F93F21-F4C3-4009-A3A0-903D5D0B5F68}.job
[2011.11.24 19:16:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.11.24 19:16:42 | 3186,659,328 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.24 18:02:54 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011.11.24 14:33:53 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.24 13:36:25 | 004,306,022 | R--- | M] (Swearware) -- C:\Users\Alina\Desktop\ComboFix.exe
[2011.11.24 09:05:02 | 000,000,000 | ---- | M] () -- C:\Users\Alina\defogger_reenable
[2011.11.24 09:01:10 | 000,302,592 | ---- | M] () -- C:\Users\Alina\Desktop\h1zvqmfx.exe
[2011.11.24 09:00:26 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Alina\Desktop\OTL.exe
[2011.11.24 09:00:03 | 000,050,477 | ---- | M] () -- C:\Users\Alina\Desktop\Defogger.exe
[2011.11.24 08:31:39 | 000,000,036 | ---- | M] () -- C:\Users\Alina\AppData\Local\housecall.guid.cache
[2011.11.24 08:19:26 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011.11.23 17:15:36 | 000,001,356 | ---- | M] () -- C:\Users\Alina\AppData\Local\d3d9caps.dat
[2011.11.23 16:39:56 | 000,065,024 | ---- | M] () -- C:\Users\Alina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.11.23 16:10:50 | 000,328,704 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.11.17 10:40:44 | 000,001,135 | ---- | M] () -- C:\Users\Public\Desktop\T-Mobile Internet Manager.lnk
[2011.11.10 12:18:14 | 000,001,078 | ---- | M] () -- C:\Users\Public\Desktop\SAP Logon.lnk
[2011.11.10 12:17:05 | 000,021,040 | ---- | M] () -- C:\Windows\System32\drivers\etc\services
[2011.11.08 12:12:52 | 084,419,032 | ---- | M] () -- C:\Users\Alina\Desktop\avira_free_antivirus_de1200861.exe
 
========== Files Created - No Company Name ==========
 
[2011.11.24 19:15:23 | 000,000,874 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
[2011.11.24 14:33:53 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.24 14:31:33 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.11.24 13:39:29 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011.11.24 13:39:29 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011.11.24 13:39:29 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.11.24 13:39:29 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.11.24 13:39:29 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.11.24 09:05:02 | 000,000,000 | ---- | C] () -- C:\Users\Alina\defogger_reenable
[2011.11.24 09:01:10 | 000,302,592 | ---- | C] () -- C:\Users\Alina\Desktop\h1zvqmfx.exe
[2011.11.24 09:00:02 | 000,050,477 | ---- | C] () -- C:\Users\Alina\Desktop\Defogger.exe
[2011.11.24 08:31:39 | 000,000,036 | ---- | C] () -- C:\Users\Alina\AppData\Local\housecall.guid.cache
[2011.11.24 08:08:13 | 3186,659,328 | -HS- | C] () -- C:\hiberfil.sys
[2011.11.23 17:01:09 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011.11.23 16:29:37 | 084,419,032 | ---- | C] () -- C:\Users\Alina\Desktop\avira_free_antivirus_de1200861.exe
[2011.11.23 16:25:25 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.11.17 10:40:44 | 000,001,135 | ---- | C] () -- C:\Users\Public\Desktop\T-Mobile Internet Manager.lnk
[2011.11.10 12:18:14 | 000,001,078 | ---- | C] () -- C:\Users\Public\Desktop\SAP Logon.lnk
[2011.11.10 12:17:10 | 001,064,960 | ---- | C] () -- C:\Windows\System32\h5krnl32.dll
[2011.11.10 12:17:10 | 000,188,928 | ---- | C] () -- C:\Windows\System32\h5icon32.dll
[2011.11.10 12:17:10 | 000,175,616 | ---- | C] () -- C:\Windows\System32\h5menu32.dll
[2011.11.10 12:17:10 | 000,095,744 | ---- | C] () -- C:\Windows\System32\h5rtf32.dll
[2011.11.10 12:17:10 | 000,051,200 | ---- | C] () -- C:\Windows\System32\h5tool32.dll
[2011.11.10 12:01:31 | 429,849,667 | ---- | C] () -- C:\Users\Alina\Desktop\SAP.zip
[2010.09.21 09:58:44 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.01.29 16:33:40 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.01.27 20:07:49 | 000,015,760 | ---- | C] () -- C:\Windows\System32\DCMessagesPS.dll
[2010.01.27 20:07:49 | 000,000,737 | ---- | C] () -- C:\Windows\System32\oemsetup.ini
[2010.01.02 19:05:51 | 000,001,356 | ---- | C] () -- C:\Users\Alina\AppData\Local\d3d9caps.dat
[2009.10.06 13:36:44 | 000,303,104 | ---- | C] () -- C:\Windows\System32\eST3snm.dll
[2009.09.15 14:32:59 | 000,065,024 | ---- | C] () -- C:\Users\Alina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.06.16 13:03:58 | 000,053,248 | ---- | C] () -- C:\Windows\System32\dossec.dll
[2009.05.22 13:34:10 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2009.03.05 18:22:23 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2009.03.05 18:22:19 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2009.03.05 18:22:19 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009.03.05 18:22:18 | 000,174,819 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009.03.05 18:22:18 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2009.03.05 10:27:17 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.03.05 09:48:25 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.03.05 09:48:25 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.01.21 08:15:58 | 000,629,186 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 08:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 08:15:58 | 000,126,640 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 08:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,328,704 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,596,440 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,104,256 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

< End of report >
--- --- ---

markusg 24.11.2011 20:20
hiho

achtung!
dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.


• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.



Code:
:OTL
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

:Files
:Commands
[purity]
[EMPTYFLASH]
[emptytemp]
[Reboot]


• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.

Hoschi2k 24.11.2011 20:30
bitte

Log
Zitat:
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
========== FILES ==========
========== COMMANDS ==========

[EMPTYFLASH]

User: Alina
->Flash cache emptied: 41566 bytes

User: All Users

User: Default

User: Default User

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYTEMP]

User: Alina
->Temp folder emptied: 39290 bytes
->Temporary Internet Files folder emptied: 81241994 bytes
->Java cache emptied: 39288 bytes
->FireFox cache emptied: 56196516 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 131,00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 11242011_202225

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

markusg 24.11.2011 20:38
ok, start ausführen
msconfig enter
systemstart
alle haken raus außer bei avgnt
ok neustart.
falls wirklich was wichtiges im autostart fehlt nehmen wirs dann wieder rein.
wie viele prozesse laufen im taskmanager nah neustart und läuft das gerät etwas besser?

Hoschi2k 24.11.2011 20:44
16 oder 62(Prozesse aller Benutzer zeigen)

Hoschi2k 24.11.2011 20:45
an sich find ich ihn schon relativ schnell wieder nur braucht zb firefox ca 25sec zum hochfahren.
Es ist auch immer noch vista sp1. Soll ich mal das SP2 aufspielen.
Güsse der Oli

markusg 24.11.2011 21:56
ich sag dir schon wann
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
lösche niths, nur log posten

Hoschi2k 24.11.2011 22:01
einmal log bitte sehr

Zitat:
21:59:11.0184 4212 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
21:59:11.0325 4212 ============================================================
21:59:11.0325 4212 Current date / time: 2011/11/24 21:59:11.0325
21:59:11.0325 4212 SystemInfo:
21:59:11.0325 4212
21:59:11.0325 4212 OS Version: 6.0.6001 ServicePack: 1.0
21:59:11.0325 4212 Product type: Workstation
21:59:11.0325 4212 ComputerName: ALINA-LAPTOP
21:59:11.0325 4212 UserName: Alina
21:59:11.0325 4212 Windows directory: C:\Windows
21:59:11.0325 4212 System windows directory: C:\Windows
21:59:11.0325 4212 Processor architecture: Intel x86
21:59:11.0325 4212 Number of processors: 2
21:59:11.0325 4212 Page size: 0x1000
21:59:11.0325 4212 Boot type: Normal boot
21:59:11.0325 4212 ============================================================
21:59:12.0198 4212 Initialize success
21:59:21.0668 4332 ============================================================
21:59:21.0668 4332 Scan started
21:59:21.0668 4332 Mode: Manual; SigCheck; TDLFS;
21:59:21.0668 4332 ============================================================
21:59:22.0089 4332 61883 (585e64bb6dfbc0a2f1f0b554ded012df) C:\Windows\system32\DRIVERS\61883.sys
21:59:22.0292 4332 61883 - ok
21:59:22.0385 4332 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
21:59:22.0416 4332 ACPI - ok
21:59:22.0541 4332 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
21:59:22.0557 4332 adp94xx - ok
21:59:22.0619 4332 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
21:59:22.0650 4332 adpahci - ok
21:59:22.0728 4332 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
21:59:22.0744 4332 adpu160m - ok
21:59:22.0838 4332 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
21:59:22.0884 4332 adpu320 - ok
21:59:23.0040 4332 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
21:59:23.0118 4332 AFD - ok
21:59:23.0228 4332 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
21:59:23.0259 4332 agp440 - ok
21:59:23.0337 4332 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
21:59:23.0352 4332 aic78xx - ok
21:59:23.0446 4332 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
21:59:23.0446 4332 aliide - ok
21:59:23.0555 4332 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
21:59:23.0571 4332 amdagp - ok
21:59:23.0618 4332 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
21:59:23.0649 4332 amdide - ok
21:59:23.0711 4332 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
21:59:23.0774 4332 AmdK7 - ok
21:59:23.0867 4332 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
21:59:23.0930 4332 AmdK8 - ok
21:59:24.0039 4332 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
21:59:24.0054 4332 arc - ok
21:59:24.0164 4332 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
21:59:24.0179 4332 arcsas - ok
21:59:24.0257 4332 ArcSoftKsUFilter (857b48965a0503b7ab795d4bfe7cbd8b) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
21:59:24.0320 4332 ArcSoftKsUFilter - ok
21:59:24.0382 4332 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
21:59:24.0460 4332 AsyncMac - ok
21:59:24.0538 4332 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
21:59:24.0569 4332 atapi - ok
21:59:24.0663 4332 athr (1ea05449220e3d755477ce517a83846b) C:\Windows\system32\DRIVERS\athr.sys
21:59:24.0788 4332 athr - ok
21:59:25.0224 4332 atikmdag (9f66d1ba97911731133e46212539a08d) C:\Windows\system32\DRIVERS\atikmdag.sys
21:59:25.0443 4332 atikmdag - ok
21:59:25.0646 4332 Avc (f4b56425a00beb32f5fa6603ff7b0ea2) C:\Windows\system32\DRIVERS\avc.sys
21:59:25.0708 4332 Avc - ok
21:59:25.0770 4332 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
21:59:25.0802 4332 avgntflt - ok
21:59:25.0895 4332 avipbb (912d23140cd05980f6cdae790ddafc8d) C:\Windows\system32\DRIVERS\avipbb.sys
21:59:25.0942 4332 avipbb - ok
21:59:25.0989 4332 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
21:59:26.0020 4332 avkmgr - ok
21:59:26.0114 4332 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
21:59:26.0207 4332 Beep - ok
21:59:26.0285 4332 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
21:59:26.0348 4332 blbdrive - ok
21:59:26.0488 4332 BMLoad (d002033c1a37f6af51b5f0ba6d0211bc) C:\Windows\system32\drivers\BMLoad.sys
21:59:26.0519 4332 BMLoad ( UnsignedFile.Multi.Generic ) - warning
21:59:26.0519 4332 BMLoad - detected UnsignedFile.Multi.Generic (1)
21:59:26.0738 4332 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
21:59:26.0816 4332 bowser - ok
21:59:26.0956 4332 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
21:59:27.0081 4332 BrFiltLo - ok
21:59:27.0143 4332 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
21:59:27.0190 4332 BrFiltUp - ok
21:59:27.0315 4332 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
21:59:27.0533 4332 Brserid - ok
21:59:27.0611 4332 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
21:59:27.0720 4332 BrSerWdm - ok
21:59:27.0830 4332 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
21:59:27.0923 4332 BrUsbMdm - ok
21:59:27.0970 4332 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
21:59:28.0064 4332 BrUsbSer - ok
21:59:28.0157 4332 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
21:59:28.0251 4332 BTHMODEM - ok
21:59:28.0360 4332 catchme - ok
21:59:28.0516 4332 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
21:59:28.0578 4332 cdfs - ok
21:59:28.0610 4332 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
21:59:28.0688 4332 cdrom - ok
21:59:28.0797 4332 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
21:59:28.0844 4332 circlass - ok
21:59:28.0906 4332 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
21:59:28.0937 4332 CLFS - ok
21:59:29.0031 4332 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
21:59:29.0093 4332 CmBatt - ok
21:59:29.0202 4332 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
21:59:29.0218 4332 cmdide - ok
21:59:29.0265 4332 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
21:59:29.0280 4332 Compbatt - ok
21:59:29.0312 4332 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
21:59:29.0343 4332 crcdisk - ok
21:59:29.0390 4332 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
21:59:29.0452 4332 Crusoe - ok
21:59:29.0639 4332 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
21:59:29.0670 4332 DfsC - ok
21:59:29.0764 4332 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
21:59:29.0795 4332 disk - ok
21:59:29.0889 4332 DMICall (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys
21:59:29.0920 4332 DMICall - ok
21:59:29.0982 4332 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
21:59:30.0076 4332 drmkaud - ok
21:59:30.0170 4332 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
21:59:30.0294 4332 DXGKrnl - ok
21:59:30.0466 4332 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
21:59:30.0513 4332 E1G60 - ok
21:59:30.0575 4332 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
21:59:30.0606 4332 Ecache - ok
21:59:30.0747 4332 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
21:59:30.0778 4332 elxstor - ok
21:59:30.0840 4332 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
21:59:30.0903 4332 ErrDev - ok
21:59:30.0996 4332 ewusbnet (1fc8c55255d197aa3a423624786d090c) C:\Windows\system32\DRIVERS\ewusbnet.sys
21:59:31.0059 4332 ewusbnet - ok
21:59:31.0184 4332 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
21:59:31.0262 4332 exfat - ok
21:59:31.0308 4332 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
21:59:31.0371 4332 fastfat - ok
21:59:31.0433 4332 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
21:59:31.0480 4332 fdc - ok
21:59:31.0605 4332 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
21:59:31.0652 4332 FileInfo - ok
21:59:31.0698 4332 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
21:59:31.0745 4332 Filetrace - ok
21:59:31.0854 4332 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
21:59:31.0948 4332 flpydisk - ok
21:59:32.0198 4332 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
21:59:32.0213 4332 FltMgr - ok
21:59:32.0260 4332 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
21:59:32.0307 4332 Fs_Rec - ok
21:59:32.0354 4332 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
21:59:32.0385 4332 gagp30kx - ok
21:59:32.0525 4332 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
21:59:32.0634 4332 HdAudAddService - ok
21:59:32.0681 4332 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:59:32.0744 4332 HDAudBus - ok
21:59:32.0790 4332 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
21:59:32.0884 4332 HidBth - ok
21:59:32.0978 4332 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
21:59:33.0087 4332 HidIr - ok
21:59:33.0149 4332 HidUsb (e2b5bd48afcc0f0974fb44641b223250) C:\Windows\system32\DRIVERS\hidusb.sys
21:59:33.0196 4332 HidUsb - ok
21:59:33.0305 4332 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
21:59:33.0352 4332 HpCISSs - ok
21:59:33.0430 4332 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
21:59:33.0508 4332 HSFHWAZL - ok
21:59:33.0867 4332 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
21:59:34.0007 4332 HSF_DPV - ok
21:59:34.0085 4332 HSXHWAZL - ok
21:59:34.0163 4332 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
21:59:34.0226 4332 HTTP - ok
21:59:34.0319 4332 hwdatacard (0515065a3c7e8869dd01253e987c5bd1) C:\Windows\system32\DRIVERS\ewusbmdm.sys
21:59:34.0397 4332 hwdatacard - ok
21:59:34.0491 4332 hwusbdev (a259d3619aa23d4562581067f85e2006) C:\Windows\system32\DRIVERS\ewusbdev.sys
21:59:34.0569 4332 hwusbdev - ok
21:59:34.0662 4332 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
21:59:34.0678 4332 i2omp - ok
21:59:34.0787 4332 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
21:59:34.0850 4332 i8042prt - ok
21:59:34.0912 4332 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\Windows\system32\DRIVERS\iaStor.sys
21:59:34.0928 4332 iaStor - ok
21:59:34.0990 4332 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
21:59:35.0037 4332 iaStorV - ok
21:59:35.0130 4332 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
21:59:35.0177 4332 iirsp - ok
21:59:35.0302 4332 IntcAzAudAddService (3aa1f82efa2b0454af163124c9920d16) C:\Windows\system32\drivers\RTKVHDA.sys
21:59:35.0676 4332 IntcAzAudAddService - ok
21:59:35.0817 4332 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
21:59:35.0848 4332 intelide - ok
21:59:35.0879 4332 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
21:59:35.0926 4332 intelppm - ok
21:59:35.0988 4332 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:59:36.0020 4332 IpFilterDriver - ok
21:59:36.0113 4332 IpInIp - ok
21:59:36.0160 4332 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
21:59:36.0222 4332 IPMIDRV - ok
21:59:36.0285 4332 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
21:59:36.0363 4332 IPNAT - ok
21:59:36.0410 4332 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
21:59:36.0472 4332 IRENUM - ok
21:59:36.0581 4332 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
21:59:36.0628 4332 isapnp - ok
21:59:36.0659 4332 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
21:59:36.0690 4332 iScsiPrt - ok
21:59:36.0722 4332 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
21:59:36.0768 4332 iteatapi - ok
21:59:36.0878 4332 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
21:59:36.0924 4332 iteraid - ok
21:59:36.0971 4332 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
21:59:37.0002 4332 kbdclass - ok
21:59:37.0034 4332 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
21:59:37.0112 4332 kbdhid - ok
21:59:37.0424 4332 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
21:59:37.0486 4332 KSecDD - ok
21:59:37.0595 4332 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
21:59:37.0642 4332 lltdio - ok
21:59:37.0736 4332 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
21:59:37.0751 4332 LSI_FC - ok
21:59:37.0814 4332 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
21:59:37.0860 4332 LSI_SAS - ok
21:59:37.0938 4332 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
21:59:37.0970 4332 LSI_SCSI - ok
21:59:38.0001 4332 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
21:59:38.0063 4332 luafv - ok
21:59:38.0188 4332 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
21:59:38.0204 4332 MBAMProtector - ok
21:59:38.0266 4332 MBAMSwissArmy - ok
21:59:38.0297 4332 mdmxsdk - ok
21:59:38.0375 4332 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
21:59:38.0391 4332 megasas - ok
21:59:38.0500 4332 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
21:59:38.0609 4332 MegaSR - ok
21:59:38.0703 4332 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
21:59:38.0765 4332 Modem - ok
21:59:39.0015 4332 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
21:59:39.0077 4332 monitor - ok
21:59:39.0202 4332 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
21:59:39.0233 4332 mouclass - ok
21:59:39.0296 4332 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
21:59:39.0358 4332 mouhid - ok
21:59:39.0405 4332 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
21:59:39.0436 4332 MountMgr - ok
21:59:39.0514 4332 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
21:59:39.0545 4332 mpio - ok
21:59:39.0623 4332 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
21:59:39.0654 4332 mpsdrv - ok
21:59:39.0717 4332 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
21:59:39.0764 4332 Mraid35x - ok
21:59:39.0795 4332 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
21:59:39.0857 4332 MRxDAV - ok
21:59:39.0920 4332 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:59:39.0966 4332 mrxsmb - ok
21:59:40.0060 4332 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:59:40.0138 4332 mrxsmb10 - ok
21:59:40.0216 4332 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:59:40.0247 4332 mrxsmb20 - ok
21:59:40.0356 4332 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
21:59:40.0388 4332 msahci - ok
21:59:40.0434 4332 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
21:59:40.0450 4332 msdsm - ok
21:59:40.0575 4332 MSDV (343291a4dfd7c923c3f71f550830ec1c) C:\Windows\system32\DRIVERS\msdv.sys
21:59:40.0653 4332 MSDV - ok
21:59:40.0793 4332 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
21:59:40.0871 4332 Msfs - ok
21:59:40.0949 4332 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
21:59:40.0980 4332 msisadrv - ok
21:59:41.0043 4332 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
21:59:41.0105 4332 MSKSSRV - ok
21:59:41.0136 4332 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
21:59:41.0168 4332 MSPCLOCK - ok
21:59:41.0214 4332 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
21:59:41.0292 4332 MSPQM - ok
21:59:41.0386 4332 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
21:59:41.0417 4332 MsRPC - ok
21:59:41.0448 4332 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
21:59:41.0464 4332 mssmbios - ok
21:59:41.0511 4332 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
21:59:41.0558 4332 MSTEE - ok
21:59:41.0636 4332 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
21:59:41.0667 4332 Mup - ok
21:59:41.0714 4332 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
21:59:41.0776 4332 NativeWifiP - ok
21:59:41.0823 4332 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
21:59:41.0854 4332 NDIS - ok
21:59:41.0963 4332 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
21:59:42.0026 4332 NdisTapi - ok
21:59:42.0088 4332 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
21:59:42.0150 4332 Ndisuio - ok
21:59:42.0213 4332 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
21:59:42.0275 4332 NdisWan - ok
21:59:42.0494 4332 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
21:59:42.0572 4332 NDProxy - ok
21:59:42.0634 4332 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
21:59:42.0696 4332 NetBIOS - ok
21:59:42.0790 4332 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
21:59:42.0868 4332 netbt - ok
21:59:42.0946 4332 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
21:59:42.0993 4332 nfrd960 - ok
21:59:43.0040 4332 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
21:59:43.0102 4332 Npfs - ok
21:59:43.0180 4332 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
21:59:43.0211 4332 nsiproxy - ok
21:59:43.0289 4332 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
21:59:43.0398 4332 Ntfs - ok
21:59:43.0476 4332 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
21:59:43.0554 4332 ntrigdigi - ok
21:59:43.0648 4332 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
21:59:43.0710 4332 Null - ok
21:59:43.0757 4332 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
21:59:43.0773 4332 nvraid - ok
21:59:43.0820 4332 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
21:59:43.0851 4332 nvstor - ok
21:59:43.0882 4332 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
21:59:43.0913 4332 nv_agp - ok
21:59:43.0976 4332 NwlnkFlt - ok
21:59:43.0991 4332 NwlnkFwd - ok
21:59:44.0303 4332 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
21:59:44.0366 4332 ohci1394 - ok
21:59:44.0459 4332 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
21:59:44.0568 4332 Parport - ok
21:59:44.0646 4332 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
21:59:44.0662 4332 partmgr - ok
21:59:44.0709 4332 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
21:59:44.0802 4332 Parvdm - ok
21:59:44.0880 4332 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
21:59:44.0896 4332 pci - ok
21:59:44.0974 4332 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
21:59:44.0990 4332 pciide - ok
21:59:45.0036 4332 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
21:59:45.0083 4332 pcmcia - ok
21:59:45.0146 4332 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
21:59:45.0270 4332 PEAUTH - ok
21:59:45.0395 4332 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
21:59:45.0473 4332 PptpMiniport - ok
21:59:45.0520 4332 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
21:59:45.0598 4332 Processor - ok
21:59:45.0645 4332 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
21:59:45.0692 4332 PSched - ok
21:59:45.0926 4332 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
21:59:45.0941 4332 PxHelp20 - ok
21:59:46.0128 4332 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
21:59:46.0253 4332 ql2300 - ok
21:59:46.0347 4332 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
21:59:46.0378 4332 ql40xx - ok
21:59:46.0440 4332 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
21:59:46.0487 4332 QWAVEdrv - ok
21:59:46.0518 4332 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
21:59:46.0581 4332 RasAcd - ok
21:59:46.0674 4332 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:59:46.0737 4332 Rasl2tp - ok
21:59:46.0784 4332 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
21:59:46.0830 4332 RasPppoe - ok
21:59:46.0877 4332 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
21:59:46.0940 4332 RasSstp - ok
21:59:47.0018 4332 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
21:59:47.0111 4332 rdbss - ok
21:59:47.0158 4332 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:59:47.0220 4332 RDPCDD - ok
21:59:47.0267 4332 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
21:59:47.0330 4332 rdpdr - ok
21:59:47.0361 4332 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
21:59:47.0408 4332 RDPENCDD - ok
21:59:47.0501 4332 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
21:59:47.0626 4332 RDPWD - ok
21:59:47.0766 4332 regi (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
21:59:47.0782 4332 regi - ok
21:59:47.0922 4332 rimsptsk (f7d9ecf41ebd3cf6c65944368150f66b) C:\Windows\system32\DRIVERS\rimsptsk.sys
21:59:47.0938 4332 rimsptsk - ok
21:59:48.0016 4332 risdptsk (1be6c42767a7c67ba31ae32b293b37a3) C:\Windows\system32\DRIVERS\risdptsk.sys
21:59:48.0047 4332 risdptsk - ok
21:59:48.0125 4332 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
21:59:48.0172 4332 rspndr - ok
21:59:48.0250 4332 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
21:59:48.0281 4332 sbp2port - ok
21:59:48.0344 4332 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
21:59:48.0406 4332 sdbus - ok
21:59:48.0453 4332 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
21:59:48.0531 4332 secdrv - ok
21:59:48.0624 4332 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
21:59:48.0702 4332 Serenum - ok
21:59:48.0749 4332 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
21:59:48.0827 4332 Serial - ok
21:59:48.0858 4332 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
21:59:48.0905 4332 sermouse - ok
21:59:49.0046 4332 SFEP (8b7c1768d2cde2e02e09a66563ddfd16) C:\Windows\system32\DRIVERS\SFEP.sys
21:59:49.0092 4332 SFEP - ok
21:59:49.0155 4332 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
21:59:49.0186 4332 sffdisk - ok
21:59:49.0217 4332 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
21:59:49.0264 4332 sffp_mmc - ok
21:59:49.0420 4332 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
21:59:49.0482 4332 sffp_sd - ok
21:59:49.0623 4332 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys
21:59:49.0685 4332 sfloppy - ok
21:59:49.0794 4332 Sftfs (8f00cc8cacf83dce5b35079f615b0f12) C:\Windows\system32\DRIVERS\Sftfslh.sys
21:59:49.0841 4332 Sftfs - ok
21:59:49.0919 4332 Sftplay (afdb934586c4c8b2be39ae7eea6f52be) C:\Windows\system32\DRIVERS\Sftplaylh.sys
21:59:49.0935 4332 Sftplay - ok
21:59:49.0997 4332 Sftredir (6b1865d82e0290729ed7496c24275592) C:\Windows\system32\DRIVERS\Sftredirlh.sys
21:59:50.0013 4332 Sftredir - ok
21:59:50.0106 4332 Sftvol (621eccb1265a01ce2bdf6f2c5e727e2b) C:\Windows\system32\DRIVERS\Sftvollh.sys
21:59:50.0122 4332 Sftvol - ok
21:59:50.0169 4332 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
21:59:50.0200 4332 sisagp - ok
21:59:50.0231 4332 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
21:59:50.0262 4332 SiSRaid2 - ok
21:59:50.0309 4332 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
21:59:50.0325 4332 SiSRaid4 - ok
21:59:50.0418 4332 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
21:59:50.0465 4332 Smb - ok
21:59:50.0559 4332 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
21:59:50.0574 4332 spldr - ok
21:59:50.0652 4332 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
21:59:50.0699 4332 srv - ok
21:59:50.0824 4332 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
21:59:50.0886 4332 srv2 - ok
21:59:50.0933 4332 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
21:59:50.0996 4332 srvnet - ok
21:59:51.0167 4332 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
21:59:51.0214 4332 ssmdrv - ok
21:59:51.0401 4332 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
21:59:51.0432 4332 swenum - ok
21:59:51.0479 4332 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
21:59:51.0495 4332 Symc8xx - ok
21:59:51.0526 4332 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
21:59:51.0542 4332 Sym_hi - ok
21:59:51.0573 4332 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
21:59:51.0604 4332 Sym_u3 - ok
21:59:51.0713 4332 SynTP (99da94793332aadbb17bbb521ae56e21) C:\Windows\system32\DRIVERS\SynTP.sys
21:59:51.0760 4332 SynTP - ok
21:59:51.0854 4332 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
21:59:51.0963 4332 Tcpip - ok
21:59:52.0056 4332 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
21:59:52.0103 4332 Tcpip6 - ok
21:59:52.0244 4332 tcpipBM (dcfeb82ca988598ceb8f83148616038e) C:\Windows\system32\drivers\tcpipBM.sys
21:59:52.0259 4332 tcpipBM ( UnsignedFile.Multi.Generic ) - warning
21:59:52.0259 4332 tcpipBM - detected UnsignedFile.Multi.Generic (1)
21:59:52.0337 4332 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
21:59:52.0384 4332 tcpipreg - ok
21:59:52.0431 4332 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
21:59:52.0493 4332 TDPIPE - ok
21:59:52.0540 4332 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
21:59:52.0587 4332 TDTCP - ok
21:59:52.0680 4332 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
21:59:52.0743 4332 tdx - ok
21:59:52.0899 4332 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
21:59:52.0946 4332 TermDD - ok
21:59:53.0180 4332 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:59:53.0242 4332 tssecsrv - ok
21:59:53.0304 4332 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
21:59:53.0351 4332 tunmp - ok
21:59:53.0429 4332 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
21:59:53.0460 4332 tunnel - ok
21:59:53.0507 4332 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
21:59:53.0538 4332 uagp35 - ok
21:59:53.0601 4332 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
21:59:53.0632 4332 udfs - ok
21:59:53.0710 4332 UIUSys - ok
21:59:53.0741 4332 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
21:59:53.0757 4332 uliagpkx - ok
21:59:53.0819 4332 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
21:59:53.0850 4332 uliahci - ok
21:59:53.0882 4332 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
21:59:53.0913 4332 UlSata - ok
21:59:53.0944 4332 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
21:59:53.0960 4332 ulsata2 - ok
21:59:54.0022 4332 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
21:59:54.0069 4332 umbus - ok
21:59:54.0147 4332 usbccgp (a7cd5b4adea26765cab06bdab7b07b13) C:\Windows\system32\DRIVERS\usbccgp.sys
21:59:54.0209 4332 usbccgp - ok
21:59:54.0256 4332 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
21:59:54.0350 4332 usbcir - ok
21:59:54.0428 4332 usbehci (686d4188ae36254c3008b71fedacadf3) C:\Windows\system32\DRIVERS\usbehci.sys
21:59:54.0459 4332 usbehci - ok
21:59:54.0521 4332 usbhub (4e42f665a658f08d153f7fffe7c83806) C:\Windows\system32\DRIVERS\usbhub.sys
21:59:54.0630 4332 usbhub - ok
21:59:54.0818 4332 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
21:59:54.0896 4332 usbohci - ok
21:59:54.0958 4332 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
21:59:54.0989 4332 usbprint - ok
21:59:55.0036 4332 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:59:55.0083 4332 USBSTOR - ok
21:59:55.0161 4332 usbuhci (40f95a3d6d50d82f947f1d167c2ec39d) C:\Windows\system32\DRIVERS\usbuhci.sys
21:59:55.0192 4332 usbuhci - ok
21:59:55.0239 4332 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
21:59:55.0301 4332 usbvideo - ok
21:59:55.0379 4332 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
21:59:55.0426 4332 vga - ok
21:59:55.0520 4332 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
21:59:55.0566 4332 VgaSave - ok
21:59:55.0613 4332 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
21:59:55.0629 4332 viaagp - ok
21:59:55.0676 4332 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
21:59:55.0722 4332 ViaC7 - ok
21:59:55.0754 4332 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
21:59:55.0769 4332 viaide - ok
21:59:55.0847 4332 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
21:59:55.0863 4332 volmgr - ok
21:59:55.0894 4332 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
21:59:55.0925 4332 volmgrx - ok
21:59:55.0956 4332 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
21:59:55.0988 4332 volsnap - ok
21:59:56.0034 4332 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
21:59:56.0050 4332 vsmraid - ok
21:59:56.0175 4332 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
21:59:56.0253 4332 WacomPen - ok
21:59:56.0409 4332 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
21:59:56.0456 4332 Wanarp - ok
21:59:56.0471 4332 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
21:59:56.0502 4332 Wanarpv6 - ok
21:59:56.0643 4332 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
21:59:56.0658 4332 Wd - ok
21:59:56.0705 4332 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
21:59:56.0814 4332 Wdf01000 - ok
21:59:56.0939 4332 WimFltr (090a2b8f055343815556a01f725f6c35) C:\Windows\system32\DRIVERS\wimfltr.sys
21:59:56.0955 4332 WimFltr - ok
21:59:57.0017 4332 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
21:59:57.0095 4332 winachsf - ok
21:59:57.0173 4332 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
21:59:57.0204 4332 WmiAcpi - ok
21:59:57.0360 4332 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
21:59:57.0423 4332 WpdUsb - ok
21:59:57.0485 4332 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
21:59:57.0532 4332 ws2ifsl - ok
21:59:57.0641 4332 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys
21:59:57.0672 4332 WSDPrintDevice - ok
21:59:57.0735 4332 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:59:57.0797 4332 WUDFRd - ok
21:59:57.0828 4332 XAudio - ok
21:59:57.0891 4332 yukonwlh (7d4cca3659fa0780603206e3d12a993f) C:\Windows\system32\DRIVERS\yk60x86.sys
21:59:57.0953 4332 yukonwlh - ok
21:59:58.0000 4332 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
21:59:58.0530 4332 \Device\Harddisk0\DR0 - ok
21:59:58.0577 4332 Boot (0x1200) (4f9c9023db902c05a6414596105d8046) \Device\Harddisk0\DR0\Partition0
21:59:58.0577 4332 \Device\Harddisk0\DR0\Partition0 - ok
21:59:58.0577 4332 ============================================================
21:59:58.0577 4332 Scan finished
21:59:58.0577 4332 ============================================================
21:59:58.0593 4500 Detected object count: 2
21:59:58.0593 4500 Actual detected object count: 2
22:00:22.0617 4500 BMLoad ( UnsignedFile.Multi.Generic ) - skipped by user
22:00:22.0617 4500 BMLoad ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:00:22.0617 4500 tcpipBM ( UnsignedFile.Multi.Generic ) - skipped by user
22:00:22.0617 4500 tcpipBM ( UnsignedFile.Multi.Generic ) - User select action: Skip

markusg 24.11.2011 22:03
ok das folgende musst du mit der besitzerin durcharbeiten.
lade den CCleaner standard:
CCleaner Download - CCleaner 3.12.1572
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

Hoschi2k 24.11.2011 22:38
Bin es mit ihr telefonisch durchgegangen.

Zitat:
Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 07.09.2009 10.0.12.36 nötig
Adobe Flash Player 10 Plugin Adobe Systems Incorporated 11.12.2010 10.1.102.64 nötig
Adobe Premiere Elements 3.0.2 Ihr Firmenname 01.01.2010 3.041MB 3.0.2 nötig
Adobe Premiere Elements 3.0.2 Templates Ihr Firmenname 01.01.2010 2.721MB 1.0.0 nötig
Adobe Reader 9.0.1 - Deutsch Adobe Systems Incorporated 04.03.2009 232MB 9.0.1 nötig
ArcSoft Magic-i Visual Effects 2 ArcSoft 07.09.2009 34,8MB 2.0.1.39 unnötig
ArcSoft WebCam Companion 2 ArcSoft 07.09.2009 24,3MB unnötig
ATI Catalyst Install Manager ATI Technologies, Inc. 21.05.2009 13,7MB 3.0.682.0 nötig
Avira Free Antivirus Avira 23.11.2011 156,4MB 12.0.0.861 nötig
Canon iP4300 03.11.2009 nötig
Canon iP4300 Benutzerregistrierung 03.11.2009 0,50MB nötig
Canon Setup Utility 2.3 03.11.2009 5,79MB nötig
CCleaner Piriform 23.11.2011 4,13MB 3.12 nötig
CD-LabelPrint 03.11.2009 11,7MB unnötig
Click to Disc Sony Corporation 21.05.2009 71,1MB 1.2.60.13210 unnötig
Click to Disc Editor Sony Corporation 21.05.2009 190,3MB 2.0.00 unnötig
Compatibility Pack für 2007 Office System Microsoft Corporation 23.11.2011 5,86MB 12.0.6612.1000 nötig
Fotobuch 26.10.2010 21,5MB unnötig
Free Audio CD Burner version 1.4.7 DVDVideoSoft Limited. 26.04.2011 3,24MB unnötig
Free YouTube to MP3 Converter version 3.9.36.421 DVDVideoSoft Limited. 26.04.2011 3,75MB unnötig
gDoc Global Graphics 26.01.2010 101,1MB 2.1.0 unbekannt
Google Desktop Google 07.07.2010 31,3MB 5.9.1005.12335 unnötig
Google Toolbar for Internet Explorer Google Inc. 07.09.2009 24,4MB unnötig
ICQ Toolbar ICQ 13.09.2009 3.0.0 unnötig
ICQ6.5 ICQ 13.09.2009 47,6MB 6.5 unnötig
Java(TM) 6 Update 11 Sun Microsystems, Inc. 04.03.2009 96,9MB 6.0.110 nötig
Malwarebytes' Anti-Malware Version 1.51.2.1300 Malwarebytes Corporation 23.11.2011 6,76MB 1.51.2.1300 nötig
Me&My VAIO Sony Corporation 21.05.2009 70,0MB 1.2.0.14020 unbekannt
Mein CEWE FOTOBUCH 26.10.2010 164,0MB unnötig
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft Corporation 16.09.2009 37,0MB nötig
Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 09.09.2009 27,8MB nötig
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 30.06.2010 120,3MB 4.0.30319 nötig
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 30.06.2010 24,5MB 4.0.30319 nötig
Microsoft Office 2007 Primary Interop Assemblies Microsoft Corporation 11.05.2011 7,23MB 12.0.4518.1014 nötig
Microsoft Office Home and Student 2010 - Deutsch Microsoft Corporation 08.12.2010 182,6MB 14.0.5128.5002 nötig
Microsoft Office Klick-und-Los 2010 Microsoft Corporation 08.12.2010 11,2MB 14.0.4763.1000 nötig
Microsoft Office Live Add-in 1.3 Microsoft Corporation 23.11.2009 0,48MB 2.0.2313.0 nötig
Microsoft Office PowerPoint Viewer 2007 (German) Microsoft Corporation 23.11.2011 4,10MB 12.0.6612.1000 nötig
Microsoft Office Suite Activation Assistant Microsoft Corporation 21.05.2009 8,37MB 2.9 nötig
Microsoft Office XP Professional Microsoft Corporation 23.11.2011 199,2MB 10.0.6626.0 nötig
Microsoft redistributable runtime DLLs VS2008 SP1(x86) SAP AG 09.11.2011 7,31MB 9.0 nötig
Microsoft Silverlight Microsoft Corporation 17.10.2011 40,3MB 4.0.60831.0 nötig
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 25.11.2009 0,25MB 8.0.50727.4053 nötig
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 21.06.2011 0,29MB 8.0.61001 nötig
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 20.10.2010 0,19MB 9.0.30729.4148 nötig
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 06.06.2011 0,58MB 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 17.10.2010 0,58MB 9.0.30729 nötig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 21.06.2011 0,58MB 9.0.30729.6161 nötig
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 22.11.2011 11,1MB 10.0.40219 nötig
Microsoft Works Microsoft Corporation 16.12.2010 378MB 9.7.0621 nötig
Mozilla Firefox 8.0 (x86 de) Mozilla 22.11.2011 36,5MB 8.0 nötig
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 09.09.2009 1,28MB 4.20.9870.0 unbekannt
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 02.12.2009 1,34MB 4.20.9876.0 unbekannt
MSXML4.0 redistributable SAP 09.11.2011 48,00KB 4.0.0.0 unbekannt
Music Transfer Sony Corporation 21.05.2009 82,7MB 1.3.01.13160 unnötig
Norton Online Backup aktivieren Symantec 21.05.2009 1,66MB 1.0.2046 unnötig
OpenMG Secure Module 5.3.00 Sony Corporation 21.05.2009 5.3.00.13080 unbekannt
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 04.03.2009 9,77MB 6.0.1.5759 nötig
Roxio Easy Media Creator 10 LJ Roxio 07.09.2009 5,25MB 10.1 unnötig
SAP GUI for Windows 7.20 SAP 09.11.2011 202MB 7.20 Compilation 1 unnötig
Setting Utility Series Sony Corporation 21.05.2009 11,6MB 4.3.0.14120 unbekannt
Skype Toolbars Skype Technologies S.A. 19.04.2011 7,10MB 5.0.4137 unnötig
Skype™ 5.1 Skype Technologies S.A. 19.04.2011 22,7MB 5.1.112 unnötig
Software Info for Me&My VAIO Sony Corporation 21.05.2009 0,31MB 1.0.0.14020 unbekannt
Sony Home Network Library Sony Corporation 21.05.2009 31,0MB 1.4.0.13200 unbekannt
Sony Picture Utility Sony Corporation 21.05.2009 385MB 4.2.12.14260 unbekannt
Sony Video Shared Library Sony Corporation 21.05.2009 5,28MB 3.5.00 unbekannt
Switcher 2.0.0 Bao Nguyen 13.10.2010 0,40MB 2.0.0 unnötig
Synaptics Pointing Device Driver Synaptics 04.03.2009 12,9MB 9.1.13.0 nötig
T-Mobile Internet Manager Huawei Technologies Co.,Ltd 16.11.2011 40,3MB 11.301.05.01.108 unnötig
Unterstützung für VAIO-Präsentation Sony Corporation 21.05.2009 3,54MB 1.2.0.12240 unbekannt
VAIO Content Folder Setting Sony Corporation 21.05.2009 7,63MB 2.3.0.12220 unbekannt
VAIO Content Folder Watcher Sony Corporation 21.05.2009 21,3MB 1.1.0.13140 unbekannt
VAIO Content Metadata Intelligent Analyzing Manager Sony Corporation 21.05.2009 27,0MB 3.4.0.13192 unbekannt
VAIO Content Metadata Manager Setting Sony Corporation 21.05.2009 3,20MB 3.4.0.13160 unbekannt
VAIO Content Metadata XML Interface Library Sony Corporation 21.05.2009 2,56MB 3.4.0.13160 unbekannt
VAIO Control Center Sony Corporation 21.05.2009 4,68MB 3.3.0.12240 unbekannt
VAIO Data Restore Tool Sony Corporation 21.05.2009 9,15MB 1.1.00.13080 unbekannt
VAIO DVD Menu Data Basic Sony Corporation 21.05.2009 543MB 1.0.00.08130 unbekannt
VAIO Energie Verwaltung Sony Corporation 04.03.2009 6,53MB 3.3.0.12190 unbekannt
VAIO Entertainment Platform Sony Corporation 21.05.2009 4,82MB 3.4.0.13210 unbekannt
VAIO Event Service Sony Corporation 21.05.2009 7,30MB 4.3.0.13190 unbekannt
VAIO Launcher Sony Corporation 21.05.2009 6,89MB 2.3.0.12260 unbekannt
VAIO Marketing Tools Sony Corporation 07.09.2009 0,63MB unbekannt
VAIO Media plus Sony Corporation 21.05.2009 34,0MB 1.4.0.13200 unbekannt
VAIO Media plus Opening Movie Sony Corporation 21.05.2009 21,1MB 1.2.0.09100 unbekannt
VAIO Movie Story Sony Corporation 21.05.2009 57,7MB 1.4.00.13080 unbekannt
VAIO Movie Story Template Data Sony Corporation 21.05.2009 402MB 1.4.00.13080 unbekannt
VAIO MusicBox Sony Corporation 21.05.2009 65,3MB 2.2.0.13091 unbekannt
VAIO MusicBox Sample Music Sony Corporation 21.05.2009 90,2MB 1.1.00.14140 unbekannt
VAIO Original Function Setting Sony Corporation 21.05.2009 11,2MB 1.5.01.10310 unbekannt
VAIO Smart Network Sony Corporation 21.05.2009 24,5MB 2.3.0.12210 unbekannt
VAIO Update Sony Corporation 23.11.2011 17,3MB 5.1.1.04090 unbekannt
VAIO Wallpaper Contents Sony Corporation 21.05.2009 134,0MB 1.3.0.10310 unbekannt
vcredist_x86 SAP 09.11.2011 4,16MB 1.0.0 unnötig
Visual Studio 2005 Tools for Office Second Edition Runtime Microsoft Corporation 26.01.2010 6,84MB nötig
VLC media player 1.0.3 VideoLAN Team 08.01.2010 73,1MB 1.0.3 nötig
Winamp Nullsoft, Inc 22.09.2011 40,4MB 5.621 unnötig
Winamp Erkennungs-Plug-in Nullsoft, Inc 22.09.2011 0,15MB 1.0.0.1 unnötig
Windows Live Anmelde-Assistent Microsoft Corporation 23.11.2009 1,93MB 5.000.818.5 nötig
Windows Live Essentials Microsoft Corporation 23.11.2009 44,0MB 14.0.8089.0726 nötig
Windows Live-Uploadtool Microsoft Corporation 21.05.2009 0,22MB 14.0.8014.1029 nötig
WinDVD for VAIO InterVideo Inc. 21.05.2009 112,8MB 8.0-B9.726 unnötig
WinRAR 4.01 (32-Bit) win.rar GmbH 23.11.2011 4,03MB 4.01.0 nötig

markusg 25.11.2011 12:15
Adobe Flash Player
beide deinstalieren, neueste version von hier hohlen:
Adobe - Andere Version des Adobe Flash Player installieren
Adobe Reader 9.0.1 neueste version ohne mcafee security scan instalieren:
Adobe - Adobe Reader herunterladen - Alle Versionen

deinstaliere:
ArcSoft beide
CD-LabelPrint
Click to Disc beide
Fotobuch
Free Audio CD Burner
Free YouTube
gDoc
Google Desktop
Google Toolbar
ICQ beide
Java(TM) 6 Update 11
downloade java jre7
Java SE Downloads

deinstaliere:
MeMy VAIO
Mein CEWE
Microsoft Silverlight falls sie selber das nicht nutzt kann es weg
Music Transfer
Norton Online Backup
Roxio Easy Media Creator
SAP GUI
Skype beide
Software Info
Sony Picture
Sony Video Shared
Switcher
T-Mobile
Unterstützung für VAIO-Präsentation
VAIO Content Folder Setting
VAIO Content Folder Watcher
VAIO Content Metadata Intelligent
VAIO Content Metadata Manager Setting
VAIO Content Metadata XML Interface
VAIO DVD Menu
VAIO Energie Verwaltung
VAIO Entertainment
VAIO Event Service
VAIO Launcher
VAIO Marketing
VAIO Media plus
VAIO Media plus Opening
VAIO Movie Story
VAIO Movie Story Template
VAIO MusicBox
VAIO MusicBox Sample
VAIO Wallpaper
vcredist_x86
Winamp beide
WinDVD

bereinige mit dem ccleaner.
starte mal neu und gucke ob sich an der geschwindigkeit was gebessert hatt.

Hoschi2k 25.11.2011 19:53
So alles soweit erledigt, aber ich glauber der Rechner indexiert die Platte gerade.
Über 4 Min zum hochfahren
Searchindexer
SearchProtocolHost
SearchFilterHost
Nehmen gerade ziemlich viel Speicher.
Ich denke ich lass den jetzt erst mal in ruhe rödeln.

markusg 25.11.2011 19:55
alles klar. danach einfach noch mal neustarten und gucken wies läuft

Hoschi2k 26.11.2011 09:34
So an sich ist er jetzt normal von der Geschwindigkeit (1,5 min zum hochfahren). Wenn das normal ist ham wirs anscheinend geschaft, oder besser gesagt DU :-)

Gruss
Der Oliver

markusg 26.11.2011 12:14
benötigt der firefox noch so lange?
noch abschließend:
lade hitmanpro,
http://dl.surfright.nl/HitmanPro36beta.exe
http://dl.surfright.nl/HitmanPro36beta_x64.exe
der erste link ist die 32 bit version, der zweite die 64 bit version.
bitte aktiviere die test lizenz, scanne, funde in quarantäne, log posten.

Hoschi2k 26.11.2011 12:51
So der Fox arbeitet normal.Leider finde ich den Log vom Hitman finde ich leider nicht
obwohl ich ihn gespeichert hab, war aber auch nichts drin. Aber Avira hat TR/Sirefef.CA.4 gefunden wärend der
Autosuche.

markusg 26.11.2011 15:45
zeig mir das avira log bitte.
hitmanpro hat nichts gefunden?
hast du die testlizenz aktiviert? falls nein mach das mal und scanne erneut


Alle Zeitangaben in WEZ +1. Es ist jetzt 03:02 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131